Skocz do zawartości

karolis

Użytkownicy
 Pokaż profil  Zobacz aktywność

  • Postów

    7

  • Dołączył

  • Ostatnia wizyta

  1. karolis
    Witam serdecznie, zwracam się z prośbą o pomoc w problemie blue screen'ów. W ciągu ostatnich 15 minut wystąpiły już dwa, o różnych kodach, ale tak szybko znikały, że nie zdążyłam zapisać. Windows wyświetlił rozwiązania, jako pierwsze miałam sprawdzić uszkodzenia dysków - przeskanowałam obydwa, nie znaleziono uszkodzeń. Kolejnym krokiem miało być skanowanie antywirusem. Nauczona doświadczeniem skierowałam się tutaj i wygenerowałam log ze skanu OTL. Przy próbie wykonania skanu GMER w trakcie skanowania wyskakuje informacja, że windows musi zakończyć ten proces. Nie wiem co mam zrobić, aby dostać pełen log, ani czy OTL już coś powie co się dzieje. Nie wiem czy to sprawa sprzętu, oprogramowania, sterowników czy jakiejś infekcji. Bardzo proszę o pomoc w diagnozie/wykluczeniu chociaż jakiejś infekcji. Dodatkowo ostatnio komp się dziwnie wiesza na niektórych stronach. Zamieszczam log OTL i Extras. Jeśli jest jakiś sposób żeby zrobić skan GMER bardzo proszę o poradę, a jeśli mam użyć innego narzędzia również. Pozdrawiam, paquerette P.S. Wklejam poniżej, bo nie wiedzieć czemu nie mogę zapisać pliku. Przepraszam. OTL logfile created on: 2012-01-20 17:53:20 - Run 7 OTL by OldTimer - Version 3.0.10.0 Folder = D:\Instalki\AntyWiry Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19088) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,78 Gb Available Physical Memory | 39,01% Memory free 4,00 Gb Paging File | 2,97 Gb Available in Paging File | 74,14% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 116,44 Gb Total Space | 62,37 Gb Free Space | 53,57% Space Free | Partition Type: NTFS Drive D: | 106,68 Gb Total Space | 54,09 Gb Free Space | 50,71% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KAROLINA-PC Current User Name: Karolina Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2008-09-16 22:55:00 | 00,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2007-12-26 22:38:40 | 00,424,504 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\smartlogon.exe PRC - [2007-05-18 10:31:16 | 00,073,728 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe PRC - [2007-10-03 05:53:00 | 00,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe PRC - [2007-08-08 08:08:40 | 00,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe PRC - [2011-11-28 19:01:23 | 00,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2008-10-29 07:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE PRC - [2007-10-17 00:24:32 | 00,229,376 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\Hcontrol.exe PRC - [2007-09-26 19:24:12 | 00,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe PRC - [2007-07-06 00:53:44 | 01,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe PRC - [2007-11-13 18:17:14 | 00,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe PRC - [2007-09-01 01:38:12 | 00,180,224 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe PRC - [2005-07-06 23:43:42 | 00,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe PRC - [2007-12-26 22:38:32 | 00,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe PRC - [2007-08-08 19:03:42 | 02,441,216 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe PRC - [2007-08-15 19:20:16 | 00,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe PRC - [2007-08-15 19:38:30 | 00,147,456 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe PRC - [2007-04-20 08:01:44 | 00,172,032 | ---- | M] (Bruker Daltonik GmbH) -- C:\Program Files\Common Files\Bruker Daltonik\NTDS\bin\DCOMLibraryService.exe PRC - [2009-02-02 13:18:06 | 00,024,576 | ---- | M] (Thermo Fisher Scientific Inc.) -- C:\Program Files\Thermo\Foundation\FinAutoLogOff.exe PRC - [2009-02-03 11:15:46 | 00,065,536 | ---- | M] (Thermo Electron Corporation) -- C:\Xcalibur\system\programs\finSS_Server.exe PRC - [2009-02-02 13:18:20 | 00,040,960 | ---- | M] (Thermo Fisher Scientific Inc.) -- C:\Program Files\Thermo\Foundation\CFRDBService.exe PRC - [2009-02-02 13:18:10 | 00,024,576 | ---- | M] (Thermo Fisher Scientific Inc.) -- C:\Program Files\Thermo\Foundation\ThermoFisher.Foundation.Auditing.FinSecurityService.exe PRC - [2008-06-09 18:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2006-11-02 13:35:27 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mqsvc.exe PRC - [2009-09-06 12:38:06 | 00,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2007-08-03 20:24:54 | 00,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe PRC - [2009-12-23 22:34:20 | 00,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe PRC - [2008-01-21 03:25:19 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mqtgsvc.exe PRC - [2009-03-03 03:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe PRC - [2008-01-21 03:23:32 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2007-08-28 04:48:39 | 00,655,360 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe PRC - [2008-07-19 03:52:16 | 00,104,936 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe PRC - [2007-09-03 11:39:21 | 04,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2007-10-18 03:04:00 | 07,737,344 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe PRC - [2008-02-01 22:29:32 | 00,061,440 | ---- | M] () -- C:\Program Files\ASUS\ATK Media\DMedia.exe PRC - [2008-01-21 03:23:52 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe PRC - [2007-12-06 11:12:43 | 01,029,416 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2008-08-30 08:12:13 | 00,033,136 | ---- | M] () -- C:\Windows\ASScrPro.exe PRC - [2011-11-28 19:01:24 | 03,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2008-01-21 03:23:29 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2008-01-21 03:25:11 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe PRC - [2008-01-21 03:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008-01-21 03:25:11 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe PRC - [2008-01-21 03:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2007-12-06 11:12:57 | 00,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe PRC - [2011-12-09 18:14:25 | 00,949,104 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2006-10-27 14:23:04 | 00,347,432 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\WINWORD.EXE PRC - [2009-07-23 16:50:43 | 00,514,048 | ---- | M] (OldTimer Tools) -- D:\Instalki\AntyWiry\OTL.exe ========== Win32 Services (SafeList) ========== SRV - [2007-05-18 10:31:16 | 00,073,728 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService [Auto | Running]) SRV - [2007-10-03 05:53:00 | 00,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService [Auto | Running]) SRV - [2007-08-08 08:08:40 | 00,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv [Auto | Running]) SRV - [2011-11-28 19:01:23 | 00,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus [Auto | Running]) SRV - [2008-07-27 19:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [Disabled | Stopped]) SRV - [2010-03-18 12:16:28 | 00,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32 [Auto | Stopped]) SRV - [2007-04-20 08:01:44 | 00,172,032 | ---- | M] (Bruker Daltonik GmbH) -- C:\Program Files\Common Files\Bruker Daltonik\NTDS\bin\DCOMLibraryService.exe -- (DCOMLibraryService [Auto | Running]) SRV - [2008-01-21 03:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped]) SRV - [2006-11-02 13:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped]) SRV - [2006-11-02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped]) SRV - [2008-01-21 03:23:49 | 01,013,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running]) SRV - [2009-02-02 13:18:06 | 00,024,576 | ---- | M] (Thermo Fisher Scientific Inc.) -- C:\Program Files\Thermo\Foundation\FinAutoLogOff.exe -- (Finnigan Auto Log Off [Auto | Running]) SRV - [2009-02-03 11:15:46 | 00,065,536 | ---- | M] (Thermo Electron Corporation) -- C:\Xcalibur\system\programs\finSS_Server.exe -- (Finnigan Security Server [Auto | Running]) SRV - [2009-02-02 13:18:20 | 00,040,960 | ---- | M] (Thermo Fisher Scientific Inc.) -- C:\Program Files\Thermo\Foundation\CFRDBService.exe -- (FinniganDatabaseService [Auto | Running]) SRV - [2009-02-02 13:18:10 | 00,024,576 | ---- | M] (Thermo Fisher Scientific Inc.) -- C:\Program Files\Thermo\Foundation\ThermoFisher.Foundation.Auditing.FinSecurityService.exe -- (FinniganSecurityService [Auto | Running]) SRV - [2009-05-03 18:31:52 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped]) SRV - [2008-06-20 02:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2010-11-02 20:51:13 | 00,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate [Auto | Stopped]) SRV - [2010-11-02 20:51:13 | 00,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdatem [On_Demand | Stopped]) SRV - [2008-11-20 20:18:52 | 00,136,120 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped]) SRV - [2008-06-20 02:14:31 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped]) SRV - [2008-06-09 18:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running]) SRV - [2006-11-02 13:35:27 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mqsvc.exe -- (MSMQ [Auto | Running]) SRV - [2008-01-21 03:25:19 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mqtgsvc.exe -- (MSMQTriggers [Auto | Running]) SRV - [2006-11-08 16:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Running]) SRV - [2008-06-20 02:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2009-09-06 12:38:06 | 00,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU [Auto | Running]) SRV - [2008-09-16 22:55:00 | 00,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc [Auto | Running]) SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped]) SRV - [2006-10-26 12:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2006-11-08 16:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Running]) SRV - [2009-03-04 11:25:12 | 00,621,056 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped]) SRV - [2007-08-03 20:24:54 | 00,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr [Auto | Running]) SRV - [2009-12-23 22:34:20 | 00,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE [Auto | Running]) SRV - [2009-02-02 13:19:06 | 00,019,456 | ---- | M] (Thermo Fisher Scientific Inc.) -- C:\Program Files\Thermo\Foundation\ThermoFisher.Foundation.AcquisitionMonitor.exe -- (Thermo.Foundation.Acquisition.Service.Monitor [Auto | Stopped]) SRV - [2009-02-02 13:19:26 | 00,192,512 | ---- | M] (Thermo Fisher Scientific Inc.) -- C:\Program Files\Thermo\Foundation\ThermoFisher.Foundation.AcquisitionService.exe -- (ThermoFisher.Foundation.AcquisitionService [Auto | Stopped]) SRV - [2008-01-21 03:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running]) SRV - [2008-01-21 03:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running]) SRV - [2010-03-18 12:16:28 | 00,753,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400 [On_Demand | Stopped]) ========== Driver Services (SafeList) ========== DRV - [2004-09-01 13:56:26 | 00,010,605 | R--- | M] () -- C:\Windows\System32\DRIVERS\Acqir500.sys -- (Acqir500 [Auto | Stopped]) DRV - [2008-01-21 03:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped]) DRV - [2008-01-21 03:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped]) DRV - [2008-01-21 03:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped]) DRV - [2008-01-21 03:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped]) DRV - [2006-11-02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped]) DRV - [2008-01-21 03:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped]) DRV - [2008-01-21 03:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped]) DRV - [2008-01-21 03:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped]) DRV - [2007-08-11 04:19:26 | 00,029,752 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm [boot | Running]) DRV - [2007-07-24 19:09:04 | 00,013,880 | ---- | M] () -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP [Auto | Running]) DRV - [2011-11-28 18:51:50 | 00,020,568 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk [Auto | Running]) DRV - [2011-11-28 18:52:07 | 00,055,128 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt [Auto | Running]) DRV - [2011-11-28 18:52:19 | 00,034,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr [system | Running]) DRV - [2011-11-28 18:53:53 | 00,435,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx [system | Running]) DRV - [2011-11-28 18:53:35 | 00,314,456 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP [system | Running]) DRV - [2011-11-28 18:52:16 | 00,052,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi [system | Running]) DRV - [2007-10-31 12:55:59 | 00,046,592 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\System32\DRIVERS\l160x86.sys -- (AtcL001 [On_Demand | Running]) DRV - [2006-11-02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped]) DRV - [2006-11-02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped]) DRV - [2006-11-02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped]) DRV - [2006-11-02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped]) DRV - [2006-11-02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped]) DRV - [2006-11-02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped]) DRV - [2008-08-30 08:01:42 | 00,012,800 | ---- | M] (CSR, plc) -- C:\Windows\System32\DRIVERS\BthAvrcp.sys -- (BthAvrcp [On_Demand | Stopped]) DRV - [2008-01-21 03:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped]) DRV - [2008-01-21 03:23:24 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped]) DRV - [2008-01-21 03:23:22 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped]) DRV - [2007-08-03 05:26:21 | 00,020,936 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio [Auto | Running]) DRV - [1996-04-03 20:33:26 | 00,005,248 | ---- | M] () -- C:\Windows\system32\giveio.sys -- (giveio [boot | Running]) DRV - [2009-02-01 12:28:39 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Stopped]) DRV - [2008-01-21 03:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped]) DRV - [2007-09-29 16:03:11 | 00,308,248 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor [boot | Running]) DRV - [2008-01-21 03:23:23 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped]) DRV - [2006-11-02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped]) DRV - [2007-09-05 10:36:25 | 01,953,944 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running]) DRV - [2006-11-02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped]) DRV - [2006-11-02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped]) DRV - [2007-01-24 11:08:39 | 00,005,632 | ---- | M] ( ) -- C:\Windows\System32\DRIVERS\kbfiltr.sys -- (kbfiltr [On_Demand | Running]) DRV - [2008-01-21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped]) DRV - [2008-01-21 03:23:25 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped]) DRV - [2008-01-21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped]) DRV - [2007-09-26 23:03:42 | 00,015,416 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\system32\DRIVERS\lullaby.sys -- (lullaby [boot | Running]) DRV - [2005-01-19 11:11:16 | 00,022,016 | ---- | M] (Labtec Inc.) -- C:\Windows\System32\DRIVERS\LVUSBSta.sys -- (LVUSBSta [On_Demand | Running]) DRV - [2008-01-21 03:23:27 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped]) DRV - [2008-01-21 03:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped]) DRV - [2008-01-21 03:23:26 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running]) DRV - [2008-01-21 03:25:19 | 00,126,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mqac.sys -- (MQAC [On_Demand | Running]) DRV - [2006-11-02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped]) DRV - [2006-12-14 08:11:57 | 00,007,680 | ---- | M] (ATK0100) -- C:\Windows\System32\DRIVERS\ATKACPI.sys -- (MTsensor [On_Demand | Running]) DRV - [2008-01-21 03:23:20 | 02,225,664 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\NETw3v32.sys -- (NETw3v32 [On_Demand | Stopped]) DRV - [2007-06-20 21:51:27 | 02,222,080 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\NETw4v32.sys -- (NETw4v32 [On_Demand | Running]) DRV - [2006-11-02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped]) DRV - [2009-02-09 07:37:46 | 00,017,664 | ---- | M] (Nokia) -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd [On_Demand | Stopped]) DRV - [2009-02-09 07:37:46 | 00,022,016 | ---- | M] (Nokia) -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc [On_Demand | Stopped]) DRV - [2006-11-02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped]) DRV - [2008-09-16 22:55:00 | 07,379,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running]) DRV - [2008-01-21 03:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped]) DRV - [2008-01-21 03:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped]) DRV - [2008-08-26 10:26:12 | 00,018,816 | ---- | M] (Nokia) -- C:\Windows\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped]) DRV - [2005-01-19 11:14:38 | 00,211,712 | ---- | M] (Labtec Inc.) -- C:\Windows\System32\DRIVERS\LV561AV.SYS -- (PID_0928 [On_Demand | Stopped]) DRV - [2008-01-21 03:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped]) DRV - [2006-11-02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped]) DRV - [2007-08-08 13:42:07 | 00,045,568 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running]) DRV - [2007-07-30 03:42:57 | 00,043,008 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running]) DRV - [2007-07-30 04:54:01 | 00,038,400 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running]) DRV - [2006-11-02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running]) DRV - [2008-01-21 03:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped]) DRV - [2007-08-28 04:53:47 | 01,019,136 | ---- | M] (Motorola Inc.) -- C:\Windows\System32\DRIVERS\smserial.sys -- (smserial [On_Demand | Running]) DRV - [2007-10-01 07:59:45 | 01,769,984 | ---- | M] () -- C:\Windows\System32\DRIVERS\snp2uvc.sys -- (SNP2UVC [On_Demand | Running]) DRV - [2006-09-24 14:28:46 | 00,005,248 | ---- | M] (Windows ® 2000 DDK provider) -- C:\Windows\system32\speedfan.sys -- (speedfan [boot | Running]) DRV - [2011-05-14 15:53:15 | 00,436,792 | ---- | M] () -- C:\Windows\System32\Drivers\sptd.sys -- (sptd [boot | Running]) DRV - [2009-09-28 20:57:28 | 00,007,168 | ---- | M] () -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen [On_Demand | Stopped]) DRV - [2006-11-02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped]) DRV - [2006-11-02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped]) DRV - [2006-11-02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped]) DRV - [2007-12-06 11:12:47 | 00,196,400 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running]) DRV - [2008-01-21 03:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped]) DRV - [2006-11-02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped]) DRV - [2008-01-21 03:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped]) DRV - [2009-02-09 07:37:48 | 00,007,808 | ---- | M] (Nokia) -- C:\Windows\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev [On_Demand | Stopped]) DRV - [2008-01-21 03:23:27 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbser.sys -- (usbser [On_Demand | Stopped]) DRV - [2009-02-09 07:37:56 | 00,007,808 | ---- | M] (Nokia) -- C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt [On_Demand | Stopped]) DRV - [2008-01-21 03:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped]) DRV - [2008-01-21 03:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped]) DRV - [2006-11-02 08:30:56 | 00,194,048 | ---- | M] (Marvell) -- C:\Windows\System32\DRIVERS\yk60x86.sys -- (yukonwlh [On_Demand | Stopped]) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...er=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...er=6&ar=msnhome IE - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch IE - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000\S-1-5-21-2661777860-2742724884-1657798953-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-07-04 10:02:03 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-12-25 11:08:48 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-20 17:19:49 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-01-14 13:32:06 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-01-16 19:39:05 | 00,000,000 | ---D | M] [2012-01-14 13:32:06 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-10-01 17:51:27 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-08-24 21:23:38 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-08-24 21:23:38 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2009-08-24 21:23:38 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2006-10-26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2011-12-14 10:45:24 | 00,170,080 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2009-08-24 20:19:13 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-08-24 20:19:13 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-08-24 20:19:13 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009-08-24 20:19:13 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-08-24 20:19:13 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-08-24 20:19:13 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-08-24 20:19:13 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation) O3 - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe () O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe () O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE () O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe () O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [skytel] C:\Windows\Skytel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation) O4 - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000..\Run: [Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000..\Run: [skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) O4 - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\S-1-5-21-2661777860-2742724884-1657798953-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE File not found O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.62 192.168.0.