Jagla Opublikowano 12 Września 2010 Zgłoś Udostępnij Opublikowano 12 Września 2010 Witam, od pewnego czasu coś się dzieje z moim internetem. Nie raz muszę kilka razy odświeżać stronę, aby się wczytała (na 100% nie jest to wina internetu) a w dodatku Avira też wyrzuca jakieś komunikaty. Na razie dam log tylko z OTL, bo dzisiaj nie mam czasu skanować kompa Gmerem, i jeżeli będzie potrzebny to wszystko wrzucę jutro. Extras.txt OTL Extras logfile created on: 2010-09-12 21:05:32 - Run 2 OTL by OldTimer - Version 3.2.12.0 Folder = C:\Documents and Settings\Ja\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 74,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): c:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 40,00 Gb Total Space | 15,38 Gb Free Space | 38,44% Space Free | Partition Type: NTFS Drive D: | 96,68 Gb Total Space | 30,38 Gb Free Space | 31,42% Space Free | Partition Type: NTFS Drive E: | 96,19 Gb Total Space | 10,74 Gb Free Space | 11,17% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MACIEK Current User Name: Ja Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (All) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation) .cpl [@ = cplfile] -- C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation) .hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\WINDOWS\system32\ieframe.DLL (Microsoft Corporation) .js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation) .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- D:\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation) hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- "D:\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) regfile [open] -- "regedit.exe" "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- D:\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "57645:TCP" = 57645:TCP:*:Enabled:Pando Media Booster "57645:UDP" = 57645:UDP:*:Enabled:Pando Media Booster [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "57645:TCP" = 57645:TCP:*:Enabled:Pando Media Booster "57645:UDP" = 57645:UDP:*:Enabled:Pando Media Booster "8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher "8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher "8370:TCP" = 8370:TCP:*:Enabled:League of Legends Launcher "8370:UDP" = 8370:UDP:*:Enabled:League of Legends Launcher "6893:TCP" = 6893:TCP:*:Enabled:League of Legends Launcher "6893:UDP" = 6893:UDP:*:Enabled:League of Legends Launcher "6964:TCP" = 6964:TCP:*:Enabled:League of Legends Launcher "6964:UDP" = 6964:UDP:*:Enabled:League of Legends Launcher ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\FlashGet\FlashGet.exe" = D:\FlashGet\FlashGet.exe:*:Enabled:Flashget2 -- (FLASHGET) "D:\FlashGet\LiveUpdate.exe" = D:\FlashGet\LiveUpdate.exe:*:Enabled:FGLiveUpdate -- File not found "D:\FlashGet\LiveUpdateEx.exe" = D:\FlashGet\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx -- File not found "D:\GG\gg.exe" = D:\GG\gg.exe:*:Enabled:Nowe Gadu-Gadu -- File not found "D:\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) "D:\Microsoft Office\Office12\GROOVE.EXE" = D:\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation) "D:\Microsoft Office\Office12\ONENOTE.EXE" = D:\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated) "D:\Xfire\Xfire.exe" = D:\Xfire\Xfire.exe:*:Enabled:Xfire -- File not found "D:\Steam\SteamApps\bosss20\counter-strike\hl.exe" = D:\Steam\SteamApps\bosss20\counter-strike\hl.exe:*:Enabled:Half-Life Launcher -- File not found "D:\cod4\Call of Duty 4 - Modern Warfare\iw3mp.exe" = D:\cod4\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare -- File not found "D:\BF 2\BFBC2Updater.exe" = D:\BF 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2 -- (EA Digital Illusions CE AB) "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () "D:\League of Legends\Air\LolClient.exe" = D:\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby -- (Adobe Systems Inc.) "D:\League of Legends\Game\League of Legends.exe" = D:\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client -- () "D:\League of Legends\League of Legends\air\LolClient.exe" = D:\League of Legends\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby -- () "D:\League of Legends\League of Legends\game\League of Legends.exe" = D:\League of Legends\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client -- () "D:\Street Fighter\StreetFighterIV.exe" = D:\Street Fighter\StreetFighterIV.exe:*:Enabled:STREET FIGHTER IV -- (CAPCOM U.S.A., INC.) "D:\WTW\wtw.exe" = D:\WTW\wtw.exe:*:Enabled:WTW