Mam ponownie prośbę o pomoc przy problemie z wirusem. Nie mogę sobie poradzić z nim. Poniżej kod z OTL:
- Kod: Zaznacz wszystko
OTL logfile created on: 2009-11-14 16:43:39 - Run 1
OTL by OldTimer - Version 3.1.5.0 Folder = E:\
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
446,10 Mb Total Physical Memory | 187,49 Mb Available Physical Memory | 42,03% Memory free
1,03 Gb Paging File | 0,86 Gb Available in Paging File | 83,71% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 10,19 Gb Free Space | 26,09% Space Free | Partition Type: NTFS
Drive D: | 3,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 35,46 Gb Total Space | 35,10 Gb Free Space | 98,98% Space Free | Partition Type: NTFS
Drive F: | 978,72 Mb Total Space | 978,56 Mb Free Space | 99,98% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JA-AB1A576DDAC5
Current User Name: Właściciel
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2009-11-14 16:20:48 | 00,529,408 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2007-07-09 18:46:50 | 00,106,496 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2007-06-13 14:23:49 | 01,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-01-01 22:22:02 | 03,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
PRC - [2006-08-03 14:53:02 | 00,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [2006-07-27 15:06:46 | 00,122,880 | ---- | M] () -- C:\Program Files\Hotkey 1.0.4\FuncKey.exe
PRC - [2005-04-16 17:08:00 | 00,172,032 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\Apoint.exe
PRC - [2004-10-06 14:08:28 | 00,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\ApntEx.exe
PRC - [2004-10-05 15:00:12 | 00,061,440 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\TaskBarIcon.exe
PRC - [2004-08-23 12:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\system32\FTRTSVC.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2009-11-14 16:37:49 | 00,076,513 | RHS- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Temp\cvasds0.dll
MOD - [2009-11-14 16:20:48 | 00,529,408 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
MOD - [2006-08-25 16:51:13 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006-03-02 13:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found -- -- (gusvc)
SRV - [2008-07-29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008-07-29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008-07-29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008-07-25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-07-25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2007-07-10 09:18:14 | 00,501,048 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2007-07-09 18:46:50 | 00,106,496 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2006-12-01 10:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - [2006-03-02 13:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2004-08-23 12:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\system32\FTRTSVC.exe -- (FTRTSVC)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found -- -- (Avg7RsW)
DRV - [2007-11-13 11:25:55 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006-09-19 14:44:04 | 00,015,664 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2006-09-12 10:43:38 | 00,659,456 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\drivers\S3gIGPm.sys -- (S3GIGP)
DRV - [2006-08-24 15:05:32 | 00,594,432 | ---- | M] (Conexant Systems Inc.) -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006-05-25 18:28:44 | 00,684,265 | R--- | M] () -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2006-03-23 01:27:10 | 00,488,992 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2006-03-15 10:51:52 | 00,043,008 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5bv.sys -- (FETND5BV)
DRV - [2006-03-09 15:56:58 | 00,995,712 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006-03-09 15:56:16 | 00,206,976 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006-03-09 15:56:10 | 00,726,400 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006-03-02 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2005-10-05 15:57:10 | 00,012,544 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005-09-09 18:56:14 | 00,006,144 | ---- | M] (http://www.internals.com) -- C:\WINDOWS\system32\WinIo.sys -- (WINIO)
DRV - [2005-04-23 09:54:50 | 00,112,751 | ---- | M] (Alps Electric Co., Ltd.) -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2003-08-12 17:51:00 | 00,060,255 | R--- | M] (STMicroelectronics ) -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)
