Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3900: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3902: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3903: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3904: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
Robak-sal.xls.exe • programosy.pl

  • Ogłoszenie:

Robak-sal.xls.exe

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.

Robak-sal.xls.exe

Postprzez kilkujadek 17 Kwi 2011, 13:39

reklama
Witam . Pokiełbasiło mi się wszystko: pulpit włącza się jakiś inny niż mam , dyski nie chcą się otwierać normalnie tylko przez "otwórz za pomocą...."
Avast wykrył robaka i nie może sobie z nim dać rady:
Image
scaner online jakoś sobie chyba z nim poradził ale lepiej dmuchać za zimne:
Image

Z Gmerem jest jakiś problem; Za 1 razem zawiesił się komp (nie mam programów emulujących i sptd.sys) potem on sam się wiesza i chyba nie pełny log wychodzi

Image

Kod: Zaznacz wszystko
GMER 1.0.15.15570 - http://www.gmer.net
Rootkit scan 2011-04-17 13:21:43
Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Scsi\nvidesm1Port0Path0Target0Lun0 SAMSUNG_ rev.TL10
Running: 8m5wvo0p.exe; Driver: C:\DOCUME~1\User\USTAWI~1\Temp\pgliqpoc.sys


---- Kernel code sections - GMER 1.0.15 ----

init            C:\WINDOWS\system32\drivers\ALCXSENS.SYS                                                                            entry point in "init" section [0xF8236510]

---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[296] USER32.dll!TrackPopupMenu                                7E3B526E 5 Bytes  JMP 10402024 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe[1944] USER32.dll!DefWindowProcA + 11A     7E36D5F0 7 Bytes  JMP 0051BF70 C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\NewUI.dll (New UI/Avanquest Software)
.text           C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe[1944] USER32.dll!SetWindowRgn + 2C0       7E37057D 7 Bytes  JMP 0051BE30 C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\NewUI.dll (New UI/Avanquest Software)
.text           C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe[1944] USER32.dll!SetClipboardData + 19D   7E38112B 7 Bytes  JMP 0051BF50 C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\NewUI.dll (New UI/Avanquest Software)
.text           C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe[1944] USER32.dll!MessageBoxA + 49         7E3A074B 7 Bytes  JMP 0051C040 C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\NewUI.dll (New UI/Avanquest Software)
.text           C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe[1944] USER32.dll!MessageBoxExW + 1F       7E3A076F 7 Bytes  JMP 0051C090 C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\NewUI.dll (New UI/Avanquest Software)
.text           C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe[1944] USER32.dll!MessageBoxTimeoutA + CA  7E3B6420 7 Bytes  JMP 0051BFC0 C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\NewUI.dll (New UI/Avanquest Software)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3180] ntdll.dll!LdrLoadDll                                             7C9163A3 5 Bytes  JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                              aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice  \Driver\Tcpip \Device\Ip                                                                                            aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                           aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice  \Driver\Tcpip \Device\Udp                                                                                           aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                                         aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice  \FileSystem\Fastfat \Fat                                                                                            aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

---- EOF - GMER 1.0.15 ----



OTL

Kod: Zaznacz wszystko
OTL logfile created on: 2011-04-17 13:31:09 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Documents and Settings\User\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 177,00 Mb Available Physical Memory | 35,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,85 Gb Total Space | 11,11 Gb Free Space | 55,96% Space Free | Partition Type: FAT32
Drive D: | 74,49 Gb Total Space | 26,00 Gb Free Space | 34,91% Space Free | Partition Type: FAT32
Drive E: | 29,29 Gb Total Space | 2,39 Gb Free Space | 8,17% Space Free | Partition Type: NTFS
Drive F: | 29,49 Gb Total Space | 9,71 Gb Free Space | 32,93% Space Free | Partition Type: NTFS
Drive G: | 33,16 Gb Total Space | 9,89 Gb Free Space | 29,82% Space Free | Partition Type: NTFS

Computer Name: KOMPUTER | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-04-16 10:45:56 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exe
PRC - [2011-03-27 16:17:00 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\algssl.exe
PRC - [2011-03-23 20:23:50 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-12-08 07:51:50 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
PRC - [2008-06-27 03:36:58 | 001,424,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-05-22 10:14:54 | 000,405,504 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
PRC - [2007-04-30 02:00:00 | 000,032,768 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0420Mon.exe
PRC - [2006-09-25 17:42:08 | 000,108,160 | ---- | M] () -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2006-09-25 17:42:02 | 000,108,160 | ---- | M] () -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2006-09-25 17:41:44 | 000,251,520 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2006-09-25 17:41:34 | 000,370,304 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2006-09-25 17:32:08 | 000,059,008 | ---- | M] () -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2003-10-08 10:41:10 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011-04-16 10:45:56 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exe
MOD - [2008-06-16 01:28:36 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] --  -- (HidServ)
SRV - File not found [On_Demand | Stopped] --  -- (ALG)
SRV - [2006-09-25 17:42:02 | 000,108,160 | ---- | M] () [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2006-09-25 17:41:44 | 000,251,520 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2006-09-25 17:41:34 | 000,370,304 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2006-09-25 17:32:08 | 000,059,008 | ---- | M] () [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-11-19 14:06:48 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM)
DRV - [2009-11-19 14:06:48 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS)
DRV - [2009-11-19 14:06:46 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM)
DRV - [2009-11-19 14:06:46 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM)
DRV - [2009-11-19 14:06:46 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2008-06-16 01:28:36 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2008-04-13 22:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007-05-31 02:32:34 | 000,099,648 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0420Vid.sys -- (V0420VID) Live! Cam Vista IM (VF0420)
DRV - [2006-09-25 17:40:42 | 000,087,424 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2006-09-25 17:39:26 | 000,016,352 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2006-09-25 17:39:02 | 000,036,176 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2006-09-25 17:37:50 | 000,024,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2005-01-06 16:55:38 | 000,009,446 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\WinFast\WFTVFM\WFIOCTL.sys -- (WFIOCTL)
DRV - [2004-12-22 05:34:56 | 000,075,925 | R--- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wf2kvcap.sys -- (BT848)
DRV - [2004-12-22 05:34:56 | 000,036,423 | R--- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wf2ktunr.sys -- (tv2ktunr)
DRV - [2004-12-22 05:34:56 | 000,010,005 | R--- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wf2kXbar.sys -- (Tv2kXbar)
DRV - [2004-04-21 16:11:06 | 000,729,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003-10-09 11:52:08 | 000,475,788 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2003-10-04 05:25:26 | 000,391,552 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2002-11-27 12:52:00 | 000,080,896 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2002-11-13 08:10:00 | 000,020,224 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvidesm.sys -- (nvidesm)
DRV - [2002-09-06 04:24:00 | 000,013,568 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2001-08-17 20:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "Allegro"
FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.25

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-03-09 18:15:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-09 18:15:38 | 000,000,000 | ---D | M]