Instant Messenger -- (K2T.eu, Kaworu) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4 "{0C7C36F0-CBA9-4131-8EAD-9377189AAF2C}" = Autodesk Robot Structural Analysis "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup "{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4 "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{10A532D0-EEA9-4217-9254-3E8DEC0E9F23}" = Autodesk Robot Structural Analysis Professional 2009 "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{1A6A6531-08FC-47AD-BAC4-C41497E71045}" = Nero 7 Essentials "{1DF5019A-68B5-4ba1-8E59-E185C7B7FF11}" = Komunikator WTW "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java 6 Update 15 "{300A2961-B2B5-4889-9CB9-5C2A570D08AD}" = Debugging Tools for Windows (x86) "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2 "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{83F81F91-7BE9-44D1-98AF-2B87E0B8710C}" = AMD Fusion for Gaming 1.0 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{85EE0712-A483-43C7-9912-6322F46BC987}" = Autodesk Robot Structural Analysis "{8D2C1E44-7685-4D05-8342-B0DC6422FA47}" = Ulead Straight-to-Disc SDK "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{91CD9B80-E2D0-4AEA-A8DE-F1272672C2B3}" = Autodesk Robot Structural Analysis "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A3207008-BED1-479A-B0B8-1C0EE227A523}" = Autodesk Robot Structural Analysis "{AC76BA86-7AD7-1045-7B44-A92000000001}" = Adobe Reader 9.2 - Polish "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B395BC1D-CC06-425E-9049-4CD985EFF004}" = LightScribe 1.8.15.1 "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BE4AA694-815A-4045-BD49-C94F2BED7458}" = WinFast Entertainment Center(WDM Driver) "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C882DE6B-1482-42D6-A7C2-A9F946EDBAF6}" = WinFast PVR "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4 "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "ACE LoL Client" = League of Legends - ACE Client by Matricus "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4 "ASIO4ALL" = ASIO4ALL "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner (remove only) "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI "EA Download Manager" = EA Download Manager "ENTERPRISE" = Microsoft Office Enterprise 2007 "FL Studio 7" = FL Studio 7 "FlashGet 2.0" = FlashGet 2.0 "ie8" = Windows Internet Explorer 8 "IL Download Manager" = IL Download Manager "InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare 1.6 Patch "InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch "League of Legends_is1" = League of Legends "Lexmark 3300 Series" = Lexmark 3300 Series "Lexmark Fax Solutions" = Oprogramowanie faksowe Lexmark "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2 "NVIDIA Drivers" = NVIDIA Drivers "PunkBusterSvc" = PunkBuster Services "Samsung CLP-310 Series" = Samsung CLP-310 Series "SubEdit-Player_is1" = SubEdit-Player "WIC" = Windows Imaging Component "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 2010-09-09 04:14:16 | Computer Name = MACIEK | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-09-09 04:14:16 | Computer Name = MACIEK | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-09-09 04:14:17 | Computer Name = MACIEK | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: A connection with the server could not be established Error - 2010-09-10 10:04:15 | Computer Name = MACIEK | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-09-10 10:04:15 | Computer Name = MACIEK | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-09-10 10:04:16 | Computer Name = MACIEK | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: A connection with the server could not be established Error - 2010-09-11 03:29:51 | Computer Name = MACIEK | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-09-11 03:29:51 | Computer Name = MACIEK | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-09-11 03:29:52 | Computer Name = MACIEK | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: A connection with the server could not be established Error - 2010-09-12 09:55:07 | Computer Name = MACIEK | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca iexplore.exe, wersja 8.0.6001.18702, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. [ System Events ] Error - 2010-09-09 04:14:03 | Computer Name = MACIEK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi DgiVecp z powodu następującego błędu: %%2 Error - 2010-09-09 04:14:03 | Computer