DRV - [2003-08-04 12:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2001-08-17 21:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\neostrada tp\SearchPageURL.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://pl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official"
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.11.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query="
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-09-02 06:06:37 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-11-10 08:12:12 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-11-09 20:14:33 | 00,000,000 | ---D | M]
[2008-09-14 00:11:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Extensions
[2008-09-14 00:11:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-11-13 12:54:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\vevmux15.default\extensions
[2009-07-23 09:32:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\vevmux15.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009-09-02 07:14:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\vevmux15.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009-03-13 20:20:48 | 00,001,196 | ---- | M] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\vevmux15.default\searchplugins\winamp-search.xml
[2008-09-14 00:11:55 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-11-09 20:14:33 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-11-09 20:14:23 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009-11-09 20:14:24 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007-04-10 16:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2002-11-01 19:15:54 | 00,086,125 | ---- | M] (JavaSoft / Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPJava11.dll
[2002-11-01 19:15:54 | 00,086,125 | ---- | M] (JavaSoft / Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPJava12.dll
[2002-11-01 19:15:54 | 00,086,125 | ---- | M] (JavaSoft / Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPJava13.dll
[2002-11-01 19:15:54 | 00,086,125 | ---- | M] (JavaSoft / Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPJava32.dll
[2002-11-01 19:15:54 | 00,086,122 | ---- | M] (JavaSoft / Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPJPI140_03.dll
[2009-11-09 20:14:27 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2002-11-01 19:15:54 | 00,086,126 | ---- | M] (JavaSoft / Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPOJI610.dll
[2006-12-18 03:18:30 | 00,077,824 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009-07-30 23:44:16 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-07-30 23:44:16 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-07-31 00:45:26 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009-07-30 23:44:16 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-07-30 23:44:16 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-07-30 23:44:16 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-07-30 23:44:16 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.dll (STMicroelectronics )
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [FuncKey] C:\Program Files\Hotkey 1.0.4\FuncKey.exe ()
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe File not found
O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\neostrada tp\Watch.exe (France Télécom R&D)
O4 - HKCU..\Run: [cdoosoft] C:\Documents and Settings\Właściciel\Ustawienia lokalne\Temp\herss.exe ()
O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-11-14 16:43:47 | 00,000,059 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-08-26 16:55:43 | 00,000,000 | R--D | M] - D:\AutoMapa 5.5 -- [ UDF ]
O32 - AutoRun File - [2009-07-29 17:23:15 | 00,000,000 | R--D | M] - D:\Autoruns -- [ UDF ]
O32 - AutoRun File - [2009-11-14 16:43:47 | 00,000,059 | RHS- | M] () - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-06-18 21:41:44 | 00,000,000 | ---D | M] - F:\autorun.inf -- [ FAT ]
O33 - MountPoints2\{1d42cb7b-e4a5-11dc-8bbb-00140b33fe37}\Shell\AutoRun\command - "" = F:\ -- File not found
O33 - MountPoints2\{1d42cb7b-e4a5-11dc-8bbb-00140b33fe37}\Shell\open\Command - "" = rundll32.exe .\desktop.dll,InstallM
O33 - MountPoints2\{24bfc1aa-ccde-11dc-8b7f-00140b33fe37}\Shell\AutoRun\command - "" = F:\ukfbi3aw.exe -- File not found
O33 - MountPoints2\{24bfc1aa-ccde-11dc-8b7f-00140b33fe37}\Shell\open\Command - "" = F:\ukfbi3aw.exe -- File not found