[2011-03-09 18:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Extensions
[2011-03-09 18:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\dbbhs6hx.default\extensions
[2011-03-09 20:51:00 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\dbbhs6hx.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2011-03-09 18:15:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-08-24 10:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2011-03-13 13:43:44 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2011-03-13 13:43:44 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2011-03-13 13:43:44 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2011-03-13 13:43:44 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2011-03-13 13:43:44 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2011-03-13 13:43:44 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2008-06-16 01:28:36 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe ()
O4 - HKLM..\Run: [C:\WINDOWS\system32\V0420Cvw.dll] C:\WINDOWS\system32\V0420CVW.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [IMJPMIG8.2]  File not found
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [V0420Mon.exe] C:\WINDOWS\V0420Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001..\Run: [MsServer]  File not found
O4 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2]  File not found
O4 - HKLM..\RunOnceEx: [Flag] Reg Error: Invalid data type. File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.50 212.76.34.49
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O24 - Desktop Components:0 (Bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-03-09 17:54:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2011-04-17 09:41:58 | 000,000,130 | -HS- | M] () - C:\AUTORUN.INF -- [ FAT32 ]
O32 - AutoRun File - [2011-04-17 09:18:20 | 000,000,130 | -HS- | M] () - D:\AUTORUN.INF -- [ FAT32 ]
O32 - AutoRun File - [2011-04-17 09:58:37 | 000,000,130 | -HS- | M] () - E:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2011-04-17 09:18:30 | 000,000,130 | -HS- | M] () - F:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2011-04-17 09:25:24 | 000,000,130 | -HS- | M] () - G:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{04609d92-4a73-11e0-9ddf-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{04609d92-4a73-11e0-9ddf-806d6172696f}\Shell\AutoRun\command - "" = I:\AUTORUN\AUTORUN.EXE
O33 - MountPoints2\{7a31afd2-5086-11e0-ae85-00046161733e}\Shell - "" = AutoRun
O33 - MountPoints2\{7a31afd2-5086-11e0-ae85-00046161733e}\Shell\AutoRun\command - "" = J:\Startme.exe
O33 - MountPoints2\{83bd3e48-4a70-11e0-ae7a-00046161733e}\Shell\Auto\command - "" = J:\sal.xls.exe
O33 - MountPoints2\{83bd3e48-4a70-11e0-ae7a-00046161733e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sal.xls.exe
O33 - MountPoints2\{ca2f2bb0-4b2f-11e0-ae7d-00046161733e}\Shell\Auto\command - "" = J:\sal.xls.exe
O33 - MountPoints2\{ca2f2bb0-4b2f-11e0-ae7d-00046161733e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sal.xls.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-04-17 10:13:50 | 000,607,288 | ---- | C] (Duplex Secure Ltd.) -- C:\Documents and Settings\User\Pulpit\SPTDinst-v178-x86.exe
[2011-04-17 09:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2011-04-16 10:45:54 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exe
[2011-04-16 10:14:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\My portable Apps
[2011-04-16 09:49:02 | 000,000,000 | -HSD | C] -- C:\FOUND.000
[2011-04-15 21:15:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\User\Recent
[2011-04-14 19:42:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\Panna Marple Tajemnica Bladego Konia (2010) [PDTV.RMVB-rafal900000] [lektor pl]
[2011-04-12 19:35:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\Projekt o Kazimierzu Wielkim
[2011-04-04 17:19:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight
[2011-04-04 17:19:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011-04-04 17:19:28 | 006,277,496 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\User\Pulpit\Silverlight.exe
[2011-04-01 13:09:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Moje dokumenty\My Skype Content
[2011-04-01 10:52:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype
[2011-04-01 10:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Skype
[2011-04-01 10:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Moje dokumenty\My Skype Pictures
[2011-04-01 10:52:26 | 000,000,000 | ---D | C] -- C:\Program Files\Skype
[2011-04-01 10:50:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2011-03-20 15:06:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\chomiki
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-04-17 13:34:12 | 002,359,296 | -H-- | M] () -- C:\Documents and Settings\User\NTUSER.DAT
[2011-04-17 13:25:36 | 000,089,000 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\robak2.JPG
[2011-04-17 10:13:50 | 000,607,288 | ---- | M] (Duplex Secure Ltd.) -- C:\Documents and Settings\User\Pulpit\SPTDinst-v178-x86.exe
[2011-04-17 10:09:44 | 000,022,841 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\robak1.JPG
[2011-04-17 09:41:58 | 000,000,130 | -HS- | M] () -- C:\AUTORUN.INF
[2011-04-17 09:18:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011-04-17 09:17:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-04-16 10:45:56 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exe
[2011-04-16 10:44:02 | 000,301,568 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\8m5wvo0p.exe
[2011-04-16 10:42:56 | 000,038,276 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\robak.JPG
[2011-04-16 10:25:08 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-04-16 09:47:08 | 000,002,184 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-04-15 21:15:36 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\User\ntuser.ini
[2011-04-13 11:39:36 | 000,000,651 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Dziobas Player0.001.lnk
[2011-04-12 19:36:26 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Word.lnk
[2011-04-11 20:01:56 | 734,442,376 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\MARPLE_10 - Nemezis.avi
[2011-04-06 19:20:34 | 000,284,551 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie0239_zmniejszacz-pl_386079.jpg
[2011-04-05 18:29:58 | 000,498,334 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1287.jpg
[2011-04-05 18:28:40 | 000,436,917 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1285.jpg
[2011-04-04 17:19:40 | 006,277,496 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\User\Pulpit\Silverlight.exe
[2011-04-02 12:17:24 | 000,380,171 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1280.jpg
[2011-04-01 20:09:24 | 184,041,472 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\PWS.e64-TRODAT.avi
[2011-04-01 10:52:30 | 000,000,634 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2011-03-27 18:48:00 | 000,009,999 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\button Kajtka.JPG
[2011-03-27 16:17:00 | 000,049,152 | ---- | M] () -- C:\WINDOWS\System32\algssl.exe
[2011-03-27 10:04:56 | 000,267,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-03-26 20:08:06 | 005,853,024 | -H-- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-03-23 19:29:22 | 016,032,070 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\102 pytania SEP 1kV - Tadeusz Uczciwek.pdf.pdf
[2011-03-23 19:22:50 | 015,046,037 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Egzamin Kwalifikacyjny - Elektryka W Pytaniach I Odpowiedziach.pdf
[2011-03-22 13:37:52 | 000,590,371 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\c9d603490942b093d6bf856f1a78031f.jpg
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-04-17 13:25:34 | 000,089,000 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\robak2.JPG
[2011-04-17 10:09:40 | 000,022,841 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\robak1.JPG
[2011-04-16 10:44:03 | 000,301,568 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\8m5wvo0p.exe
[2011-04-16 10:42:54 | 000,038,276 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\robak.JPG
[2011-04-13 11:39:34 | 000,000,651 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Dziobas Player0.001.lnk
[2011-04-11 19:30:00 | 734,442,376 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\MARPLE_10 - Nemezis.avi
[2011-04-06 19:20:33 | 000,284,551 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie0239_zmniejszacz-pl_386079.jpg
[2011-04-06 19:09:42 | 000,436,917 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1285.jpg
[2011-04-06 19:09:36 | 000,498,334 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1287.jpg
[2011-04-05 19:02:00 | 000,543,955 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie0351.jpg
[2011-04-05 19:01:34 | 000,326,473 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie0812.jpg
[2011-04-05 19:00:37 | 000,380,171 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1280.jpg
[2011-04-01 19:49:30 | 184,041,472 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\PWS.e64-TRODAT.avi
[2011-04-01 10:52:28 | 000,000,634 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2011-03-27 18:47:59 | 000,009,999 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\button Kajtka.JPG
[2011-03-27 16:17:04 | 000,000,130 | -HS- | C] () -- C:\AUTORUN.INF
[2011-03-27 16:16:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\algssl.exe
[2011-03-23 19:28:41 | 016,032,070 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\102 pytania SEP 1kV - Tadeusz Uczciwek.pdf.pdf
[2011-03-23 19:22:13 | 015,046,037 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Egzamin Kwalifikacyjny - Elektryka W Pytaniach I Odpowiedziach.pdf
[2011-03-22 13:37:56 | 000,590,371 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\c9d603490942b093d6bf856f1a78031f.jpg
[2011-03-17 10:30:05 | 000,000,670 | R--- | C] () -- C:\WINDOWS\CtDrvIns.exe.manifest
[2011-03-12 17:23:38 | 000,065,368 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2011-03-09 19:07:22 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-03-09 18:20:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011-03-09 18:16:31 | 000,666,240 | ---- | C] () -- C:\WINDOWS\System32\aswBoot.exe
[2011-03-09 18:06:41 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011-03-09 18:05:50 | 005,853,024 | -H-- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-03-09 18:05:29 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\drivers\jedih2rx.bin
[2011-03-09 18:05:29 | 000,000,122 | R--- | C] () -- C:\WINDOWS\System32\drivers\ramsed.bin
[2011-03-09 18:03:32 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2011-03-09 17:55:37 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-03-09 17:54:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2011-03-09 17:53:46 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2011-03-09 17:53:43 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2011-03-09 17:52:15 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011-03-09 17:52:03 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2011-03-09 17:52:03 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2011-03-09 17:51:16 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2011-03-09 17:51:15 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2011-03-09 17:46:38 | 000,756,194 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011-03-09 17:46:37 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-03-09 17:45:34 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008-07-03 21:54:20 | 000,000,818 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008-06-16 01:28:36 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008-06-16 01:28:36 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2008-06-16 01:28:36 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2008-06-16 01:28:36 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008-06-16 01:28:36 | 000,407,552 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll
[2008-06-16 01:28:36 | 000,356,118 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2008-06-16 01:28:36 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2008-06-16 01:28:36 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2008-06-16 01:28:36 | 000,311,998 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008-06-16 01:28:36 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008-06-16 01:28:36 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2008-06-16 01:28:36 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008-06-16 01:28:36 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2008-06-16 01:28:36 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2008-06-16 01:28:36 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2008-06-16 01:28:36 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2008-06-16 01:28:36 | 000,070,622 | ---- | C] () -- C:\WINDOWS\System32\edit.com
[2008-06-16 01:28:36 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2008-06-16 01:28:36 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2008-06-16 01:28:36 | 000,051,823 | ---- | C] () -- C:\WINDOWS\System32\command.com
[2008-06-16 01:28:36 | 000,049,154 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2008-06-16 01:28:36 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008-06-16 01:28:36 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2008-06-16 01:28:36 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2008-06-16 01:28:36 | 000,039,566 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008-06-16 01:28:36 | 000,039,434 | ---- | C] () -- C:\WINDOWS\System32\mem.exe
[2008-06-16 01:28:36 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2008-06-16 01:28:36 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2008-06-16 01:28:36 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2008-06-16 01:28:36 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2008-06-16 01:28:36 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2008-06-16 01:28:36 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2008-06-16 01:28:36 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2008-06-16 01:28:36 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2008-06-16 01:28:36 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2008-06-16 01:28:36 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2008-06-16 01:28:36 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008-06-16 01:28:36 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2008-06-16 01:28:36 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2008-06-16 01:28:36 | 000,020,986 | ---- | C] () -- C:\WINDOWS\System32\debug.exe
[2008-06-16 01:28:36 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2008-06-16 01:28:36 | 000,019,806 | ---- | C] () -- C:\WINDOWS\System32\graphics.com
[2008-06-16 01:28:36 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2008-06-16 01:28:36 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2008-06-16 01:28:36 | 000,014,913 | ---- | C] () -- C:\WINDOWS\System32\kb16.com
[2008-06-16 01:28:36 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2008-06-16 01:28:36 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2008-06-16 01:28:36 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2008-06-16 01:28:36 | 000,012,866 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe
[2008-06-16 01:28:36 | 000,012,594 | ---- | C] () -- C:\WINDOWS\System32\append.exe
[2008-06-16 01:28:36 | 000,011,859 | ---- | C] () -- C:\WINDOWS\System32\setver.exe
[2008-06-16 01:28:36 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2008-06-16 01:28:36 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2008-06-16 01:28:36 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe
[2008-06-16 01:28:36 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe
[2008-06-16 01:28:36 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2008-06-16 01:28:36 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2008-06-16 01:28:36 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008-06-16 01:28:36 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008-06-16 01:28:36 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2008-06-16 01:28:36 | 000,003,260 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe
[2008-06-16 01:28:36 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2008-06-16 01:28:36 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008-06-16 01:28:36 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2008-06-16 01:28:36 | 000,001,168 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com
[2008-06-16 01:28:36 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe
[2008-06-16 01:28:36 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe
[2008-06-16 01:28:36 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe
[2008-06-16 01:28:36 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe
[2008-06-16 01:28:36 | 000,000,582 | ---- | C] () -- C:\WINDOWS\win.ini
[2008-06-16 01:28:36 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2008-06-16 01:28:36 | 000,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2004-04-21 15:58:26 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004-04-21 15:56:04 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2001-10-26 15:29:54 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe
[2001-10-26 15:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll

[color=#E56717]========== LOP Check ==========[/color]

[2011-03-17 10:07:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2011-03-17 10:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
[2011-03-09 20:50:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\BitComet
[2011-03-12 17:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\ChomikBox

[color=#E56717]========== Purity Check ==========[/color]



< End of report >


Kod: Zaznacz wszystko
OTL Extras logfile created on: 2011-04-17 13:31:09 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Documents and Settings\User\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 177,00 Mb Available Physical Memory | 35,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,85 Gb Total Space | 11,11 Gb Free Space | 55,96% Space Free | Partition Type: FAT32
Drive D: | 74,49 Gb Total Space | 26,00 Gb Free Space | 34,91% Space Free | Partition Type: FAT32
Drive E: | 29,29 Gb Total Space | 2,39 Gb Free Space | 8,17% Space Free | Partition Type: NTFS
Drive F: | 29,49 Gb Total Space | 9,71 Gb Free Space | 32,93% Space Free | Partition Type: NTFS
Drive G: | 33,16 Gb Total Space | 9,89 Gb Free Space | 29,82% Space Free | Partition Type: NTFS

Computer Name: KOMPUTER | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- Reg Error: Key error.
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"11253:TCP" = 11253:TCP:*:Enabled:BitComet 11253 TCP
"11253:UDP" = 11253:UDP:*:Enabled:BitComet 11253 UDP
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- (www.BitComet.com)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HydraVision
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{934519A2-4D50-4B83-A459-92D90E9E3188}" = WinFast PVR
"{AC76BA86-7AD7-1033-7B44-A70500000002}" = Adobe Reader 7.0.5
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.60.13
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"BitComet" = BitComet 1.26
"ChomikBox" = ChomikBox
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-01-24
"Creative Live! Cam Center" = Creative Live! Cam Center
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative VF0420" = Creative Live! Cam Vista IM Driver (1.00.03.0000)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"IrfanView" = IrfanView (remove only)
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAnForce" = NVIDIA Windows 2000/XP nForce Drivers
"SkanerOnline" = Skaner on-line mks_vir
"Skype_is1" = Skype 2.5
"SysInfo" = Creative System Information
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-04-16 03:49:16 | Computer Name = KOMPUTER | Source = Userenv | ID = 1515
Description = System Windows wykonał kopię zapasową profilu tego użytkownika. System
Windows automatycznie spróbuje użyć profilu z kopii zapasowej przy następnym logowaniu
tego użytkownika.