Name = MACIEK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu: %%2 Error - 2010-09-10 10:03:54 | Computer Name = MACIEK | Source = Ftdisk | ID = 262189 Description = System nie może pomyślnie załadować sterownika zrzutu awaryjnego. Error - 2010-09-10 10:03:54 | Computer Name = MACIEK | Source = Ftdisk | ID = 262193 Description = Konfigurowanie pliku strony dla zrzutu awaryjnego nie powiodło się. Upewnij się, że na partycji rozruchowej znajduje się plik strony i że jest wystarczająco duży, aby zawierać całą pamięć fizyczną. Error - 2010-09-10 10:04:00 | Computer Name = MACIEK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi DgiVecp z powodu następującego błędu: %%2 Error - 2010-09-10 10:04:00 | Computer Name = MACIEK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu: %%2 Error - 2010-09-11 03:29:37 | Computer Name = MACIEK | Source = Ftdisk | ID = 262189 Description = System nie może pomyślnie załadować sterownika zrzutu awaryjnego. Error - 2010-09-11 03:29:37 | Computer Name = MACIEK | Source = Ftdisk | ID = 262193 Description = Konfigurowanie pliku strony dla zrzutu awaryjnego nie powiodło się. Upewnij się, że na partycji rozruchowej znajduje się plik strony i że jest wystarczająco duży, aby zawierać całą pamięć fizyczną. Error - 2010-09-11 03:29:38 | Computer Name = MACIEK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi DgiVecp z powodu następującego błędu: %%2 Error - 2010-09-11 03:29:38 | Computer Name = MACIEK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu: %%2 < End of report > otl.txt OTL logfile created on: 2010-09-12 21:05:32 - Run 2 OTL by OldTimer - Version 3.2.12.0 Folder = C:\Documents and Settings\Ja\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 74,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): c:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 40,00 Gb Total Space | 15,38 Gb Free Space | 38,44% Space Free | Partition Type: NTFS Drive D: | 96,68 Gb Total Space | 30,38 Gb Free Space | 31,42% Space Free | Partition Type: NTFS Drive E: | 96,19 Gb Total Space | 10,74 Gb Free Space | 11,17% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MACIEK Current User Name: Ja Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010-09-12 21:04:59 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ja\Pulpit\OTL.exe PRC - [2010-09-10 16:29:36 | 001,753,088 | ---- | M] (K2T.eu, Kaworu) -- D:\WTW\wtw.exe PRC - [2010-04-01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- D:\Avira\AntiVir Desktop\avguard.exe PRC - [2010-03-02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- D:\Avira\AntiVir Desktop\avgnt.exe PRC - [2010-02-24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- D:\Avira\AntiVir Desktop\sched.exe PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- D:\Avira\AntiVir Desktop\avshadow.exe PRC - [2009-07-25 05:23:10 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- D:\Java\bin\jqs.exe PRC - [2009-04-23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- D:\DAEMON Tools\daemon.exe PRC - [2008-08-08 07:03:41 | 000,524,288 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe PRC - [2008-04-14 23:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-10-27 00:47:42 | 000,031,016 | ---- | M] (Microsoft Corporation) -- D:\Microsoft Office\Office12\GrooveMonitor.exe ========== Modules (SafeList) ========== MOD - [2010-09-12 21:04:59 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ja\Pulpit\OTL.exe MOD - [2008-04-14 23:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - [2010-04-01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010-02-24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009-10-11 23:27:07 | 003,369,044 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2009-09-14 15:41:40 | 000,079,360 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2009-07-25 05:23:10 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- D:\Java\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2009-07-21 17:04:24 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2007-04-13 21:09:56 | 000,792,112 | ---- | M] (Nero AG) [On_Demand | Stopped] -- D:\Nero 7\Nero BackItUp\NBService.exe -- (NBService) SRV - [2006-10-27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) SRV - [2005-07-06 16:04:20 | 000,466,944 | ---- | M] (Lexmark International, Inc.) [On_Demand | Stopped] -- C:\WINDOWS\System32\lxcccoms.exe -- (lxcc_device) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\SSPORT.sys -- (SSPORT) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd) DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Lineage II\system\npkcrypt.sys -- (npkcrypt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Ja\USTAWI~1\Temp\MUR5.tmp -- (GarenaPEngine) DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\DgiVecp.sys -- (DgiVecp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\AmdTools.sys -- (AmdTools) DRV - [2010-06-12 18:11:02 | 000,137,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK) DRV - [2010-03-01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2010-02-16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009-10-21 15:01:16 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs) DRV - [2009-10-16 13:22:58 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009-10-16 13:22:58 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-10-02 20:39:48 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32) DRV - [2009-09-23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009-08-17 17:20:17 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-06-10 06:03:00 | 008,087,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2009-06-02 12:02:46 | 005,085,184 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009-05-11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009-05-11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2008-08-05 14:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2008-04-13 23:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-06-29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD) DRV - [2006-11-27 10:33:54 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006-11-27 10:33:50 | 000,058,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-10-18 10:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2006-01-04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2005-01-06 16:55:38 | 000,009,446 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Stopped] -- D:\TV\WFIOCTL.sys -- (WFIOCTL) DRV - [2004-10-18 11:25:06 | 000,010,324 | ---- | M] (Copyright @2000-2006 Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WF88XBAR.sys -- (WF88XBAR) DRV - [2004-10-18 11:25:04 | 000,208,851 | ---- | M] (Copyright @2000-2006 Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wf88vcap.sys -- (WF23880) DRV - [2004-10-18 11:25:04 | 000,034,789 | ---- | M] (Copyright @2000-2006 Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wf88tune.sys -- (WFTUNE) DRV - [2002-01-12 16:30:34 | 000,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PortTalk.sys -- (PortTalk) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.30 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100827 FF - prefs.js..extensions.enabledItems: rein@notiz.jp:3.6.1 FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: D:\Java\lib\deploy\jqs\ff [2009-07-18 23:04:28 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: D:\Mozilla Firefox\components [2010-08-14 13:28:46 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: D:\Mozilla Firefox\plugins [2010-07-24 20:24:34 | 000,000,000 | ---D | M] [2009-12-07 22:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Extensions [2010-09-11 22:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\t2syn4t9.default\extensions [2010-08-31 21:28:24 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\t2syn4t9.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010-09-07 20:20:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\t2syn4t9.default\extensions\nasanightlaunch@example.com [2010-03-28 22:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\t2syn4t9.default\extensions\rein@notiz.jp [2009-12-21 21:03:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\t2syn4t9.default\extensions\thepiratebay@toolbar O1 HOSTS File: ([2010-02-16 17:41:45 | 000,000,019 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - D:\FlashGet\ComDlls\bhoCATCH.dll (FlashGet) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Java\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [avgnt] D:\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [GrooveMonitor] D:\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [LXCCCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.DLL () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe () O4 - HKCU..