O33 - MountPoints2\{44e2f8c0-fe05-11dd-8eb3-00140b33fe37}\Shell\AutoRun\command - "" = F:\1ogf.exe -- File not found
O33 - MountPoints2\{44e2f8c0-fe05-11dd-8eb3-00140b33fe37}\Shell\open\Command - "" = F:\1ogf.exe -- File not found
O33 - MountPoints2\{478e9fde-e948-11dc-8bcf-00140b33fe37}\Shell\AutoRun\command - "" = G:\
O33 - MountPoints2\{478e9fde-e948-11dc-8bcf-00140b33fe37}\Shell\open\Command - "" = rundll32.exe .\desktop.dll,InstallM
O33 - MountPoints2\{4de63f14-6fb1-11dd-8d76-00140b33fe37}\Shell\AutoRun\command - "" = F:\y82td3td.com -- File not found
O33 - MountPoints2\{4de63f14-6fb1-11dd-8d76-00140b33fe37}\Shell\explore\Command - "" = F:\y82td3td.com -- File not found
O33 - MountPoints2\{4de63f14-6fb1-11dd-8d76-00140b33fe37}\Shell\open\Command - "" = F:\y82td3td.com -- File not found
O33 - MountPoints2\{4fc8e350-c07e-11dc-8b5f-00140b33fe37}\Shell\AutoRun\command - "" = F:\ -- File not found
O33 - MountPoints2\{4fc8e350-c07e-11dc-8b5f-00140b33fe37}\Shell\open\Command - "" = rundll32.exe .\desktop.dll,InstallM
O33 - MountPoints2\{522aad90-f472-11dc-8bfc-00140b33fe37}\Shell\AutoRun\command - "" = F:\6ruaqx.exe -- [2009-11-13 18:54:12 | 00,115,082 | RHS- | M] ()
O33 - MountPoints2\{522aad90-f472-11dc-8bfc-00140b33fe37}\Shell\open\Command - "" = F:\6ruaqx.exe -- [2009-11-13 18:54:12 | 00,115,082 | RHS- | M] ()
O33 - MountPoints2\{6740f770-754c-11de-8f14-00140b33fe37}\Shell\AutoRun\command - "" = F:\ukfbi3aw.exe -- File not found
O33 - MountPoints2\{6740f770-754c-11de-8f14-00140b33fe37}\Shell\open\Command - "" = F:\ukfbi3aw.exe -- File not found
O33 - MountPoints2\{7b74c412-b3c9-11dd-8e2b-00140b33fe37}\Shell\AutoRun\command - "" = F:\xfl3hx.exe -- File not found
O33 - MountPoints2\{7b74c412-b3c9-11dd-8e2b-00140b33fe37}\Shell\explore\Command - "" = F:\xfl3hx.exe -- File not found
O33 - MountPoints2\{7b74c412-b3c9-11dd-8e2b-00140b33fe37}\Shell\open\Command - "" = F:\xfl3hx.exe -- File not found
O33 - MountPoints2\{7ff46a58-a837-11dd-8e1a-00140b33fe37}\Shell - "" = AutoRun
O33 - MountPoints2\{7ff46a58-a837-11dd-8e1a-00140b33fe37}\Shell\Auto\command - "" = F:\Long.exe -- File not found
O33 - MountPoints2\{b872cd8e-d7fe-11dc-8ba1-00140b33fe37}\Shell\AutoRun\command - "" = F:\ -- File not found
O33 - MountPoints2\{b872cd8e-d7fe-11dc-8ba1-00140b33fe37}\Shell\open\Command - "" = rundll32.exe .\desktop.dll,InstallM
O33 - MountPoints2\{bf44ad04-6fe0-11de-8f0f-00140b33fe37}\Shell\AutoRun\command - "" = F:\ukfbi3aw.exe -- File not found
O33 - MountPoints2\{bf44ad04-6fe0-11de-8f0f-00140b33fe37}\Shell\open\Command - "" = F:\ukfbi3aw.exe -- File not found
O33 - MountPoints2\{d4641d48-3bdd-11dd-8d0e-00140b33fe37}\Shell\AutoRun\command - "" = F:\jdhc2x2.com -- File not found
O33 - MountPoints2\{d4641d48-3bdd-11dd-8d0e-00140b33fe37}\Shell\explore\Command - "" = F:\jdhc2x2.com -- File not found
O33 - MountPoints2\{d4641d48-3bdd-11dd-8d0e-00140b33fe37}\Shell\open\Command - "" = F:\jdhc2x2.com -- File not found
O33 - MountPoints2\{d9c80e9d-9474-11dc-8ae7-00140b33fe37}\Shell\AutoRun\command - "" = F:\eexyv.exe -- File not found
O33 - MountPoints2\{d9c80e9d-9474-11dc-8ae7-00140b33fe37}\Shell\open\Command - "" = F:\eexyv.exe -- File not found
O33 - MountPoints2\{ecf88908-a48c-11de-8f48-00140b33fe37}\Shell\AutoRun\command - "" = F:\2o1ajagt.exe -- File not found
O33 - MountPoints2\{ecf88908-a48c-11de-8f48-00140b33fe37}\Shell\open\Command - "" = F:\2o1ajagt.exe -- File not found
O33 - MountPoints2\{ee1b3cbc-9446-11dc-8b7f-806d6172696f}\Shell\AutoRun\command - "" = C:\6ruaqx.exe -- [2009-11-13 18:54:10 | 00,115,082 | RHS- | M] ()
O33 - MountPoints2\{ee1b3cbc-9446-11dc-8b7f-806d6172696f}\Shell\open\Command - "" = C:\6ruaqx.exe -- [2009-11-13 18:54:10 | 00,115,082 | RHS- | M] ()
O33 - MountPoints2\{ee1b3cbd-9446-11dc-8b7f-806d6172696f}\Shell\AutoRun\command - "" = E:\6ruaqx.exe -- [2009-11-13 18:54:10 | 00,115,082 | RHS- | M] ()
O33 - MountPoints2\{ee1b3cbd-9446-11dc-8b7f-806d6172696f}\Shell\open\Command - "" = E:\6ruaqx.exe -- [2009-11-13 18:54:10 | 00,115,082 | RHS- | M] ()
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2009-11-14 16:40:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Avg7
[2009-11-14 15:44:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\GHISLER
[2009-11-14 15:44:01 | 00,000,000 | ---D | C] -- C:\totalcmd
[2009-11-14 15:44:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\GHISLER
[2009-11-14 15:29:32 | 00,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2009-11-14 15:11:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\DoctorWeb