Error - 2011-04-16 03:49:17 | Computer Name = KOMPUTER | Source = Userenv | ID = 1511
Description = System Windows nie może znaleźć profilu lokalnego i loguje użytkownika
przy użyciu profilu tymczasowego. Zmiany wprowadzone w tym profilu zostaną utracone
po wylogowaniu.

Error - 2011-04-16 04:52:06 | Computer Name = KOMPUTER | Source = Userenv | ID = 1508
Description = System Windows nie może załadować rejestru. Najczęstszą tego przyczyną
jest za mało pamięci lub brak wystarczających praw zabezpieczeń.       SZCZEGÓŁY - Proces
nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces.
for C:\Documents and Settings\User\ntuser.dat

Error - 2011-04-16 04:52:13 | Computer Name = KOMPUTER | Source = Userenv | ID = 1502
Description = System Windows nie może załadować profilu przechowywanego lokalnie.
Możliwym powodem tego błędu jest brak wystarczających praw zabezpieczeń lub uszkodzony
profil lokalny. Jeśli ten problem będzie się powtarzać, skontaktuj się z administratorem
sieci.       SZCZEGÓŁY - Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany
przez inny proces.

Error - 2011-04-16 04:52:13 | Computer Name = KOMPUTER | Source = Userenv | ID = 1515
Description = System Windows wykonał kopię zapasową profilu tego użytkownika. System
Windows automatycznie spróbuje użyć profilu z kopii zapasowej przy następnym logowaniu
tego użytkownika.

Error - 2011-04-16 04:52:14 | Computer Name = KOMPUTER | Source = Userenv | ID = 1511
Description = System Windows nie może znaleźć profilu lokalnego i loguje użytkownika
przy użyciu profilu tymczasowego. Zmiany wprowadzone w tym profilu zostaną utracone
po wylogowaniu.

Error - 2011-04-16 05:19:11 | Computer Name = KOMPUTER | Source = Userenv | ID = 1508
Description = System Windows nie może załadować rejestru. Najczęstszą tego przyczyną
jest za mało pamięci lub brak wystarczających praw zabezpieczeń.       SZCZEGÓŁY - Proces
nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces.
for C:\Documents and Settings\User\ntuser.dat

Error - 2011-04-16 05:19:43 | Computer Name = KOMPUTER | Source = Userenv | ID = 1502
Description = System Windows nie może załadować profilu przechowywanego lokalnie.
Możliwym powodem tego błędu jest brak wystarczających praw zabezpieczeń lub uszkodzony
profil lokalny. Jeśli ten problem będzie się powtarzać, skontaktuj się z administratorem
sieci.       SZCZEGÓŁY - Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany
przez inny proces.

Error - 2011-04-16 05:19:43 | Computer Name = KOMPUTER | Source = Userenv | ID = 1515
Description = System Windows wykonał kopię zapasową profilu tego użytkownika. System
Windows automatycznie spróbuje użyć profilu z kopii zapasowej przy następnym logowaniu
tego użytkownika.

Error - 2011-04-16 05:20:14 | Computer Name = KOMPUTER | Source = Userenv | ID = 1511
Description = System Windows nie może znaleźć profilu lokalnego i loguje użytkownika
przy użyciu profilu tymczasowego. Zmiany wprowadzone w tym profilu zostaną utracone
po wylogowaniu.

[ System Events ]
Error - 2011-04-13 05:41:15 | Computer Name = KOMPUTER | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2011-04-13 07:23:26 | Computer Name = KOMPUTER | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2011-04-14 01:27:56 | Computer Name = KOMPUTER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu
następującego błędu:   %%2

Error - 2011-04-14 01:59:26 | Computer Name = KOMPUTER | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2011-04-15 02:40:26 | Computer Name = KOMPUTER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu
następującego błędu:   %%2

Error - 2011-04-16 03:50:27 | Computer Name = KOMPUTER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu
następującego błędu:   %%2

Error - 2011-04-16 03:55:59 | Computer Name = KOMPUTER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu
następującego błędu:   %%2

Error - 2011-04-16 04:53:55 | Computer Name = KOMPUTER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu
następującego błędu:   %%2

Error - 2011-04-16 05:21:01 | Computer Name = KOMPUTER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu
następującego błędu:   %%2

Error - 2011-04-17 03:19:45 | Computer Name = KOMPUTER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu
następującego błędu:   %%2


< End of report >
__________
"I am not going to be a star.
I am going to be a legend"
freddie mercury
Awatar użytkownika
kilkujadek
~user
 
Posty: 1733
Dołączenie: 10 Lis 2005, 23:33
Miejscowość: Zielona Góra
Pochwały: 53



Robak-sal.xls.exe

Postprzez wojtas 17 Kwi 2011, 18:25

czy to jakiś modyfikowany system?

:OTL
O4 - HKLM..\Run: [IMJPMIG8.2] File not found
O4 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001..\Run: [MsServer] File not found
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found
O4 - HKLM..\RunOnceEx: [Flag] Reg Error: Invalid data type. File not found
O32 - AutoRun File - [2011-04-17 09:41:58 | 000,000,130 | -HS- | M] () - C:\AUTORUN.INF -- [ FAT32 ]
O32 - AutoRun File - [2011-04-17 09:18:20 | 000,000,130 | -HS- | M] () - D:\AUTORUN.INF -- [ FAT32 ]
O32 - AutoRun File - [2011-04-17 09:58:37 | 000,000,130 | -HS- | M] () - E:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2011-04-17 09:18:30 | 000,000,130 | -HS- | M] () - F:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2011-04-17 09:25:24 | 000,000,130 | -HS- | M] () - G:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{04609d92-4a73-11e0-9ddf-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{04609d92-4a73-11e0-9ddf-806d6172696f}\Shell\AutoRun\command - "" = I:\AUTORUN\AUTORUN.EXE
O33 - MountPoints2\{7a31afd2-5086-11e0-ae85-00046161733e}\Shell - "" = AutoRun
O33 - MountPoints2\{7a31afd2-5086-11e0-ae85-00046161733e}\Shell\AutoRun\command - "" = J:\Startme.exe
O33 - MountPoints2\{83bd3e48-4a70-11e0-ae7a-00046161733e}\Shell\Auto\command - "" = J:\sal.xls.exe
O33 - MountPoints2\{83bd3e48-4a70-11e0-ae7a-00046161733e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sal.xls.exe
O33 - MountPoints2\{ca2f2bb0-4b2f-11e0-ae7d-00046161733e}\Shell\Auto\command - "" = J:\sal.xls.exe
O33 - MountPoints2\{ca2f2bb0-4b2f-11e0-ae7d-00046161733e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sal.xls.exe

:Files
C:\WINDOWS\system32\algssl.exe
AUTORUN.INF /alldrives
sal.xls.exe /alldrives

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""

:Commands
[emptytemp]
[emptyflash]



Kliknij wykonaj skrypt. I potwierdź reset komputera .

Następnie uruchamiasz OTL z opcją skanuj. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia (zawartość notatnika, która otworzy się po restarcie). Przy podpiętym urządzeniu przenośnym (pendrive, telefon - to co jest podłączane do komputera) , uruchom USBFIX z opcji Listing i pokaż raport na forum.
Image
Awatar użytkownika
wojtas
*mod
 
Posty: 18165
Dołączenie: 13 Sty 2006, 16:00
Miejscowość: Krzeszyce
Pochwały: 1656



Robak-sal.xls.exe

Postprzez kilkujadek 18 Kwi 2011, 17:27

wojtas napisał(a):czy to jakiś modyfikowany system?


BRAWO ! Windows MX7

Raport:

Kod: Zaznacz wszystko
All processes killed
Error: Unable to interpret <O4 - HKLM..\Run: [IMJPMIG8.2] File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001..\Run: [MsServer] File not found> in the current context!
Error: Unable to interpret <O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\RunOnceEx: [Flag] Reg Error: Invalid data type. File not found> in the current context!
Error: Unable to interpret <O32 - AutoRun File - [2011-04-17 09:41:58 | 000,000,130 | -HS- | M] () - C:\AUTORUN.INF -- [ FAT32 ]> in the current context!
Error: Unable to interpret <O32 - AutoRun File - [2011-04-17 09:18:20 | 000,000,130 | -HS- | M] () - D:\AUTORUN.INF -- [ FAT32 ]> in the current context!
Error: Unable to interpret <O32 - AutoRun File - [2011-04-17 09:58:37 | 000,000,130 | -HS- | M] () - E:\AUTORUN.INF -- [ NTFS ]> in the current context!
Error: Unable to interpret <O32 - AutoRun File - [2011-04-17 09:18:30 | 000,000,130 | -HS- | M] () - F:\AUTORUN.INF -- [ NTFS ]> in the current context!
Error: Unable to interpret <O32 - AutoRun File - [2011-04-17 09:25:24 | 000,000,130 | -HS- | M] () - G:\AUTORUN.INF -- [ NTFS ]> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{04609d92-4a73-11e0-9ddf-806d6172696f}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{04609d92-4a73-11e0-9ddf-806d6172696f}\Shell\AutoRun\command - "" = I:\AUTORUN\AUTORUN.EXE> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{7a31afd2-5086-11e0-ae85-00046161733e}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{7a31afd2-5086-11e0-ae85-00046161733e}\Shell\AutoRun\command - "" = J:\Startme.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{83bd3e48-4a70-11e0-ae7a-00046161733e}\Shell\Auto\command - "" = J:\sal.xls.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{83bd3e48-4a70-11e0-ae7a-00046161733e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sal.xls.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{ca2f2bb0-4b2f-11e0-ae7d-00046161733e}\Shell\Auto\command - "" = J:\sal.xls.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{ca2f2bb0-4b2f-11e0-ae7d-00046161733e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sal.xls.exe> in the current context!
========== FILES ==========
C:\WINDOWS\system32\algssl.exe moved successfully.
C:\AUTORUN.INF moved successfully.
D:\AUTORUN.INF moved successfully.
E:\AUTORUN.INF moved successfully.
F:\AUTORUN.INF moved successfully.
G:\AUTORUN.INF moved successfully.
C:\sal.xls.exe moved successfully.
D:\sal.xls.exe moved successfully.
E:\sal.xls.exe moved successfully.
F:\sal.xls.exe moved successfully.
G:\sal.xls.exe moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"SuperHidden"|dword:00000001 /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"Hidden"|dword:00000001 /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"ShowSuperHidden"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\\"CheckedValue"|dword:00000001 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\\@|"" /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: User
->Temp folder emptied: 71990180 bytes
->Temporary Internet Files folder emptied: 6911101 bytes
->FireFox cache emptied: 52827842 bytes
->Flash cache emptied: 8464 bytes

User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2352022 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 20123522 bytes
RecycleBin emptied: 1248352965 bytes

Total Files Cleaned = 1 338,00 mb


[EMPTYFLASH]

User: Default User

User: All Users

User: NetworkService

User: LocalService

User: User
->Flash cache emptied: 0 bytes

User: TEMP

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 04182011_171455

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...