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\Explorer.exe (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010-08-02 17:56:24 | 00,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-08-02 17:56:24 | 00,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found ========== Files/Folders - Created Within 30 Days ========== [2013-10-16 10:16:59 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\My IQ Reports [2013-10-16 10:16:12 | 00,000,296 | ---- | C] () -- C:\Windows\win.ini [2013-10-16 10:15:26 | 00,000,000 | ---- | C] () -- C:\Windows\OtofControl.INI [2013-10-16 10:13:39 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Bruker Daltonik [2013-10-16 10:13:39 | 00,000,000 | ---D | C] -- C:\Program Files\Bruker Daltonik [2013-10-16 10:13:39 | 00,000,000 | ---D | C] -- C:\BDalSystemData [2012-01-16 19:54:01 | 00,144,137 | ---- | C] () -- C:\Users\Karolina\Documents\Fam.vers.L.Radzisz.2.pdf [2012-01-16 19:40:10 | 00,066,273 | ---- | C] () -- C:\Users\Karolina\Documents\Fam.vers.L.Radzisz..pdf [2012-01-16 19:39:13 | 00,000,959 | ---- | C] () -- C:\Users\Public\Desktop\PDF-XChange Viewer.lnk [2012-01-14 12:19:42 | 00,169,013 | ---- | C] () -- C:\Windows\hpoins27.dat.temp [2012-01-14 12:19:42 | 00,000,932 | ---- | C] () -- C:\Windows\hpomdl27.dat.temp [2012-01-14 11:20:55 | 00,000,000 | -H-D | C] -- C:\Config.Msi [2009-10-11 10:30:59 | 00,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2009-03-10 15:41:03 | 00,000,072 | ---- | C] () -- C:\Windows\inicsps1.ini [2009-01-23 19:23:49 | 00,000,058 | ---- | C] () -- C:\Windows\nfsc_patch.ini [2009-01-01 14:39:28 | 00,106,496 | R--- | C] () -- C:\Windows\System32\vshp1018.dll [2008-10-04 17:05:46 | 00,065,536 | ---- | C] () -- C:\Windows\System32\ltserial.dll [2008-10-01 12:34:32 | 00,436,792 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2008-08-30 08:12:19 | 00,012,288 | ---- | C] () -- C:\Windows\impborl.dll [2008-04-18 00:45:31 | 00,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini [2007-10-01 07:59:45 | 01,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2007-05-09 08:16:39 | 00,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2007-01-24 11:08:39 | 00,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys [2006-11-02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-03-09 02:57:59 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2005-01-19 09:30:54 | 00,009,255 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2004-09-01 13:56:26 | 00,010,605 | R--- | C] () -- C:\Windows\System32\drivers\Acqir500.sys [1996-04-03 20:33:26 | 00,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys ========== Files - Modified Within 30 Days ========== [1 C:\Windows\System32\*.tmp files] [2013-10-16 10:15:26 | 00,000,000 | ---- | M] () -- C:\Windows\OtofControl.INI [2012-01-20 17:32:47 | 00,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe [2012-01-20 17:30:38 | 00,032,156 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012-01-20 17:29:21 | 00,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-01-20 17:29:16 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-01-20 17:29:11 | 00,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012-01-20 17:29:10 | 00,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012-01-20 17:29:05 | 00,067,584 | ---- | M] () -- C:\Windows\bootstat.dat [2012-01-20 17:29:01 | 21,466,89024 | -HS- | M] () -- C:\hiberfil.sys [2012-01-20 17:21:46 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012-01-20 17:19:49 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2012-01-20 16:26:00 | 00,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-01-19 18:49:37 | 00,672,140 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-01-19 18:49:36 | 01,495,264 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2012-01-19 18:49:36 | 00,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-01-19 18:49:36 | 00,130,516 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-01-19 18:49:36 | 00,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-01-18 16:31:23 | 00,032,156 | ---- | M] () -- C:\ProgramData\nvModes.dat [2012-01-16 20:50:34 | 00,144,137 | ---- | M] () -- C:\Users\Karolina\Documents\Fam.vers.L.Radzisz.2.pdf [2012-01-16 19:40:20 | 00,066,273 | ---- | M] () -- C:\Users\Karolina\Documents\Fam.vers.L.Radzisz..pdf [2012-01-16 19:39:13 | 00,000,959 | ---- | M] () -- C:\Users\Public\Desktop\PDF-XChange Viewer.lnk [2012-01-14 12:29:47 | 00,169,013 | ---- | M] () -- C:\Windows\hpoins27.dat.temp [2012-01-12 03:02:31 | 52,128,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe [2012-01-08 11:47:13 | 00,000,584 | ---- | M] () -- C:\Users\Karolina\Documents\grstyles.stl [2012-01-07 12:27:52 | 00,000,010 | ---- | M] () -- C:\Users\Karolina\Documents\LastLab.sk ========== LOP Check ========== [2012-01-20 17:29:21 | 00,001,036 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2012-01-20 16:26:00 | 00,001,040 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2012-01-20 17:29:16 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT [2012-01-20 17:21:46 | 00,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2009-06-09 06:52:55 | 00,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{7DFFA72F-ADB8-47A9-9466-49CEACAB90FC}.job ========== Purity Check ========== < End of report > OTL Extras logfile created on: 2012-01-20 17:53:20 - Run 7 OTL by OldTimer - Version 3.0.10.0 Folder = D:\Instalki\AntyWiry Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19088) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,78 Gb Available Physical Memory | 39,01% Memory free 4,00 Gb Paging File | 2,97 Gb Available in Paging File | 74,14% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 116,44 Gb Total Space | 62,37 Gb Free Space | 53,57% Space Free | Partition Type: NTFS Drive D: | 106,68 Gb Total Space | 54,09 Gb Free Space | 50,71% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KAROLINA-PC Current User Name: Karolina Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .pif [@ = piffile] -- "%1" %*" .scr [@ = RasWin.Script] -- C:\Program Files\RasWin\RasWin.exe () ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{112A7F79-505E-4FBC-A6AE-60065A3929E1}" = lport=138 | protocol=17 | dir=in | app=system | "{225866BC-CCB2-452F-9FB7-02144D16FC1A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{35CC9FF7-FBD5-4E6B-89FA-5A0A9219B5B1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{3A128385-65B3-45D9-96EB-C5CE1757FE00}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{44DF0082-AB7D-4CDE-AEF0-7487083B0181}" = rport=139 | protocol=6 | dir=out | app=system | "{5701912E-DAB2-4FC4-B821-F16AFCFBE321}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{5F4DA88C-F40D-442F-AB6C-C70E90A6FF41}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{63097797-AC90-4E2A-9ACB-93BC1AD02F32}" = rport=137 | protocol=17 | dir=out | app=system | "{6D70BC97-77F8-469A-A11C-986729887350}" = lport=139 | protocol=6 | dir=in | app=system | "{9414EF11-8DFF-42B8-BF8A-811BD2C66D34}" = rport=445 | protocol=6 | dir=out | app=system | "{9F7925D6-63BD-4B19-BCB0-D4BCFB24B864}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{AB1AD789-4631-44BE-8F82-1DC8F18ADBD1}" = lport=137 | protocol=17 | dir=in | app=system | "{B70B789D-5104-48D5-A3C7-2E5BC48A04A3}" = lport=445 | protocol=6 | dir=in | app=system | "{C006079F-BC93-4673-9EA8-CB878F6FBBC4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{CD18ED85-31B7-4EDC-949F-2695FB7F5D0E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{E929EBA9-0C67-4C85-B05A-F4B62DF5DF22}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{ECDA74C9-E858-40FB-92C2-46044E48674B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F25802D8-0AFA-425E-B6B1-E9E6B4BA969A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FDAD1F32-41A9-428E-A1E5-365DCB0FA78C}" = rport=138 | protocol=17 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00395C75-C4C7-439E-84C0-A2DBC5380F42}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{0291F08A-16F8-4CFA-B14A-707E63D57002}" = protocol=17 | dir=in | app=c:\thermo\instruments\ltq\system\programs\ltqbridge.exe | "{10ADD7D1-4BDF-4DBD-8CCD-5445B3C63102}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{138CD5CC-3425-4661-8C92-85F7498BB1BA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{16202B1A-DD70-4E57-8822-F3F7DC226652}" = protocol=6 | dir=in | app=c:\xcalibur\system\programs\homepage.exe | "{1D1FFA07-674F-4503-9259-79218A7DB234}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{2404DF99-80D4-43DE-960A-CC456063112F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{45836098-2ED9-475E-BFA2-CABD26203C66}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe | "{5069EC5A-F0F4-42A1-A1B3-BEF7854ED818}" = protocol=17 | dir=in | app=c:\program files\hamachi\hamachi.exe | "{66FE460C-F2B9-4185-936B-31BB401EE26E}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe | "{7508BCC2-140A-4B2C-BC81-BF7DDB1BCC15}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe | "{7AC89A6D-E98D-4BCD-9513-A79CD6E655B8}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe | "{9148DDA6-9F93-4237-95CE-704171D72813}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe | "{9242D2CF-FC00-4B0B-8AB0-4EF698168C7A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{A7EC534B-51DE-4A60-9144-3FE18B4113E0}" = protocol=6 | dir=in | app=c:\program files\hamachi\hamachi.exe | "{C8BA968C-0335-4124-A656-EE1C67570B92}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orb.exe | "{D0B9F564-C88F-4D0A-8C26-981BE52131D1}" = protocol=17 | dir=in | app=c:\xcalibur\system\programs\homepage.exe | "{DF48E265-3710-479C-82FA-8D9619EBFF2D}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe | "{E818D33F-A4B6-4818-92B6-684E172747E1}" = protocol=6 | dir=in | app=c:\thermo\instruments\ltq\system\programs\ltqbridge.exe | "{F7771C67-F869-431D-8950-E5ADA87FDB4A}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orb.exe | "TCP Query User{02621004-4D51-4EAD-96FB-AE1D6AB36DD4}C:\program files\commandos ii\comm2.exe" = protocol=6 | dir=in | app=c:\program files\commandos ii\comm2.exe | "TCP Query User{1992E558-8326-42DB-A997-28D43EC354C2}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe | "TCP Query User{20A18DDD-5FC8-4FDA-B268-B07D907A49CC}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | "TCP Query User{22970BDA-28FF-4E7A-AD04-B7DB728F4ABE}C:\program files\electronic arts\need for speed carbon\nfsc.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\need for speed carbon\nfsc.exe | "TCP Query User{2C044B8C-7AFB-445E-86C4-84D50124932A}C:\program files\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe | "TCP Query User{2C5BFCC1-FB64-413E-BECB-DBDB7543896C}C:\program files\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe | "TCP Query User{6FCE5A9A-D53E-4073-BB18-B0BA49A3A510}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe | "TCP Query User{843F8354-2750-4AB7-B16F-1C327D5128D4}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe | "TCP Query User{96537454-40B0-4952-9F97-DCDCB5F617D3}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "TCP Query User{A763D433-E30E-4C6E-9AAD-D239BEB38561}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "TCP Query User{AE8EDF97-76E6-40FF-9B5D-6D2685F00727}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "TCP Query User{B2866427-CFAE-413A-BE50-948D0AF1CA72}C:\program files\commandos