[2009-11-14 10:28:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\aniołeczki
[2009-11-09 20:47:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\różne
[2009-11-09 20:46:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\nowa
[2009-10-30 23:05:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\ArcaMicroScan
[2009-10-30 21:58:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\występy
[737 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[42 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2009-11-14 16:44:13 | 00,000,059 | RHS- | M] () -- C:\autorun.inf
[2009-11-14 16:41:55 | 01,087,636 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-11-14 16:41:55 | 00,490,866 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2009-11-14 16:41:55 | 00,432,690 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-11-14 16:41:55 | 00,084,078 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2009-11-14 16:41:55 | 00,067,646 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-11-14 16:37:36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-11-14 16:37:31 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-11-14 16:36:30 | 05,505,024 | -H-- | M] () -- C:\Documents and Settings\Właściciel\NTUSER.DAT
[2009-11-14 16:36:06 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\Właściciel\ntuser.ini
[2009-11-14 15:44:05 | 00,000,548 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Total Commander.lnk
[2009-11-14 15:09:12 | 00,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2009-11-14 15:09:12 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009-11-14 15:09:12 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009-11-14 10:59:08 | 00,237,615 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Bez tytułu.wmv
[2009-11-14 10:52:54 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-11-14 10:23:53 | 00,002,267 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Skype.lnk
[2009-11-14 10:21:08 | 02,528,046 | -H-- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-11-13 22:40:28 | 00,017,408 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\ech mała i dawne zycie.doc
[2009-11-13 18:54:10 | 00,115,082 | RHS- | M] () -- C:\6ruaqx.exe
[2009-11-13 18:53:17 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-11-12 09:30:39 | 00,105,416 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-11-11 16:52:55 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009-11-11 16:52:55 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009-11-08 23:29:04 | 00,086,835 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\nowa ja 5.JPG
[2009-11-06 20:49:32 | 00,052,224 | ---- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-11-05 18:36:21 | 26,768,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009-11-05 10:07:20 | 00,029,696 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Zjazdy-sale-II i III sem..doc
[2009-11-05 08:07:55 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009-11-04 22:06:54 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\spr V 2009.doc
[2009-11-04 08:39:29 | 00,010,240 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\spr IV.doc
[2009-10-21 10:29:07 | 00,001,751 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache
[2009-10-21 10:28:44 | 00,014,304 | ---- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-10-21 05:08:51 | 03,598,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2009-10-19 21:07:55 | 00,014,848 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\opinia o Karolinie.doc
[2009-10-19 10:30:09 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009-10-18 22:49:56 | 00,025,088 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\wymagania edukacyjne muzyka.doc
[2009-10-18 20:46:28 | 00,008,192 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\wymagania II.doc
[737 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[42 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2009-11-14 16:35:38 | 00,115,082 | RHS- | C] () -- C:\6ruaqx.exe
[2009-11-14 16:35:38 | 00,000,059 | RHS- | C] () -- C:\autorun.inf
[2009-11-14 15:44:05 | 00,000,548 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Total Commander.lnk
[2009-11-14 15:44:02 | 00,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF
[2009-11-14 15:44:02 | 00,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF
[2009-11-14 15:44:02 | 00,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF
[2009-11-14 15:44:02 | 00,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF
[2009-11-14 15:44:02 | 00,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF
[2009-11-14 15:44:02 | 00,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF
[2009-11-14 15:44:02 | 00,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF
[2009-11-14 10:58:55 | 00,237,615 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Bez tytułu.wmv
[2009-11-13 13:58:03 | 00,017,408 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\ech mała i dawne zycie.doc
[2009-11-11 16:52:55 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009-11-11 16:52:55 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009-11-08 23:29:04 | 00,086,835 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\nowa ja 5.JPG
[2009-11-05 10:07:19 | 00,029,696 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Zjazdy-sale-II i III sem..doc
[2009-11-04 22:06:54 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\spr V 2009.doc
[2009-11-04 08:39:27 | 00,010,240 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\spr IV.doc
[2009-10-21 10:29:07 | 00,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache
[2009-10-19 20:43:53 | 00,014,848 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\opinia o Karolinie.doc
[2009-10-18 20:46:27 | 00,008,192 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\wymagania II.doc
[2009-10-18 20:33:03 | 00,025,088 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\wymagania edukacyjne muzyka.doc
[2009-09-15 23:56:47 | 00,000,206 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009-08-10 13:12:03 | 00,000,079 | ---- | C] () -- C:\WINDOWS\Kit.ini
[2009-07-20 17:39:44 | 00,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini
[2009-07-20 17:39:36 | 00,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2009-07-20 17:36:11 | 00,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2009-06-17 00:14:47 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008-01-01 14:07:39 | 00,052,224 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007-11-16 20:17:08 | 00,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat
[2007-11-16 14:30:40 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2007-11-16 13:50:43 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007-11-16 13:12:39 | 02,528,046 | -H-- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2007-11-16 13:04:41 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2007-11-16 13:04:38 | 02,702,848 | ---- | C] () -- C:\WINDOWS\System32\s3gcil_inv.dll
[2007-11-16 12:58:40 | 00,014,304 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2007-11-16 12:54:53 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\desktop.ini
[2006-06-29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006-06-29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006-04-18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006-04-18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006-03-02 13:00:00 | 00,000,507 | ---- | C] () -- C:\WINDOWS\win.ini
[2006-03-02 13:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
< End of report >
- Kod: Zaznacz wszystko
OTL Extras logfile created on: 2009-11-14 16:43:39 - Run 1
OTL by OldTimer - Version 3.1.5.0 Folder = E:\
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
446,10 Mb Total Physical Memory | 187,49 Mb Available Physical Memory | 42,03% Memory free
1,03 Gb Paging File | 0,86 Gb Available in Paging File | 83,71% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 10,19 Gb Free Space | 26,09% Space Free | Partition Type: NTFS
Drive D: | 3,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 35,46 Gb Total Space | 35,10 Gb Free Space | 98,98% Space Free | Partition Type: NTFS
Drive F: | 978,72 Mb Total Space | 978,56 Mb Free Space | 99,98% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JA-AB1A576DDAC5
Current User Name: Właściciel
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" File not found
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
"C:\Program Files\Mozilla Firefox\ArcaMicroScan\ArcaMicroScan.exe" = C:\Program Files\Mozilla Firefox\ArcaMicroScan\ArcaMicroScan.exe:*:Disabled:ArcaMicroScan -- (ArcaBit)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3DA88297-8858-4525-96C9-360D1078FC3A}" = OpenOffice.ux.pl 2.0
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EC78BC-B379-4E29-9006-8F161DCAABA6}" = Apple Software Update
"{7A5DDFA1-9CD9-4351-84C5-CED839BE1045}" = Nero 7 Essentials