OTL:

Kod: Zaznacz wszystko
OTL logfile created on: 2011-04-18 17:20:22 - Run 3
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Documents and Settings\User\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 193,00 Mb Available Physical Memory | 38,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,85 Gb Total Space | 11,66 Gb Free Space | 58,75% Space Free | Partition Type: FAT32
Drive D: | 74,49 Gb Total Space | 26,69 Gb Free Space | 35,83% Space Free | Partition Type: FAT32
Drive E: | 29,29 Gb Total Space | 2,39 Gb Free Space | 8,17% Space Free | Partition Type: NTFS
Drive F: | 29,49 Gb Total Space | 9,71 Gb Free Space | 32,93% Space Free | Partition Type: NTFS
Drive G: | 33,16 Gb Total Space | 9,89 Gb Free Space | 29,82% Space Free | Partition Type: NTFS

Computer Name: KOMPUTER | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-04-16 10:45:56 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exe
PRC - [2011-03-23 20:23:50 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-12-08 07:51:50 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
PRC - [2008-06-27 03:36:58 | 001,424,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-05-22 10:14:54 | 000,405,504 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
PRC - [2007-04-30 02:00:00 | 000,032,768 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0420Mon.exe
PRC - [2006-09-25 17:42:08 | 000,108,160 | ---- | M] () -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2006-09-25 17:42:02 | 000,108,160 | ---- | M] () -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2006-09-25 17:41:44 | 000,251,520 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2006-09-25 17:41:34 | 000,370,304 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2006-09-25 17:32:08 | 000,059,008 | ---- | M] () -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2005-09-23 22:05:26 | 000,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
PRC - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2003-10-08 10:41:10 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011-04-16 10:45:56 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exe
MOD - [2008-06-16 01:28:36 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] --  -- (HidServ)
SRV - File not found [On_Demand | Stopped] --  -- (ALG)
SRV - [2006-09-25 17:42:02 | 000,108,160 | ---- | M] () [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2006-09-25 17:41:44 | 000,251,520 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2006-09-25 17:41:34 | 000,370,304 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2006-09-25 17:32:08 | 000,059,008 | ---- | M] () [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-11-19 14:06:48 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM)
DRV - [2009-11-19 14:06:48 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS)
DRV - [2009-11-19 14:06:46 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM)
DRV - [2009-11-19 14:06:46 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM)
DRV - [2009-11-19 14:06:46 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2008-06-16 01:28:36 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2008-04-13 22:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007-05-31 02:32:34 | 000,099,648 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0420Vid.sys -- (V0420VID) Live! Cam Vista IM (VF0420)
DRV - [2006-09-25 17:40:42 | 000,087,424 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2006-09-25 17:39:26 | 000,016,352 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2006-09-25 17:39:02 | 000,036,176 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2006-09-25 17:37:50 | 000,024,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2005-01-06 16:55:38 | 000,009,446 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\WinFast\WFTVFM\WFIOCTL.sys -- (WFIOCTL)
DRV - [2004-12-22 05:34:56 | 000,075,925 | R--- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wf2kvcap.sys -- (BT848)
DRV - [2004-12-22 05:34:56 | 000,036,423 | R--- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wf2ktunr.sys -- (tv2ktunr)
DRV - [2004-12-22 05:34:56 | 000,010,005 | R--- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wf2kXbar.sys -- (Tv2kXbar)
DRV - [2004-04-21 16:11:06 | 000,729,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003-10-09 11:52:08 | 000,475,788 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2003-10-04 05:25:26 | 000,391,552 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2002-11-27 12:52:00 | 000,080,896 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2002-11-13 08:10:00 | 000,020,224 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvidesm.sys -- (nvidesm)
DRV - [2002-09-06 04:24:00 | 000,013,568 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2001-08-17 20:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "Allegro"
FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.25

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-03-09 18:15:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-09 18:15:38 | 000,000,000 | ---D | M]

[2011-03-09 18:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Extensions
[2011-03-09 18:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\dbbhs6hx.default\extensions
[2011-03-09 20:51:00 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\dbbhs6hx.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2011-03-09 18:15:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-08-24 10:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2011-03-13 13:43:44 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2011-03-13 13:43:44 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2011-03-13 13:43:44 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2011-03-13 13:43:44 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2011-03-13 13:43:44 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2011-03-13 13:43:44 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2008-06-16 01:28:36 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe ()
O4 - HKLM..\Run: [C:\WINDOWS\system32\V0420Cvw.dll] C:\WINDOWS\system32\V0420CVW.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [IMJPMIG8.2]  File not found
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [V0420Mon.exe] C:\WINDOWS\V0420Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001..\Run: [MsServer]  File not found
O4 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2]  File not found
O4 - HKLM..\RunOnceEx: [Flag] Reg Error: Invalid data type. File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.50 212.76.34.49
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O24 - Desktop Components:0 (Bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-03-09 17:54:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-04-18 17:14:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-04-17 22:49:39 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\User\Recent
[2011-04-17 10:13:50 | 000,607,288 | ---- | C] (Duplex Secure Ltd.) -- C:\Documents and Settings\User\Pulpit\SPTDinst-v178-x86.exe
[2011-04-17 09:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2011-04-16 10:45:54 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exe
[2011-04-16 10:14:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\My portable Apps
[2011-04-16 09:49:02 | 000,000,000 | -HSD | C] -- C:\FOUND.000
[2011-04-14 19:42:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\Panna Marple Tajemnica Bladego Konia (2010) [PDTV.RMVB-rafal900000] [lektor pl]
[2011-04-12 19:35:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\Projekt o Kazimierzu Wielkim
[2011-04-04 17:19:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight
[2011-04-04 17:19:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011-04-04 17:19:28 | 006,277,496 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\User\Pulpit\Silverlight.exe
[2011-04-01 13:09:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Moje dokumenty\My Skype Content
[2011-04-01 10:52:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype
[2011-04-01 10:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Skype
[2011-04-01 10:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Moje dokumenty\My Skype Pictures
[2011-04-01 10:52:26 | 000,000,000 | ---D | C] -- C:\Program Files\Skype
[2011-04-01 10:50:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2011-03-20 15:06:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\chomiki

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-04-18 17:15:58 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011-04-18 17:15:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-04-18 17:15:22 | 002,359,296 | -H-- | M] () -- C:\Documents and Settings\User\NTUSER.DAT
[2011-04-18 17:15:22 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\User\ntuser.ini
[2011-04-18 17:04:18 | 000,002,184 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-04-17 13:25:36 | 000,089,000 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\robak2.JPG
[2011-04-17 10:13:50 | 000,607,288 | ---- | M] (Duplex Secure Ltd.) -- C:\Documents and Settings\User\Pulpit\SPTDinst-v178-x86.exe
[2011-04-17 10:09:44 | 000,022,841 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\robak1.JPG
[2011-04-16 10:45:56 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exe
[2011-04-16 10:44:02 | 000,301,568 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\8m5wvo0p.exe
[2011-04-16 10:42:56 | 000,038,276 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\robak.JPG
[2011-04-16 10:25:08 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-04-13 11:39:36 | 000,000,651 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Dziobas Player0.001.lnk
[2011-04-12 19:36:26 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Word.lnk
[2011-04-11 20:01:56 | 734,442,376 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\MARPLE_10 - Nemezis.avi
[2011-04-06 19:20:34 | 000,284,551 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie0239_zmniejszacz-pl_386079.jpg
[2011-04-05 18:29:58 | 000,498,334 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1287.jpg
[2011-04-05 18:28:40 | 000,436,917 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1285.jpg
[2011-04-04 17:19:40 | 006,277,496 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\User\Pulpit\Silverlight.exe
[2011-04-02 12:17:24 | 000,380,171 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1280.jpg
[2011-04-01 20:09:24 | 184,041,472 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\PWS.e64-TRODAT.avi
[2011-04-01 10:52:30 | 000,000,634 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2011-03-27 18:48:00 | 000,009,999 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\button Kajtka.JPG
[2011-03-27 10:04:56 | 000,267,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-03-26 20:08:06 | 005,853,024 | -H-- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-03-23 19:29:22 | 016,032,070 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\102 pytania SEP 1kV - Tadeusz Uczciwek.pdf.pdf
[2011-03-23 19:22:50 | 015,046,037 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Egzamin Kwalifikacyjny - Elektryka W Pytaniach I Odpowiedziach.pdf
[2011-03-22 13:37:52 | 000,590,371 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\c9d603490942b093d6bf856f1a78031f.jpg