ii\comm2.exe" = protocol=6 | dir=in | app=c:\program files\commandos ii\comm2.exe | "TCP Query User{C665B430-F073-4367-953F-779AF65CCC0D}C:\thermo\instruments\ltq\system\programs\ltqbridge.exe" = protocol=6 | dir=in | app=c:\thermo\instruments\ltq\system\programs\ltqbridge.exe | "UDP Query User{0E78FDEB-96FE-420C-A415-13EAAF649E2A}C:\program files\commandos ii\comm2.exe" = protocol=17 | dir=in | app=c:\program files\commandos ii\comm2.exe | "UDP Query User{134C8CF2-1951-44FD-9033-76E4240B1630}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe | "UDP Query User{1EFE66AA-8D37-4007-B166-AB9CCCC5CC64}C:\program files\commandos ii\comm2.exe" = protocol=17 | dir=in | app=c:\program files\commandos ii\comm2.exe | "UDP Query User{325B8722-8799-436E-9E96-AF5110FA041D}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe | "UDP Query User{3E3EC660-2FC3-41AD-BADE-809F7BAA6DE0}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "UDP Query User{43C299B1-C922-44F7-9B80-2AF10E8E070D}C:\thermo\instruments\ltq\system\programs\ltqbridge.exe" = protocol=17 | dir=in | app=c:\thermo\instruments\ltq\system\programs\ltqbridge.exe | "UDP Query User{474E51A6-FFBC-40A4-877D-CF3A447C8390}C:\program files\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe | "UDP Query User{58353C55-A566-4396-820D-63BDE8F3B8A2}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "UDP Query User{7D746E19-FAA8-4BEB-9DF3-A361A1D6F900}C:\program files\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe | "UDP Query User{876EBB73-60B4-4389-8E34-F826DA7AD676}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe | "UDP Query User{98E71932-D568-4E0E-A242-602EF1305E92}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "UDP Query User{9CD7111D-9709-4907-B6EA-86391574C324}C:\program files\electronic arts\need for speed carbon\nfsc.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\need for speed carbon\nfsc.exe | "UDP Query User{9E44518C-C5C1-4113-96C8-EF80722C78F5}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1 "{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control "{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media "{174EDCA9-85F3-4B77-8B52-8839002CED4D}" = FTInstaller_Release_2.1 "{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{2295CC76-4555-43B2-9327-882783023A63}" = Origin8 "{2396F815-84E0-4353-83D7-8B190556DA42}" = ASUS CopyProtect "{23BD9C89-FBBE-4C87-98D1-85ED59F5AB41}" = Thermo Xcalibur "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{343AB4F2-F1EF-4FF9-B0E6-CAAB680286A6}" = G Data LNK-Checker "{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey "{3A6F4A31-8CFD-46B4-8385-E1F384DB121E}" = PDF-XChange Viewer "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{4817189D-1785-4627-A33C-39FD90919300}" = The Sims™ 2 Zwierzaki "{4DEAC5AB-B447-4495-8290-783AAE9993D4}" = Thermo Xcalibur "{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones "{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5 "{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun "{5885D6DC-E2D5-4FB1-87E2-73ACD2FDF78D}" = Thermo Foundation 1.0 "{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02 "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2 "{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe "{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon "{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon "{6E19F210-3813-4002-B561-94D66AA182B6}" = Atheros Communications Inc.® L1 Gigabit Ethernet Driver "{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2 "{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}" = Nokia PC Suite "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{82427977-8776-4087-90CA-9F65174D3C4D}" = Nokia Connectivity Cable Driver "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00B4-0415-0000-0000000FF1CE}" = Microsoft Office Project MUI (Polish) 2007 "{91120000-003A-0000-0000-0000000FF1CE}" = Microsoft Office Project Standard 2007 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A912021A-FEDD-4DA3-8DB4-245EBDA84778}" = OriginPro 8 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch "{AC76BA86-7AD7-1045-7B44-A81200000003}" = Adobe Reader 8 - Polish "{ADDD6985-3A28-44D0-A1BA-FDD19A820491}" = SnagIt 9 "{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}" = PC Connectivity Solution "{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply "{BDA1AA22-0231-1000-8123-00E081205B98}" = Bruker Daltonics micrOTOF Instruments Family 2.2 Build 23 "{BDA1B131-0036-1000-8123-00E081205B98}" = Bruker Daltonics BioTools 3.1 "{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{C64F5E33-DC3B-4FDF-820E-8E66A765CD11}" = LTQ Orbitrap Velos Mass Spectrometer Installation "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service "{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack "{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash "{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt "{F0879461-3654-49D8-864E-DB2E92A3F614}" = Thermo Foundation 1.0 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = P4P "{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "ACDLabs in C__ACDFREE10_" = ACD/Labs Software in C:\ACDFREE10\ "Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.1.2 Professional "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11 "Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver "Audacity_is1" = Audacity 1.2.6 "avast" = avast! Free Antivirus "CCleaner" = CCleaner (remove only) "D978F69D5F15B845BD6BC6F8BF9BCD36982A2087" = Pakiet sterowników systemu Windows - Nokia Modem (02/24/2009 4.0) "E7F682214B951640C9C539C41FDA1A7F836FF7B6" = Pakiet