"{9357AE3A-B2ED-4138-BB9B-0564352C3F0A}" = iTunes
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43B2A2F-1DB5-47F9-A608-F11A4835D7CB}" = Apple Mobile Device Support
"{AC1E4C93-C1E7-11D6-9D10-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.0_03
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D90E672A-CC7E-4CDF-82CB-4CC0465BDC91}" = Wireless LAN Driver Installation Program
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_PCI_VEN_14F1&DEV_5045&SUBSYS_15091E40" = Soft Data Fax Modem with SmartCP
"Foxit PDF Editor" = Foxit PDF Editor
"Gadu-Gadu" = Gadu-Gadu 7.7
"HijackThis" = HijackThis 2.0.2
"Hotkey 1.0.4_is1" = Hotkey 1.0.4
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.8.5 (Basic)
"Kurs Tańca_is1" = Kurs Tańca
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.2)" = Mozilla Firefox (3.5.2)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"neostradatp.exe" = neostrada tp
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Slownik PWN-OXFORD" = Słownik PWN-OXFORD
"StmAdsl" = ADSL Modem
"Totalcmd" = Total Commander (Remove or Repair)
"Unlocker" = Unlocker 1.8.8
"VIA Chrome9 HC IGP Display" = VIA/S3G Display Driver 6.14.10.0071
"VLC media player" = VLC media player 0.9.8a
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ System Events ]
Error - 2009-11-14 11:39:05 | Computer Name = JA-AB1A576DDAC5 | Source = DCOM | ID = 10000
Description = Nie można uruchomić serwera DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Błąd:
„%2”
wystąpił
podczas uruchamiania tego polecenia: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding
Error - 2009-11-14 11:39:05 | Computer Name = JA-AB1A576DDAC5 | Source = DCOM | ID = 10000
Description = Nie można uruchomić serwera DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Błąd:
„%2”
wystąpił
podczas uruchamiania tego polecenia: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding
Error - 2009-11-14 11:39:06 | Computer Name = JA-AB1A576DDAC5 | Source = DCOM | ID = 10000
Description = Nie można uruchomić serwera DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Błąd:
„%2”
wystąpił
podczas uruchamiania tego polecenia: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding
Error - 2009-11-14 11:39:06 | Computer Name = JA-AB1A576DDAC5 | Source = DCOM | ID = 10000
Description = Nie można uruchomić serwera DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Błąd:
„%2”
wystąpił
podczas uruchamiania tego polecenia: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding
Error - 2009-11-14 11:39:06 | Computer Name = JA-AB1A576DDAC5 | Source = DCOM | ID = 10000
Description = Nie można uruchomić serwera DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Błąd:
„%2”
wystąpił
podczas uruchamiania tego polecenia: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding
Error - 2009-11-14 11:41:45 | Computer Name = JA-AB1A576DDAC5 | Source = DCOM | ID = 10000
Description = Nie można uruchomić serwera DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Błąd:
„%2”
wystąpił
podczas uruchamiania tego polecenia: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding
Error - 2009-11-14 11:41:45 | Computer Name = JA-AB1A576DDAC5 | Source = DCOM | ID = 10000
Description = Nie można uruchomić serwera DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Błąd:
„%2”
wystąpił
podczas uruchamiania tego polecenia: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding
Error - 2009-11-14 11:41:45 | Computer Name = JA-AB1A576DDAC5 | Source = DCOM | ID = 10000
Description = Nie można uruchomić serwera DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Błąd:
„%2”
wystąpił
podczas uruchamiania tego polecenia: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding
Error - 2009-11-14 11:41:45 | Computer Name = JA-AB1A576DDAC5 | Source = DCOM | ID = 10000
Description = Nie można uruchomić serwera DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Błąd:
„%2”
wystąpił
podczas uruchamiania tego polecenia: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding
Error - 2009-11-14 11:41:45 | Computer Name = JA-AB1A576DDAC5 | Source = DCOM | ID = 10000
Description = Nie można uruchomić serwera DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Błąd:
„%2”
wystąpił
podczas uruchamiania tego polecenia: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding
< End of report >
Jak się nauczyć samemu na podstawie tych logów ratowanie systemu? Nie chcę za każdym razem prosić o pomoc, chcę już sam umieć pomagać
Ale póki co... ratunku 