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-04-17 13:25:34 | 000,089,000 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\robak2.JPG
[2011-04-17 10:09:40 | 000,022,841 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\robak1.JPG
[2011-04-16 10:44:03 | 000,301,568 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\8m5wvo0p.exe
[2011-04-16 10:42:54 | 000,038,276 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\robak.JPG
[2011-04-13 11:39:34 | 000,000,651 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Dziobas Player0.001.lnk
[2011-04-11 19:30:00 | 734,442,376 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\MARPLE_10 - Nemezis.avi
[2011-04-06 19:20:33 | 000,284,551 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie0239_zmniejszacz-pl_386079.jpg
[2011-04-06 19:09:42 | 000,436,917 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1285.jpg
[2011-04-06 19:09:36 | 000,498,334 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1287.jpg
[2011-04-05 19:02:00 | 000,543,955 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie0351.jpg
[2011-04-05 19:01:34 | 000,326,473 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie0812.jpg
[2011-04-05 19:00:37 | 000,380,171 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1280.jpg
[2011-04-01 19:49:30 | 184,041,472 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\PWS.e64-TRODAT.avi
[2011-04-01 10:52:28 | 000,000,634 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2011-03-27 18:47:59 | 000,009,999 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\button Kajtka.JPG
[2011-03-23 19:28:41 | 016,032,070 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\102 pytania SEP 1kV - Tadeusz Uczciwek.pdf.pdf
[2011-03-23 19:22:13 | 015,046,037 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Egzamin Kwalifikacyjny - Elektryka W Pytaniach I Odpowiedziach.pdf
[2011-03-22 13:37:56 | 000,590,371 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\c9d603490942b093d6bf856f1a78031f.jpg
[2011-03-17 10:30:05 | 000,000,670 | R--- | C] () -- C:\WINDOWS\CtDrvIns.exe.manifest
[2011-03-12 17:23:38 | 000,065,368 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2011-03-09 19:07:22 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-03-09 18:20:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011-03-09 18:16:31 | 000,666,240 | ---- | C] () -- C:\WINDOWS\System32\aswBoot.exe
[2011-03-09 18:06:41 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011-03-09 18:05:50 | 005,853,024 | -H-- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-03-09 18:05:29 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\drivers\jedih2rx.bin
[2011-03-09 18:05:29 | 000,000,122 | R--- | C] () -- C:\WINDOWS\System32\drivers\ramsed.bin
[2011-03-09 18:03:32 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2011-03-09 17:55:37 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-03-09 17:54:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2011-03-09 17:53:46 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2011-03-09 17:53:43 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2011-03-09 17:52:15 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011-03-09 17:52:03 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2011-03-09 17:52:03 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2011-03-09 17:51:16 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2011-03-09 17:51:15 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2011-03-09 17:46:38 | 000,756,194 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011-03-09 17:46:37 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-03-09 17:45:34 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008-07-03 21:54:20 | 000,000,818 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008-06-16 01:28:36 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008-06-16 01:28:36 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2008-06-16 01:28:36 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2008-06-16 01:28:36 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008-06-16 01:28:36 | 000,407,552 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll
[2008-06-16 01:28:36 | 000,356,118 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2008-06-16 01:28:36 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2008-06-16 01:28:36 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2008-06-16 01:28:36 | 000,311,998 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008-06-16 01:28:36 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008-06-16 01:28:36 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2008-06-16 01:28:36 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008-06-16 01:28:36 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2008-06-16 01:28:36 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2008-06-16 01:28:36 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2008-06-16 01:28:36 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2008-06-16 01:28:36 | 000,070,622 | ---- | C] () -- C:\WINDOWS\System32\edit.com
[2008-06-16 01:28:36 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2008-06-16 01:28:36 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2008-06-16 01:28:36 | 000,051,823 | ---- | C] () -- C:\WINDOWS\System32\command.com
[2008-06-16 01:28:36 | 000,049,154 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2008-06-16 01:28:36 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008-06-16 01:28:36 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2008-06-16 01:28:36 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2008-06-16 01:28:36 | 000,039,566 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008-06-16 01:28:36 | 000,039,434 | ---- | C] () -- C:\WINDOWS\System32\mem.exe
[2008-06-16 01:28:36 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2008-06-16 01:28:36 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2008-06-16 01:28:36 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2008-06-16 01:28:36 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2008-06-16 01:28:36 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2008-06-16 01:28:36 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2008-06-16 01:28:36 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2008-06-16 01:28:36 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2008-06-16 01:28:36 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2008-06-16 01:28:36 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2008-06-16 01:28:36 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008-06-16 01:28:36 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2008-06-16 01:28:36 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2008-06-16 01:28:36 | 000,020,986 | ---- | C] () -- C:\WINDOWS\System32\debug.exe
[2008-06-16 01:28:36 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2008-06-16 01:28:36 | 000,019,806 | ---- | C] () -- C:\WINDOWS\System32\graphics.com
[2008-06-16 01:28:36 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2008-06-16 01:28:36 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2008-06-16 01:28:36 | 000,014,913 | ---- | C] () -- C:\WINDOWS\System32\kb16.com
[2008-06-16 01:28:36 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2008-06-16 01:28:36 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2008-06-16 01:28:36 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2008-06-16 01:28:36 | 000,012,866 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe
[2008-06-16 01:28:36 | 000,012,594 | ---- | C] () -- C:\WINDOWS\System32\append.exe
[2008-06-16 01:28:36 | 000,011,859 | ---- | C] () -- C:\WINDOWS\System32\setver.exe
[2008-06-16 01:28:36 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2008-06-16 01:28:36 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2008-06-16 01:28:36 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe
[2008-06-16 01:28:36 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe
[2008-06-16 01:28:36 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2008-06-16 01:28:36 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2008-06-16 01:28:36 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008-06-16 01:28:36 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008-06-16 01:28:36 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2008-06-16 01:28:36 | 000,003,260 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe
[2008-06-16 01:28:36 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2008-06-16 01:28:36 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008-06-16 01:28:36 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2008-06-16 01:28:36 | 000,001,168 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com
[2008-06-16 01:28:36 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe
[2008-06-16 01:28:36 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe
[2008-06-16 01:28:36 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe
[2008-06-16 01:28:36 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe
[2008-06-16 01:28:36 | 000,000,582 | ---- | C] () -- C:\WINDOWS\win.ini
[2008-06-16 01:28:36 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2008-06-16 01:28:36 | 000,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2004-04-21 15:58:26 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004-04-21 15:56:04 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2001-10-26 15:29:54 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe
[2001-10-26 15:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll

[color=#E56717]========== LOP Check ==========[/color]

[2011-03-17 10:07:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2011-03-17 10:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
[2011-03-09 20:50:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\BitComet
[2011-03-12 17:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\ChomikBox

[color=#E56717]========== Purity Check ==========[/color]



< End of report >



USB:

Kod: Zaznacz wszystko
############################## | UsbFix 7.043 | [Listing]

User: User (Administrator) # KOMPUTER [ ]
Updated 12/04/2011 by TeamXscript
Started at 17:26:16 | 18/04/2011
Website: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com

CPU: AMD Sempron(tm) 2800+
Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 3
Internet Explorer 7.0.5730.11

Windows Firewall: Enabled
RAM -> 511 Mb
C:\ (%systemdrive%) -> Fixed drive # 20 Gb (12 Mb free - 59%) [] # FAT32
D:\ -> Fixed drive # 74 Gb (27 Mb free - 36%) [TWARDZIEL] # FAT32
E:\ -> Fixed drive # 29 Gb (2 Mb free - 8%) [INSTALKI] # NTFS
F:\ -> Fixed drive # 29 Gb (10 Mb free - 33%) [MUZA] # NTFS
G:\ -> Fixed drive # 33 Gb (10 Mb free - 30%) [MAGAZYN] # NTFS
H:\ -> CD-ROM
I:\ -> CD-ROM
J:\ -> Removable drive # 4 Gb (983 Mb free - 26%) [USB DISK] # FAT32