sterowników systemu Windows - Nokia Modem (02/23/2009 7.01.0.2) "English Grammar in Use" = English Grammar in Use "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "Gadu-Gadu" = Gadu-Gadu 7.7 "Google Chrome" = Google Chrome "GPMAW version 9.02" = GPMAW version 9.02 "HP-LaserJet 1018" = LaserJet 1018 "InstallShield_{174EDCA9-85F3-4B77-8B52-8839002CED4D}" = FTInstaller_Release_2.1 "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack "Local Port Scanner_is1" = Local Port Scanner v1.2.2 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3) "Nokia PC Suite" = Nokia PC Suite "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "NVIDIA Drivers" = NVIDIA Drivers "Opera 11.60.1185" = Opera 11.60 "Picasa 3" = Picasa 3 "PRJSTDR" = Microsoft Office Project Standard 2007 "PROPLUS" = Microsoft Office Professional Plus 2007 "RasWin" = RasWin (remove only) "RealAlt_is1" = Real Alternative 1.9.0 "Shop for HP Supplies" = Shop for HP Supplies "SMSERIAL" = Motorola SM56 Speakerphone Modem "SpeedFan" = SpeedFan (remove only) "SubEdit - Vista WMP Patch_is1" = SubEdit - Vista WMP Patch "SubEdit-Player_is1" = SubEdit-Player "SuperMemo UX - Angielski. No problem!+ 2" = SuperMemo UX - Angielski. No problem!+ 2 "SynTPDeinstKey" = Synaptics Pointing Device Driver "Totalcmd" = Total Commander (Remove or Repair) "USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam "Usbfix" = Usbfix By C_XX & El Desaparecido "Winamp" = Winamp "Winamp Toolbar for Firefox" = Winamp Toolbar for Firefox "WinGimp-2.0_is1" = GIMP 2.6.0 "WinRAR archiver" = Archiwizator WinRAR ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 2010-11-21 11:59:30 | Computer Name = Karolina-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 2010-11-21 14:43:22 | Computer Name = Karolina-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 2010-11-22 13:11:09 | Computer Name = Karolina-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 2010-11-22 15:25:05 | Computer Name = Karolina-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 2010-11-23 14:06:19 | Computer Name = Karolina-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 2010-11-24 16:15:43 | Computer Name = Karolina-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 2010-11-25 13:54:47 | Computer Name = Karolina-PC | Source = WinMgmt | ID = 10 Description = Error - 2010-11-25 13:56:47 | Computer Name = Karolina-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 2010-11-25 13:56:53 | Computer Name = Karolina-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 2010-11-25 14:25:29 | Computer Name = Karolina-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = [ OSession Events ] Error - 2011-08-18 02:17:16 | Computer Name = Karolina-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4659 seconds with 1260 seconds of active time. This session ended with a crash. Error - 2011-08-18 02:17:53 | Computer Name = Karolina-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 2012-01-20 12:17:40 | Computer Name = Karolina-PC | Source = Service Control Manager | ID = 7038 Description = Error - 2012-01-20 12:17:40 | Computer Name = Karolina-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2012-01-20 12:19:23 | Computer Name = Karolina-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2012-01-20 12:29:17 | Computer Name = Karolina-PC | Source = HTTP | ID = 15016 Description = Error - 2012-01-20 12:29:47 | Computer Name = Karolina-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2012-01-20 12:29:47 | Computer Name = Karolina-PC | Source = Service Control Manager | ID = 7038 Description = Error - 2012-01-20 12:29:47 | Computer Name = Karolina-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2012-01-20 12:29:48 | Computer Name = Karolina-PC | Source = Service Control Manager | ID = 7038 Description = Error - 2012-01-20 12:29:48 | Computer Name = Karolina-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2012-01-20 12:32:57 | Computer Name = Karolina-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = < End of report >
  2. karolis
    1. Przywracanie Systemu - zrobione zgodnie z instrukcją. 2. Skan Kaspersky Virus Removal Tool nie pokazał żadnych zagrożeń. Dziękuję raz jeszcze Pozdrawiam, karolis
  3. karolis
    Zrobiłam wszystko zgodnie z zaleceniem. Zamieszczam log z GMER. Kaspersky nie pokazał żadnego zagrożenia. Google działa! Dziękuję bardzo za pomoc i bije pokłony Pozdrawiam, karolis GMER_2.txt
  4. karolis
    Wykonałam skanowanie, znalazł jedną pozycję, dałam Skip. Przedstawiam raport. Kaspersky.txt
  5. karolis
    Skrypt OTL wykonany. Skan GMER zrobiony, log w załącznikach (zgodnie z wytycznymi). Pozdrawiam, karolis GMER.txt
  6. karolis
    Weszłam do katalogu, odznaczyłam ukrycie plików i folderów i jedyne co znalazłam to nieukryty plik o nazwie "lmhosts" format SAM. Wykonałam skan OTL zgodnie z zaleceniami, zamieszczam loga. Postaram się ściągnąć GMER'a i zrobić jeszcze dzisiaj skan. Przepraszam za ślimacze tempo, ale to komp w pracy i w międzyczasie muszę pracować Pozdrawiam, karolis OTL_2.Txt
  7. karolis
    Witam serdecznie, Bardzo proszę o pomoc w rozwiązaniu problemu. Problem jak w temacie, przy próbie zastosowania wyszukiwarki Google na dowolnych przeglądarkach wyskakuje error: 404 not found nginx Wyszukałam już kilka podobnych tematów na tym Forum (hxxp://www.fixitpc.pl/topic/5225-zablokowane-google-404-not-found/) i jak widzę konieczne są dodatkowe skrypty do usunięcia tych infekcji. Załączam logi z OTL (wykonane zgodnie z instrukcją zamieszczoną na stronie). Pozdrawiam, karolis Extras.Txt OTL.Txt
×
×
  • Dodaj nową pozycję...