\Run: [DAEMON Tools Lite] D:\DAEMON Tools\daemon.exe (DT Soft Ltd) O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O8 - Extra context menu item: &Download All by FlashGet - D:\FlashGet\ComDlls\Bhoall.htm () O8 - Extra context menu item: &Download by FlashGet - D:\FlashGet\ComDlls\Bholink.htm () O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O15 - HKCU\..Trusted Domains: ovi.com ([www.music] https in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.233,93.188.161.233 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-07-13 08:03:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-02-16 19:13:13 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-02-16 19:13:13 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-02-16 19:13:13 | 000,000,000 | ---D | M] - E:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{5be2cb8c-a133-11de-afbf-001d7d5a3305}\Shell - "" = AutoRun O33 - MountPoints2\{5be2cb8c-a133-11de-afbf-001d7d5a3305}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-09-12 21:04:53 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ja\Pulpit\OTL.exe [2010-09-12 20:58:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe [2010-09-12 12:55:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Ja\IECompatCache [2010-09-08 16:13:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\Nowy folder [2010-09-06 20:54:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\Płomień 81 - Nasze Dni [2010-09-06 19:36:57 | 000,057,344 | ---- | C] (Samsung Electronics) -- C:\WINDOWS\System32\ssdevm.dll [2010-09-06 19:36:57 | 000,049,152 | ---- | C] (Samsung Electronics) -- C:\WINDOWS\System32\ssusbpn.dll [2010-09-06 19:36:57 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll [2010-09-06 19:36:57 | 000,021,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml2a.dll [2010-09-06 19:36:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Samsung [2010-09-06 19:35:39 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung [2010-09-06 19:34:57 | 000,151,552 | ---- | C] (SS) -- C:\WINDOWS\System32\cl31cci.exe [2010-09-06 19:34:57 | 000,065,536 | ---- | C] (SS) -- C:\WINDOWS\System32\cl31cci.dll [2010-09-01 20:14:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ja\Recent [2010-08-28 22:53:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\Tede-[Filtr wulgaryzmów]_Tede_-_Glam_Rap-(WJN12)-2CD-PL-2010-211 [2010-08-28 14:31:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\ApplicationHistory [2010-08-27 15:03:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\CAPCOM [2010-08-14 10:12:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\Endefis-Byc_Albo_Nie_Byc-PL-2005-TET [2008-08-14 08:14:14 | 000,079,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Dane aplikacji\adobetmp000128658 ========== Files - Modified Within 30 Days ========== [2010-09-12 21:04:59 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ja\Pulpit\OTL.exe [2010-09-11 10:57:27 | 004,718,592 | ---- | M] () -- C:\Documents and Settings\Ja\ntuser.dat [2010-09-11 10:05:08 | 000,116,106 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\TorrentCity.pl_the_experiment__2010_festival_dvdrip_xvid-depravityengtc_coolraper_105743.torrent [2010-09-11 10:04:11 | 000,044,758 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\TorrentCity.pl_atak_na_posterunek_13_-_assault_on_precinct_13_2005_720p_blurarip_x264-hdlite_engtc_98513.torrent [2010-09-11 10:03:46 | 000,067,758 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\TorrentCity.pl_repo_men_2010_unrated_720p_bluray_x264-machd_eng_koll77tc_97871.torrent [2010-09-11 09:59:10 | 000,030,452 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\TorrentCity.pl_valhalla_rising_2009_proper_dvdrip_xvid-gxpengnapisy_plagusiq__106138.torrent [2010-09-11 09:54:12 | 000,029,586 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\TorrentCity.pl_ciemnosc_rusza_do_boju_-_the_seeker_the_dark_is_rising_2007_dvdrip_xvid-miguel_lektor_pl_106244.torrent [2010-09-11 09:32:56 | 000,235,380 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010-09-11 09:29:27 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-09-11 09:29:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-09-10 23:51:39 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Ja\ntuser.ini [2010-09-10 16:03:42 | 000,002,300 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-08-28 16:58:43 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-08-28 14:31:10 | 000,000,127 | ---- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-08-27 14:55:20 | 000,001,473 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\STREET FIGHTER IV.lnk [2010-08-27 14:17:00 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\SI.bin [2010-08-13 21:20:57 | 090,143,609 