################## | Listing |

[18/04/2011 - 17:15:48 | ASH | 805306368]    C:\PAGEFILE.SYS
[09/03/2011 - 17:39:22 | D ]    C:\WINDOWS
[16/04/2011 - 09:49:02 | SHD ]    C:\FOUND.000
[16/06/2008 - 01:28:36 | RASH | 4952]    C:\Bootfont.bin
[16/06/2008 - 01:28:36 | RASH | 251152]    C:\ntldr
[16/06/2008 - 01:28:36 | RASH | 47564]    C:\NTDETECT.COM
[09/03/2011 - 17:49:18 | SH | 211]    C:\boot.ini
[09/03/2011 - 17:45:36 | D ]    C:\Documents and Settings
[09/03/2011 - 17:53:50 | RD ]    C:\Program Files
[09/03/2011 - 17:54:40 | A | 0]    C:\CONFIG.SYS
[09/03/2011 - 17:54:40 | A | 0]    C:\AUTOEXEC.BAT
[09/03/2011 - 17:54:40 | RASH | 0]    C:\IO.SYS
[09/03/2011 - 17:54:40 | RASH | 0]    C:\MSDOS.SYS
[09/03/2011 - 17:56:36 | SHD ]    C:\System Volume Information
[09/03/2011 - 18:10:48 | SHD ]    C:\Recycled
[09/03/2011 - 18:34:42 | RHD ]    C:\MSOCache
[09/03/2011 - 20:51:26 | D ]    C:\Downloads
[17/03/2011 - 10:55:44 | D ]    C:\WFDB
[17/04/2011 - 10:10:58 | A | 7534]    C:\mksbasel.cpp.log
[18/04/2011 - 17:14:56 | D ]    C:\_OTL
[18/04/2011 - 17:26:10 | D ]    C:\UsbFix
[18/04/2011 - 17:26:12 | A | 0]    C:\UsbFix.txt
[27/02/2011 - 12:28:18 | D ]    D:\Paulineczkaa
[18/07/2007 - 16:05:08 | SHD ]    D:\System Volume Information
[07/01/2011 - 09:03:54 | D ]    D:\reno
[28/02/2011 - 12:56:20 | D ]    D:\ja
[29/05/2008 - 18:12:42 | D ]    D:\pulpit
[11/03/2011 - 12:55:44 | D ]    D:\jeffer
[20/04/2008 - 13:05:28 | D ]    D:\Q   U   E   E   N
[28/02/2011 - 13:03:10 | D ]    D:\kontakty teraz
[04/07/2008 - 18:42:08 | A | 771283]    D:\P6200065.JPG
[11/05/2010 - 09:34:46 | D ]    D:\word paulinki
[01/08/2008 - 18:59:18 | D ]    D:\kontakty i reszta
[07/04/2005 - 11:39:28 | SHD ]    D:\Recycled
[22/03/2007 - 18:55:37 | A | 26656]    E:\AAAAAA userbar.png
[30/05/2009 - 16:38:01 | D ]    E:\CV
[25/08/2006 - 15:52:52 | A | 400384]    E:\GG PIONier v1.0.exe
[24/06/2010 - 10:54:01 | D ]    E:\iGo8
[23/12/2006 - 12:17:36 | A | 178271]    E:\IMG_0151.jpg
[04/02/2007 - 16:28:00 | A | 1536]    E:\IncrediMail Exported Contacts (csv format).csv
[03/03/2011 - 13:12:44 | D ]    E:\instalki
[13/06/2010 - 11:00:18 | D ]    E:\Konkursy na urodziny
[01/09/2009 - 15:46:44 | A | 1762]    E:\Kontakty.txt
[19/04/2007 - 19:52:39 | A | 101178]    E:\MotoGP.jar
[20/04/2008 - 14:17:40 | D ]    E:\Nawęglanie
[15/02/2011 - 14:40:15 | D ]    E:\Praca Stelmet
[30/06/2010 - 15:10:45 | D ]    E:\Prace Paulinki
[06/10/2006 - 19:03:31 | D ]    E:\Przylep 05-10-2006
[17/04/2011 - 10:12:29 | SHD ]    E:\RECYCLER
[05/01/2005 - 22:46:53 | SHD ]    E:\Recycler.bajki
[27/01/2011 - 16:15:46 | D ]    E:\Różne
[09/01/2010 - 13:37:48 | D ]    E:\speedway 2009
[02/03/2011 - 13:13:45 | SHD ]    E:\System Volume Information
[05/01/2005 - 22:48:00 | SHD ]    E:\System Volume Information.bajki
[18/10/2007 - 17:32:51 | D ]    E:\szkola
[30/03/2007 - 13:33:15 | SH | 22528]    E:\Thumbs.db
[13/09/2010 - 17:17:24 | D ]    E:\Zacisze
[16/03/2011 - 16:01:23 | D ]    E:\ZDJĘCIA1
[26/02/2010 - 11:36:04 | D ]    E:\Ślub Ali
[02/07/2010 - 06:56:02 | D ]    E:\Ż U Ż E L
[11/03/2011 - 14:15:39 | D ]    F:\All Time Top 1000
[11/03/2011 - 13:59:17 | D ]    F:\Lista Wszechczasów [2008-2009]
[15/02/2011 - 07:38:38 | RD ]    F:\MUZA
[17/04/2011 - 10:12:29 | SHD ]    F:\RECYCLER
[11/03/2011 - 13:59:00 | D ]    F:\różne
[02/03/2011 - 13:13:45 | SHD ]    F:\System Volume Information
[07/11/2007 - 13:07:57 | ASH | 3072]    F:\Thumbs.db
[11/03/2011 - 14:01:16 | D ]    F:\Top 100 Masterpieces of Classical Music 1685-1928
[11/03/2011 - 14:15:24 | D ]    F:\TOP.1000.of.the.last.30.years.PACK-PT
[21/05/2007 - 20:17:22 | A | 36251]    G:\070521_083223.jpg
[17/04/2011 - 21:09:51 | D ]    G:\BitComet
[11/03/2011 - 14:04:10 | D ]    G:\gazety
[07/02/2011 - 14:19:13 | A | 8560645]    G:\K_S_04_2011.pdf
[09/03/2011 - 19:47:59 | D ]    G:\mułek
[17/04/2011 - 09:22:51 | SHD ]    G:\RECYCLER
[07/05/2010 - 21:15:26 | A | 13142165]    G:\Super Mega paka chomikowych wskazówek jak i co dokładać na stronke.rar
[02/03/2011 - 13:13:45 | SHD ]    G:\System Volume Information
[06/11/2007 - 21:27:05 | SH | 22528]    G:\Thumbs.db
[17/03/2011 - 12:04:26 | D ]    G:\WinFast WorkArea
[09/04/2011 - 16:48:06 | A | 733716480]    J:\Szpieg (2006) [Lektor PL].avi
[15/04/2011 - 18:17:00 | SH | 130]    J:\AUTORUN.INF
[03/03/2011 - 12:19:12 | AH | 9915]    J:\folder.jpg
[12/04/2011 - 08:20:04 | A | 763652096]    J:\I Am Number Four 2011 PPVRiP-zibi6248.avi
[05/04/2011 - 19:56:28 | A | 733915136]    J:\(www.Polski-Torrent.pl) buried.avi
[06/09/2008 - 14:32:56 | A | 6089998]    J:\Combined-Community-Codec-Pack-2008-01-24.exe
[02/04/2011 - 19:42:06 | D ]    J:\CinemaPlayer
[06/04/2011 - 15:31:44 | A | 733949952]    J:\www.netemx.pl Nawiedzona narzeczona(2008) (lektor PL).avi
[05/09/2010 - 15:46:36 | SH | 49152]    J:\sal.xls.exe
[02/10/2010 - 10:19:24 | RSHD ]    J:\RECYCLER

################## | E.O.F |
__________
"I am not going to be a star.
I am going to be a legend"
freddie mercury
Awatar użytkownika
kilkujadek
~user
 
Posty: 1733
Dołączenie: 10 Lis 2005, 23:33
Miejscowość: Zielona Góra
Pochwały: 53



Robak-sal.xls.exe

Postprzez wojtas 18 Kwi 2011, 20:06

Przy podpiętym pendrivie;

Uruchom OTL i w sekcji własne opcje skanowania / skrypt wklej:

:OTL
O4 - HKLM..\Run: [IMJPMIG8.2] File not found
O4 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001..\Run: [MsServer] File not found
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found
O4 - HKLM..\RunOnceEx: [Flag] Reg Error: Invalid data type. File not found

:Files
sal.xls.exe /alldrives
RECYCLER /alldrives
Recycled /alldrives

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""

:Commands
[emptytemp]
[emptyflash]


Kliknij wykonaj skrypt. I potwierdź reset komputera .

zabezpiecz komputer przed infekcją z pendriva. Odpal Usbfix i wciśnij Vaccinate.

Wykonaj czynności końcowe :
*Uruchom OTL z opcji sprzątanie.
* wykonaj optymalizację Windowsa ( instrukcja dla Windowsa XP, lecz w innych systemach jest podobnie )
* zrób pełny skan Malwarebytes Anti-Malware (zaktualizuj, usuń co znajdzie )
* Skasuj stan przywracania systemu


Zaktualizuj zabezpieczenia:
>>> Adobe Reader (bez Free McAfee® Security Scan Plus)
>>> Internet Explorer 8
>>> Java™ 6
>>> Mozilla Firefox 4,0
>>> Avast 6 (odinstaluj starszą wersję i zainstaluj nową)
Image
Awatar użytkownika
wojtas
*mod
 
Posty: 18165
Dołączenie: 13 Sty 2006, 16:00
Miejscowość: Krzeszyce
Pochwały: 1656



Robak-sal.xls.exe

Postprzez kilkujadek 19 Kwi 2011, 14:37

Witam. Otóż jak wklejałem to co mi kazałeś do OTLa to wyskakiwało na dole > Killing processes. DO NOT INTERRUPT... <
I tak z trzy razy , zwiecha kompa wszystko znikało i restart.
Zrobiłem skan Malwarebytes i usunąłem to co znalazł.

Teraz zrobiłem skan OTL:

Kod: Zaznacz wszystko
OTL logfile created on: 2011-04-19 14:20:27 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Documents and Settings\User\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 199,00 Mb Available Physical Memory | 39,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,85 Gb Total Space | 12,50 Gb Free Space | 62,95% Space Free | Partition Type: FAT32
Drive D: | 74,49 Gb Total Space | 26,69 Gb Free Space | 35,83% Space Free | Partition Type: FAT32
Drive E: | 29,29 Gb Total Space | 2,39 Gb Free Space | 8,17% Space Free | Partition Type: NTFS
Drive F: | 29,49 Gb Total Space | 9,71 Gb Free Space | 32,93% Space Free | Partition Type: NTFS
Drive G: | 33,16 Gb Total Space | 9,89 Gb Free Space | 29,82% Space Free | Partition Type: NTFS
Drive J: | 3,73 Gb Total Space | 0,96 Gb Free Space | 25,75% Space Free | Partition Type: FAT32

Computer Name: KOMPUTER | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-04-19 14:15:28 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exe
PRC - [2009-12-08 07:51:50 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
PRC - [2008-06-27 03:36:58 | 001,424,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-05-22 10:14:54 | 000,405,504 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
PRC - [2007-04-30 02:00:00 | 000,032,768 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0420Mon.exe
PRC - [2006-09-25 17:42:08 | 000,108,160 | ---- | M] () -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2006-09-25 17:42:02 | 000,108,160 | ---- | M] () -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2006-09-25 17:41:44 | 000,251,520 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2006-09-25 17:41:34 | 000,370,304 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2006-09-25 17:32:08 | 000,059,008 | ---- | M] () -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2005-09-23 22:05:26 | 000,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
PRC - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2003-10-08 10:41:10 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011-04-19 14:15:28 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exe
MOD - [2008-06-16 01:28:36 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] --  -- (HidServ)
SRV - File not found [On_Demand | Stopped] --  -- (ALG)
SRV - [2006-09-25 17:42:02 | 000,108,160 | ---- | M] () [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2006-09-25 17:41:44 | 000,251,520 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2006-09-25 17:41:34 | 000,370,304 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2006-09-25 17:32:08 | 000,059,008 | ---- | M] () [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-11-19 14:06:48 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM)
DRV - [2009-11-19 14:06:48 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS)
DRV - [2009-11-19 14:06:46 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM)
DRV - [2009-11-19 14:06:46 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM)
DRV - [2009-11-19 14:06:46 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2008-06-16 01:28:36 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2008-04-13 22:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007-05-31 02:32:34 | 000,099,648 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0420Vid.sys -- (V0420VID) Live! Cam Vista IM (VF0420)
DRV - [2006-09-25 17:40:42 | 000,087,424 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2006-09-25 17:39:26 | 000,016,352 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2006-09-25 17:39:02 | 000,036,176 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2006-09-25 17:37:50 | 000,024,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2005-01-06 16:55:38 | 000,009,446 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\WinFast\WFTVFM\WFIOCTL.sys -- (WFIOCTL)
DRV - [2004-12-22 05:34:56 | 000,075,925 | R--- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wf2kvcap.sys -- (BT848)
DRV - [2004-12-22 05:34:56 | 000,036,423 | R--- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wf2ktunr.sys -- (tv2ktunr)
DRV - [2004-12-22 05:34:56 | 000,010,005 | R--- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wf2kXbar.sys -- (Tv2kXbar)
DRV - [2004-04-21 16:11:06 | 000,729,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003-10-09 11:52:08 | 000,475,788 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2003-10-04 05:25:26 | 000,391,552 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2002-11-27 12:52:00 | 000,080,896 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2002-11-13 08:10:00 | 000,020,224 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvidesm.sys -- (nvidesm)
DRV - [2002-09-06 04:24:00 | 000,013,568 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2001-08-17 20:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "Allegro"
FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.25

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-03-09 18:15:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-09 18:15:38 | 000,000,000 | ---D | M]