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\Endefis-Byc_Albo_Nie_Byc-PL-2005-TET.rar ========== Files Created - No Company Name ========== [2010-09-11 10:05:08 | 000,116,106 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\TorrentCity.pl_the_experiment__2010_festival_dvdrip_xvid-depravityengtc_coolraper_105743.torrent [2010-09-11 10:04:11 | 000,044,758 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\TorrentCity.pl_atak_na_posterunek_13_-_assault_on_precinct_13_2005_720p_blurarip_x264-hdlite_engtc_98513.torrent [2010-09-11 10:03:45 | 000,067,758 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\TorrentCity.pl_repo_men_2010_unrated_720p_bluray_x264-machd_eng_koll77tc_97871.torrent [2010-09-11 09:59:10 | 000,030,452 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\TorrentCity.pl_valhalla_rising_2009_proper_dvdrip_xvid-gxpengnapisy_plagusiq__106138.torrent [2010-09-11 09:54:12 | 000,029,586 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\TorrentCity.pl_ciemnosc_rusza_do_boju_-_the_seeker_the_dark_is_rising_2007_dvdrip_xvid-miguel_lektor_pl_106244.torrent [2010-09-06 19:36:57 | 000,479,232 | ---- | C] () -- C:\WINDOWS\ssndii.exe [2010-09-06 19:36:21 | 000,011,502 | ---- | C] () -- C:\WINDOWS\Dr. Printer Icon.ico [2010-09-06 19:34:57 | 000,022,723 | ---- | C] () -- C:\WINDOWS\System32\cl31cl3.dll [2010-09-06 19:34:57 | 000,000,361 | ---- | C] () -- C:\WINDOWS\System32\cl31cl3.smt [2010-08-28 14:31:10 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-08-27 14:55:20 | 000,001,473 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\STREET FIGHTER IV.lnk [2010-08-27 14:17:00 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\SI.bin [2010-08-13 21:15:15 | 090,143,609 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\Endefis-Byc_Albo_Nie_Byc-PL-2005-TET.rar [2010-05-27 19:09:09 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini [2010-04-24 10:27:50 | 000,000,268 | ---- | C] () -- C:\WINDOWS\game.ini [2010-03-24 16:12:32 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2010-03-24 16:12:32 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2010-03-24 16:12:32 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2010-02-19 16:37:42 | 000,137,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-11-13 18:47:17 | 000,187,312 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2009-11-13 18:38:11 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2009-11-06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2009-10-16 13:22:58 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009-10-16 13:22:58 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009-10-02 20:39:48 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys [2009-09-25 16:15:36 | 000,001,065 | ---- | C] () -- C:\WINDOWS\winamp.ini [2009-09-14 15:41:40 | 000,000,062 | ---- | C] () -- C:\WINDOWS\RUNTEST.INI [2009-08-17 17:16:07 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-08-11 12:02:51 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-07-25 16:39:04 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL [2009-07-25 16:39:04 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL [2009-07-25 16:38:44 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\LXPMONRC.DLL [2009-07-25 16:37:24 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxccvs.dll [2009-07-25 16:37:18 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\lxccjswr.dll [2009-07-25 16:37:18 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\lxccinsr.dll [2009-07-25 16:37:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\lxcccur.dll [2009-07-25 14:47:31 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Ja\Dane aplikacji\PnkBstrK.sys [2009-07-14 11:25:54 | 000,043,520 | ---- | C] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-06-10 08:29:34 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009-06-10 08:29:34 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009-06-10 08:29:34 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2009-06-10 08:29:32 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll ========== LOP Check ========== [2009-11-27 21:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ashampoo [2009-09-14 15:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2009-08-17 17:17:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-05-10 15:51:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EA Core [2010-05-10 15:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2009-08-10 18:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2009-12-07 20:40:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic [2009-07-14 21:56:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-07-14 14:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2009-09-13 21:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-03-14 11:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2009-07-13 21:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems [2010-03-13 14:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\.wtw [2009-09-14 15:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Autodesk [2010-09-12 10:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\BITS [2009-08-31 16:02:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\DAEMON Tools Lite [2010-03-13 14:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Gadu-Gadu [2010-07-14 20:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\LolClient [2009-12-07 20:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Nokia [2009-07-13 21:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Nowe Gadu-Gadu [2009-07-14 21:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\OpenFM [2009-12-07 20:44:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\PC Suite [2010-02-21 16:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\TS3Client [2010-03-14 11:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Ubisoft ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:E41EAF13 < End of report > Odnośnik do komentarza
Landuss Opublikowano 12 Września 2010 Zgłoś Udostępnij Opublikowano 12 Września 2010 Avira też wyrzuca jakieś komunikaty To musisz sprecyzować dokładnie co to są za komunikaty i o jakiej treści. Gmera oczywiście wykonać musisz. Pamiętaj tylko o wyłączeniu emulatorów bo obecnie masz aktywne. Poza tym możesz wykonać też log z MBRCheck Odnośnik do komentarza
Jagla Opublikowano 13 Września 2010 Autor Zgłoś Udostępnij Opublikowano 13 Września 2010 No to sprawa ma się tak. Z aviry tu jest raport (ale wyłączyłem skanowanie gdzieś w połowię, bo jak już zobaczyłem, że coś jest no to nie czekałem do końca tylko od razu wszedłem tutaj na forum) http://www.wklej.org/id/388366/ z Gmerem sprawa ma się tak (ten problem mam już od dawna, nie tylko teraz), że gmer zawiesza się w momencie kiedy chcę zapisać log... Wyskakuje brak odpowiedzi no i nie mogę nic zrobić, dlatego loga nie mam (dać z czegoś innego ?? Z co do tego MBRCheck, to tu też jest problem, bo gdy go włączyłem, no to chwilę postał (to wtedy chyba skanuje) i wywaliło mi BSODA, ale gdy wszedłem po restarcie jakiś log został utworzony http://www.wklej.org/id/388368/ Mogło to być spowodowane tym, że prawdopodobnie mam Bad Sectory na dysku, lub nie jest on w 100% sprawny, bo kiedyś miałem problemy z zasilaczem no i dostało mu się wtedy trochę. Wrzucić coś jeszcze ?? Odnośnik do komentarza
Landuss Opublikowano 13 Września 2010 Zgłoś Udostępnij Opublikowano 13 Września 2010 (edytowane) Według logów nie ma tutaj czym się przejmować. To co wykryła Avira to tylko na partycji E i są to obiekty od infekcji z pendrive. Według raportu Avira zostały usunięte. Dla pewności możesz wkleić jeszcze log z USBFix z opcji Listing, żeby sprawdzić partycje na okoliczność tej infekcji. Wykonaj też następujący skrypt do OTL (kosmetyczne usuwanie pustych usług i oczyszczanie tempów): :OTL SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\SSPORT.sys -- (SSPORT) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd) DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Lineage II\system\npkcrypt.sys -- (npkcrypt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Ja\USTAWI~1\Temp\MUR5.tmp -- (GarenaPEngine) DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\DgiVecp.sys -- (DgiVecp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\AmdTools.sys -- (AmdTools) :Commands [emptyflash] [emptytemp] Wkleić możesz tutaj tylko log powstały z usuwania. Powinien się otworzyć w Notatniku, jeśli nie - będzie w folderze C:\_OTL Sprawdź też czy na każdej przeglądarce masz problem z wczytywaniem stron. Mogło to być spowodowane tym, że prawdopodobnie mam Bad Sectory na dysku, lub nie jest on w 100% sprawny, bo kiedyś miałem problemy z zasilaczem no i dostało mu się wtedy trochę. Wrzucić coś jeszcze ?? Taką diagnostyke to już trzeba wystawiać w dziale Hardware. Edytowane 17 Października 2011 przez picasso 13.10.2010 - Temat zostaje zamknięty z powodu braku odpowiedzi. //picasso Odnośnik do komentarza
Rekomendowane odpowiedzi