[2011-03-09 18:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Extensions
[2011-03-09 18:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\dbbhs6hx.default\extensions
[2011-03-09 20:51:00 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\dbbhs6hx.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2011-03-09 18:15:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-08-24 10:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2011-03-13 13:43:44 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2011-03-13 13:43:44 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2011-03-13 13:43:44 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2011-03-13 13:43:44 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2011-03-13 13:43:44 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2011-03-13 13:43:44 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2008-06-16 01:28:36 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe ()
O4 - HKLM..\Run: [C:\WINDOWS\system32\V0420Cvw.dll] C:\WINDOWS\system32\V0420CVW.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [V0420Mon.exe] C:\WINDOWS\V0420Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2]  File not found
O4 - HKLM..\RunOnceEx: [Flag] Reg Error: Invalid data type. File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.50 212.76.34.49
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O24 - Desktop Components:0 (Bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-03-09 17:54:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2011-04-19 13:13:52 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2011-04-19 13:13:56 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2011-04-19 13:13:56 | 000,000,000 | RHSD | M] - E:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-04-19 13:14:01 | 000,000,000 | RHSD | M] - F:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-04-19 13:14:02 | 000,000,000 | RHSD | M] - G:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-04-19 13:14:04 | 000,000,000 | RHSD | M] - J:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-04-19 14:16:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-04-19 14:15:27 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exe
[2011-04-19 13:54:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\User\Recent
[2011-04-19 13:44:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dane aplikacji\Malwarebytes
[2011-04-19 13:44:47 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011-04-19 13:44:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2011-04-19 13:44:42 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-04-19 13:44:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-04-19 13:41:52 | 007,734,240 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\User\Pulpit\mbam_1.50.1.1100_[www.programosy.pl].exe
[2011-04-19 13:13:51 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2011-04-18 17:26:08 | 000,000,000 | ---D | C] -- C:\UsbFix
[2011-04-18 17:25:47 | 001,241,658 | ---- | C] (TeamXscript.org) -- C:\Documents and Settings\User\Pulpit\UsbFix.exe
[2011-04-17 10:13:50 | 000,607,288 | ---- | C] (Duplex Secure Ltd.) -- C:\Documents and Settings\User\Pulpit\SPTDinst-v178-x86.exe
[2011-04-17 09:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2011-04-16 10:14:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\My portable Apps
[2011-04-16 09:49:02 | 000,000,000 | -HSD | C] -- C:\FOUND.000
[2011-04-14 19:42:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\Panna Marple Tajemnica Bladego Konia (2010) [PDTV.RMVB-rafal900000] [lektor pl]
[2011-04-12 19:35:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\Projekt o Kazimierzu Wielkim
[2011-04-04 17:19:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight
[2011-04-04 17:19:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011-04-04 17:19:28 | 006,277,496 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\User\Pulpit\Silverlight.exe
[2011-04-01 13:09:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Moje dokumenty\My Skype Content
[2011-04-01 10:52:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype
[2011-04-01 10:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Skype
[2011-04-01 10:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Moje dokumenty\My Skype Pictures
[2011-04-01 10:52:26 | 000,000,000 | ---D | C] -- C:\Program Files\Skype
[2011-04-01 10:50:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2011-03-20 15:06:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\chomiki

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-04-19 14:18:38 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011-04-19 14:18:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-04-19 14:15:28 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exe
[2011-04-19 13:55:06 | 002,359,296 | -H-- | M] () -- C:\Documents and Settings\User\NTUSER.DAT
[2011-04-19 13:55:06 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\User\ntuser.ini
[2011-04-19 13:41:58 | 007,734,240 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\User\Pulpit\mbam_1.50.1.1100_[www.programosy.pl].exe
[2011-04-19 13:36:20 | 000,267,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-04-18 19:02:54 | 576,876,920 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\the.borgias.s01e04.hdtv.xvid-fqm.avi
[2011-04-18 19:01:02 | 000,070,179 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\plakat 2.JPG
[2011-04-18 18:59:42 | 000,063,503 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\plakat.JPG
[2011-04-18 18:28:38 | 366,754,079 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Chuck.04x20.Chuck.vs.the.Family.Volkoff.rar
[2011-04-18 17:25:48 | 001,241,658 | ---- | M] (TeamXscript.org) -- C:\Documents and Settings\User\Pulpit\UsbFix.exe
[2011-04-18 17:04:18 | 000,002,184 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-04-17 13:25:36 | 000,089,000 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\robak2.JPG
[2011-04-17 10:13:50 | 000,607,288 | ---- | M] (Duplex Secure Ltd.) -- C:\Documents and Settings\User\Pulpit\SPTDinst-v178-x86.exe
[2011-04-17 10:09:44 | 000,022,841 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\robak1.JPG
[2011-04-16 10:44:02 | 000,301,568 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\8m5wvo0p.exe
[2011-04-16 10:42:56 | 000,038,276 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\robak.JPG
[2011-04-16 10:25:08 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-04-13 11:39:36 | 000,000,651 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Dziobas Player0.001.lnk
[2011-04-12 19:36:26 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Word.lnk
[2011-04-11 20:01:56 | 734,442,376 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\MARPLE_10 - Nemezis.avi
[2011-04-06 19:20:34 | 000,284,551 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie0239_zmniejszacz-pl_386079.jpg
[2011-04-05 18:29:58 | 000,498,334 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1287.jpg
[2011-04-05 18:28:40 | 000,436,917 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1285.jpg
[2011-04-04 17:19:40 | 006,277,496 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\User\Pulpit\Silverlight.exe
[2011-04-02 12:17:24 | 000,380,171 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1280.jpg
[2011-04-01 20:09:24 | 184,041,472 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\PWS.e64-TRODAT.avi
[2011-04-01 10:52:30 | 000,000,634 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2011-03-27 18:48:00 | 000,009,999 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\button Kajtka.JPG
[2011-03-26 20:08:06 | 005,853,024 | -H-- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-03-23 19:29:22 | 016,032,070 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\102 pytania SEP 1kV - Tadeusz Uczciwek.pdf.pdf
[2011-03-23 19:22:50 | 015,046,037 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Egzamin Kwalifikacyjny - Elektryka W Pytaniach I Odpowiedziach.pdf
[2011-03-22 13:37:52 | 000,590,371 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\c9d603490942b093d6bf856f1a78031f.jpg

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-04-18 19:01:01 | 000,070,179 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\plakat 2.JPG
[2011-04-18 18:59:41 | 000,063,503 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\plakat.JPG
[2011-04-18 18:00:21 | 576,876,920 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\the.borgias.s01e04.hdtv.xvid-fqm.avi
[2011-04-18 17:56:15 | 366,754,079 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Chuck.04x20.Chuck.vs.the.Family.Volkoff.rar
[2011-04-17 13:25:34 | 000,089,000 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\robak2.JPG
[2011-04-17 10:09:40 | 000,022,841 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\robak1.JPG
[2011-04-16 10:44:03 | 000,301,568 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\8m5wvo0p.exe
[2011-04-16 10:42:54 | 000,038,276 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\robak.JPG
[2011-04-13 11:39:34 | 000,000,651 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Dziobas Player0.001.lnk
[2011-04-11 19:30:00 | 734,442,376 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\MARPLE_10 - Nemezis.avi
[2011-04-06 19:20:33 | 000,284,551 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie0239_zmniejszacz-pl_386079.jpg
[2011-04-06 19:09:42 | 000,436,917 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1285.jpg
[2011-04-06 19:09:36 | 000,498,334 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1287.jpg
[2011-04-05 19:02:00 | 000,543,955 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie0351.jpg
[2011-04-05 19:01:34 | 000,326,473 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie0812.jpg
[2011-04-05 19:00:37 | 000,380,171 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Zdjęcie1280.jpg
[2011-04-01 19:49:30 | 184,041,472 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\PWS.e64-TRODAT.avi
[2011-04-01 10:52:28 | 000,000,634 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2011-03-27 18:47:59 | 000,009,999 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\button Kajtka.JPG
[2011-03-23 19:28:41 | 016,032,070 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\102 pytania SEP 1kV - Tadeusz Uczciwek.pdf.pdf
[2011-03-23 19:22:13 | 015,046,037 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Egzamin Kwalifikacyjny - Elektryka W Pytaniach I Odpowiedziach.pdf
[2011-03-22 13:37:56 | 000,590,371 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\c9d603490942b093d6bf856f1a78031f.jpg
[2011-03-17 10:30:05 | 000,000,670 | R--- | C] () -- C:\WINDOWS\CtDrvIns.exe.manifest
[2011-03-12 17:23:38 | 000,065,368 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2011-03-09 19:07:22 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-03-09 18:20:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011-03-09 18:16:31 | 000,666,240 | ---- | C] () -- C:\WINDOWS\System32\aswBoot.exe
[2011-03-09 18:06:41 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011-03-09 18:05:50 | 005,853,024 | -H-- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-03-09 18:05:29 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\drivers\jedih2rx.bin
[2011-03-09 18:05:29 | 000,000,122 | R--- | C] () -- C:\WINDOWS\System32\drivers\ramsed.bin
[2011-03-09 18:03:32 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2011-03-09 17:55:37 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-03-09 17:54:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2011-03-09 17:53:46 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2011-03-09 17:53:43 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2011-03-09 17:52:15 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011-03-09 17:52:03 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2011-03-09 17:52:03 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2011-03-09 17:51:16 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2011-03-09 17:51:15 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2011-03-09 17:46:38 | 000,756,194 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011-03-09 17:46:37 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-03-09 17:45:34 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008-07-03 21:54:20 | 000,000,818 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008-06-16 01:28:36 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008-06-16 01:28:36 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2008-06-16 01:28:36 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2008-06-16 01:28:36 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008-06-16 01:28:36 | 000,407,552 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll
[2008-06-16 01:28:36 | 000,356,118 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2008-06-16 01:28:36 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2008-06-16 01:28:36 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2008-06-16 01:28:36 | 000,311,998 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008-06-16 01:28:36 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008-06-16 01:28:36 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2008-06-16 01:28:36 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008-06-16 01:28:36 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2008-06-16 01:28:36 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2008-06-16 01:28:36 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2008-06-16 01:28:36 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2008-06-16 01:28:36 | 000,070,622 | ---- | C] () -- C:\WINDOWS\System32\edit.com
[2008-06-16 01:28:36 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2008-06-16 01:28:36 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2008-06-16 01:28:36 | 000,051,823 | ---- | C] () -- C:\WINDOWS\System32\command.com
[2008-06-16 01:28:36 | 000,049,154 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2008-06-16 01:28:36 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008-06-16 01:28:36 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2008-06-16 01:28:36 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2008-06-16 01:28:36 | 000,039,566 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008-06-16 01:28:36 | 000,039,434 | ---- | C] () -- C:\WINDOWS\System32\mem.exe
[2008-06-16 01:28:36 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2008-06-16 01:28:36 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2008-06-16 01:28:36 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2008-06-16 01:28:36 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2008-06-16 01:28:36 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2008-06-16 01:28:36 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2008-06-16 01:28:36 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2008-06-16 01:28:36 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2008-06-16 01:28:36 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2008-06-16 01:28:36 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2008-06-16 01:28:36 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008-06-16 01:28:36 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2008-06-16 01:28:36 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2008-06-16 01:28:36 | 000,020,986 | ---- | C] () -- C:\WINDOWS\System32\debug.exe
[2008-06-16 01:28:36 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2008-06-16 01:28:36 | 000,019,806 | ---- | C] () -- C:\WINDOWS\System32\graphics.com
[2008-06-16 01:28:36 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2008-06-16 01:28:36 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2008-06-16 01:28:36 | 000,014,913 | ---- | C] () -- C:\WINDOWS\System32\kb16.com
[2008-06-16 01:28:36 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2008-06-16 01:28:36 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2008-06-16 01:28:36 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2008-06-16 01:28:36 | 000,012,866 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe
[2008-06-16 01:28:36 | 000,012,594 | ---- | C] () -- C:\WINDOWS\System32\append.exe
[2008-06-16 01:28:36 | 000,011,859 | ---- | C] () -- C:\WINDOWS\System32\setver.exe
[2008-06-16 01:28:36 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2008-06-16 01:28:36 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2008-06-16 01:28:36 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe
[2008-06-16 01:28:36 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe
[2008-06-16 01:28:36 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2008-06-16 01:28:36 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2008-06-16 01:28:36 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008-06-16 01:28:36 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008-06-16 01:28:36 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2008-06-16 01:28:36 | 000,003,260 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe
[2008-06-16 01:28:36 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2008-06-16 01:28:36 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008-06-16 01:28:36 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2008-06-16 01:28:36 | 000,001,168 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com
[2008-06-16 01:28:36 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe
[2008-06-16 01:28:36 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe
[2008-06-16 01:28:36 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe
[2008-06-16 01:28:36 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe
[2008-06-16 01:28:36 | 000,000,582 | ---- | C] () -- C:\WINDOWS\win.ini
[2008-06-16 01:28:36 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2008-06-16 01:28:36 | 000,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2004-04-21 15:58:26 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004-04-21 15:56:04 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2001-10-26 15:29:54 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe
[2001-10-26 15:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll

[color=#E56717]========== LOP Check ==========[/color]

[2011-03-17 10:07:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2011-03-17 10:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
[2011-03-09 20:50:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\BitComet
[2011-03-12 17:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\ChomikBox

[color=#E56717]========== Purity Check ==========[/color]



< End of report >


Kod: Zaznacz wszystko
OTL Extras logfile created on: 2011-04-19 14:20:27 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Documents and Settings\User\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 199,00 Mb Available Physical Memory | 39,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,85 Gb Total Space | 12,50 Gb Free Space | 62,95% Space Free | Partition Type: FAT32
Drive D: | 74,49 Gb Total Space | 26,69 Gb Free Space | 35,83% Space Free | Partition Type: FAT32
Drive E: | 29,29 Gb Total Space | 2,39 Gb Free Space | 8,17% Space Free | Partition Type: NTFS
Drive F: | 29,49 Gb Total Space | 9,71 Gb Free Space | 32,93% Space Free | Partition Type: NTFS
Drive G: | 33,16 Gb Total Space | 9,89 Gb Free Space | 29,82% Space Free | Partition Type: NTFS
Drive J: | 3,73 Gb Total Space | 0,96 Gb Free Space | 25,75% Space Free | Partition Type: FAT32

Computer Name: KOMPUTER | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1715567821-746137067-1801674531-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- Reg Error: Key error.
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"11253:TCP" = 11253:TCP:*:Enabled:BitComet 11253 TCP
"11253:UDP" = 11253:UDP:*:Enabled:BitComet 11253 UDP
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- (www.BitComet.com)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HydraVision
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{934519A2-4D50-4B83-A459-92D90E9E3188}" = WinFast PVR
"{AC76BA86-7AD7-1033-7B44-A70500000002}" = Adobe Reader 7.0.5
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.60.13
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"BitComet" = BitComet 1.26
"ChomikBox" = ChomikBox
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-01-24
"Creative Live! Cam Center" = Creative Live! Cam Center
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative VF0420" = Creative Live! Cam Vista IM Driver (1.00.03.0000)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAnForce" = NVIDIA Windows 2000/XP nForce Drivers
"SkanerOnline" = Skaner on-line mks_vir
"Skype_is1" = Skype 2.5
"SysInfo" = Creative System Information
"Usbfix" = UsbFix By TeamXscript
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Antivirus Events ]
Error - 2011-04-19 06:53:15 | Computer Name = KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: Aavm: FetchGlobalCounters cannot open mapping
- server DOWN???, 00000002. 

Error - 2011-04-19 07:06:08 | Computer Name = KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: Aavm: FetchGlobalCounters cannot open mapping
- server DOWN???, 00000002. 

[ Application Events ]
Error - 2011-04-16 03:49:16 | Computer Name = KOMPUTER | Source = Userenv | ID = 1515
Description = System Windows wykonał kopię zapasową profilu tego użytkownika. System
Windows automatycznie spróbuje użyć profilu z kopii zapasowej przy następnym logowaniu
tego użytkownika.

Error - 2011-04-16 03:49:17 | Computer Name = KOMPUTER | Source = Userenv | ID = 1511
Description = System Windows nie może znaleźć profilu lokalnego i loguje użytkownika
przy użyciu profilu tymczasowego. Zmiany wprowadzone w tym profilu zostaną utracone
po wylogowaniu.

Error - 2011-04-16 04:52:06 | Computer Name = KOMPUTER | Source = Userenv | ID = 1508
Description = System Windows nie może załadować rejestru. Najczęstszą tego przyczyną
jest za mało pamięci lub brak wystarczających praw zabezpieczeń.       SZCZEGÓŁY - Proces
nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces.
for C:\Documents and Settings\User\ntuser.dat

Error - 2011-04-16 04:52:13 | Computer Name = KOMPUTER | Source = Userenv | ID = 1502
Description = System Windows nie może załadować profilu przechowywanego lokalnie.
Możliwym powodem tego błędu jest brak wystarczających praw zabezpieczeń lub uszkodzony
profil lokalny. Jeśli ten problem będzie się powtarzać, skontaktuj się z administratorem
sieci.       SZCZEGÓŁY - Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany
przez inny proces.

Error - 2011-04-16 04:52:13 | Computer Name = KOMPUTER | Source = Userenv | ID = 1515
Description = System Windows wykonał kopię zapasową profilu tego użytkownika. System
Windows automatycznie spróbuje użyć profilu z kopii zapasowej przy następnym logowaniu
tego użytkownika.

Error - 2011-04-16 04:52:14 | Computer Name = KOMPUTER | Source = Userenv | ID = 1511
Description = System Windows nie może znaleźć profilu lokalnego i loguje użytkownika
przy użyciu profilu tymczasowego. Zmiany wprowadzone w tym profilu zostaną utracone
po wylogowaniu.

Error - 2011-04-16 05:19:11 | Computer Name = KOMPUTER | Source = Userenv | ID = 1508
Description = System Windows nie może załadować rejestru. Najczęstszą tego przyczyną
jest za mało pamięci lub brak wystarczających praw zabezpieczeń.       SZCZEGÓŁY - Proces
nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces.
for C:\Documents and Settings\User\ntuser.dat

Error - 2011-04-16 05:19:43 | Computer Name = KOMPUTER | Source = Userenv | ID = 1502
Description = System Windows nie może załadować profilu przechowywanego lokalnie.
Możliwym powodem tego błędu jest brak wystarczających praw zabezpieczeń lub uszkodzony
profil lokalny. Jeśli ten problem będzie się powtarzać, skontaktuj się z administratorem
sieci.       SZCZEGÓŁY - Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany
przez inny proces.

Error - 2011-04-16 05:19:43 | Computer Name = KOMPUTER | Source = Userenv | ID = 1515
Description = System Windows wykonał kopię zapasową profilu tego użytkownika. System
Windows automatycznie spróbuje użyć profilu z kopii zapasowej przy następnym logowaniu
tego użytkownika.

Error - 2011-04-16 05:20:14 | Computer Name = KOMPUTER | Source = Userenv | ID = 1511
Description = System Windows nie może znaleźć profilu lokalnego i loguje użytkownika
przy użyciu profilu tymczasowego. Zmiany wprowadzone w tym profilu zostaną utracone
po wylogowaniu.

[ System Events ]
Error - 2011-04-19 07:18:05 | Computer Name = KOMPUTER | Source = Service Control Manager | ID = 7034
Description = Usługa avast! Antivirus niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-04-19 07:21:29 | Computer Name = KOMPUTER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu
następującego błędu:   %%2

Error - 2011-04-19 07:37:41 | Computer Name = KOMPUTER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu
następującego błędu:   %%2

Error - 2011-04-19 07:55:59 | Computer Name = KOMPUTER | Source = sr | ID = 1
Description = Filtr Przywracania systemu napotkał nieoczekiwany błąd '0xC0000001'
podczas przetwarzania pliku '' w woluminie 'HarddiskVolume1'. W rezultacie zostało
zatrzymane monitorowanie woluminu.

Error - 2011-04-19 07:57:29 | Computer Name = KOMPUTER | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   atapi  PCIIde  Si3112

Error - 2011-04-19 07:57:29 | Computer Name = KOMPUTER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu
następującego błędu:   %%2

Error - 2011-04-19 08:16:25 | Computer Name = KOMPUTER | Source = Service Control Manager | ID = 7034
Description = Usługa Ati HotKey Poller niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-04-19 08:16:26 | Computer Name = KOMPUTER | Source = Service Control Manager | ID = 7034
Description = Usługa avast! iAVS4 Control Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2011-04-19 08:16:26 | Computer Name = KOMPUTER | Source = Service Control Manager | ID = 7034
Description = Usługa avast! Antivirus niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-04-19 08:20:18 | Computer Name = KOMPUTER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu
następującego błędu:   %%2


< End of report >
__________
"I am not going to be a star.
I am going to be a legend"
freddie mercury
Awatar użytkownika
kilkujadek
~user
 
Posty: 1733
Dołączenie: 10 Lis 2005, 23:33
Miejscowość: Zielona Góra
Pochwały: 53



Robak-sal.xls.exe

Postprzez wojtas 19 Kwi 2011, 18:36

zobacz czy masz to w msconfig:

O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found
O4 - HKLM..\RunOnceEx: [Flag] Reg Error: Invalid data type. File not found


jak tak to odznacz.. to tyle

Autor postu otrzymał pochwałę
Image
Awatar użytkownika
wojtas
*mod
 
Posty: 18165
Dołączenie: 13 Sty 2006, 16:00
Miejscowość: Krzeszyce
Pochwały: 1656




Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 11 gości