kajoj Opublikowano 27 Grudnia 2012 Zgłoś Udostępnij Opublikowano 27 Grudnia 2012 Witam, Komp "złapał" wirusa plicyjnego, po starcie systemu nie mogę nic uruchomić, gdyż wyskakuje nie dający się usunąć komunikat wirusa. Zamieszczam log z OTLPE Dziękuję za pomoc i wszelkie uwagi. OTL.Txt Odnośnik do komentarza
kajoj Opublikowano 3 Stycznia 2013 Autor Zgłoś Udostępnij Opublikowano 3 Stycznia 2013 Czy mogę liczyć na jakąkolwiek pomoc? wkleiłem to: :Files C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk :commands [emptytemp] ale nadal siedzi, oto nowy Log z OTLPE (dodam, że OTLPE zawiesił się podczas pracy, czy to możliwe, że tak długo czyścił pliki tymczasowe?): OTL logfile created on: 12/29/2012 2:54:22 PM - Run OTLPE by OldTimer - Version 3.1.30.1 Folder = X:\Programs\OTLPE Windows Vista ™ Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 88.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 254.15 Gb Total Space | 145.68 Gb Free Space | 57.32% Space Free | Partition Type: NTFS Drive D: | 29.19 Gb Total Space | 26.83 Gb Free Space | 91.93% Space Free | Partition Type: NTFS Drive E: | 14.42 Gb Total Space | 14.42 Gb Free Space | 100.00% Space Free | Partition Type: FAT32 F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive X: | 276.79 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO Current User Name: SYSTEM Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard Using ControlSet: ControlSet002 ========== Win32 Services (SafeList) ========== SRV - [2012/12/26 14:26:07 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Users\User\AppData\Local\Temp\wpbt0.dll -- (Winmgmt) SRV - [2012/08/12 15:49:48 | 000,194,032 | ---- | M] (Google) [On_Demand] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2011/07/19 23:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2011/05/18 09:18:50 | 000,099,896 | R--- | M] (HP) [Auto] -- C:\Windows\System32\HPSIsvc.exe -- (HPSIService) SRV - [2011/02/22 08:33:09 | 000,797,696 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2010/12/10 11:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) [Auto] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2010/12/10 11:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) [Auto] -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS) SRV - [2010/12/10 11:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) [Auto] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser) SRV - [2010/12/10 11:29:30 | 000,044,384 | ---- | M] (Microsoft Corporation) [Disabled] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper) SRV - [2010/05/11 08:58:04 | 000,247,352 | ---- | M] (HP) [Auto] -- C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe -- (HPM1210RcvFaxSrvc) SRV - [2010/04/29 14:48:38 | 000,136,176 | ---- | M] (Google Inc.) [On_Demand] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdatem) Usługa Google Update (gupdatem) SRV - [2010/04/29 14:48:38 | 000,136,176 | ---- | M] (Google Inc.) [Auto] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate) SRV - [2010/03/18 06:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 06:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/10/26 15:31:20 | 000,103,736 | ---- | M] () [Auto] -- C:\Windows\System32\PnkBstrB.exe -- (PnkBstrB) SRV - [2009/10/26 15:30:47 | 000,066,872 | ---- | M] () [Auto] -- C:\Windows\System32\PnkBstrA.exe -- (PnkBstrA) SRV - [2009/10/15 04:13:50 | 000,136,192 | ---- | M] (HP) [Auto] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service) SRV - [2009/01/15 12:32:59 | 000,203,296 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc) SRV - [2008/09/27 13:00:24 | 000,430,080 | ---- | M] (Lenovo Group Limited) [Auto] -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe -- (System_Repair_UpdateMonitor) SRV - [2008/08/26 14:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) [Auto] -- c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins) SRV - [2008/02/22 11:10:38 | 000,054,272 | ---- | M] () [Auto] -- C:\Program Files\RALINK\Common\RalinkRegistryWriter.exe -- (RalinkRegistryWriter) SRV - [2008/02/14 15:33:14 | 000,032,768 | ---- | M] (Lenovo Group Limited) [Auto] -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS) SRV - [2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\IgrsSvcs.exe -- (ReadyComm.DirectRouter) SRV - [2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\IgrsSvcs.exe -- (PS_MDP) SRV - [2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\IgrsSvcs.exe -- (IncSvc) SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/20 21:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008/01/20 21:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2008/01/16 14:04:36 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2007/10/02 23:53:00 | 000,094,208 | R--- | M] () [Auto] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2007/01/02 10:27:38 | 000,225,280 | ---- | M] (Hewlett-Packard Co.) [On_Demand] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08) SRV - [2006/11/08 17:35:38 | 000,053,248 | ---- | M] (Hewlett-Packard) [Auto] -- C:\Windows\System32\hpzipm12.dll -- (Pml Driver HPZ12) SRV - [2006/11/02 07:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\ehome\ehstart.dll -- (ehstart) SRV - [2006/10/26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2005/11/13 18:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand] -- -- (IpInIp) DRV - [2012/02/29 08:32:37 | 000,012,800 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec) DRV - [2011/04/15 11:14:14 | 000,017,408 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mvusbews.sys -- (mvusbews) DRV - [2011/04/15 11:14:14 | 000,013,824 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\HPM1210FAX.sys -- (HP1210FAX) DRV - [2009/07/26 00:27:54 | 000,049,472 | ---- | M] () [Kernel | System] -- C:\Windows\System32\drivers\funfrm.sys -- (funfrm) DRV - [2009/06/26 15:55:12 | 000,066,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2009/05/18 22:43:08 | 000,021,520 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC) DRV - [2009/04/11 00:06:26 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan) DRV - [2009/04/10 23:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2009/01/15 12:32:59 | 007,699,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008/09/12 00:32:55 | 000,327,192 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor) DRV - [2008/09/09 05:06:43 | 002,167,128 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/08/28 20:39:08 | 000,048,192 | ---- | M] (Lenovo) [Kernel | Auto] -- C:\Windows\System32\drivers\tvtumon.sys -- (tvtumon) DRV - [2008/07/31 00:55:19 | 000,017,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid) DRV - [2008/07/31 00:55:13 | 000,029,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap) DRV - [2008/07/31 00:55:09 | 000,100,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt) DRV - [2008/07/31 00:55:05 | 000,081,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio) DRV - [2008/06/24 17:55:12 | 000,047,104 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2008/06/13 14:23:12 | 000,008,832 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror) DRV - [2008/06/13 14:22:02 | 000,008,832 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\drivers\Wdkbdmou.sys -- (Wdkbdmou) DRV - [2008/06/11 05:23:11 | 001,097,856 | ---- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2008/05/29 03:29:41 | 000,199,600 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2008/05/22 19:08:28 | 001,747,200 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2008/04/27 17:29:25 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Sterownik karty Intel® DRV - [2008/03/28 06:44:56 | 000,210,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2008/02/26 10:17:28 | 000,493,568 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\netr73.sys -- (netr73) DRV - [2008/01/24 12:08:34 | 000,010,880 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ITEhidCIR.sys -- (vhidmini) DRV - [2008/01/20 21:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/20 21:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/20 21:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/20 21:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/20 21:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/20 21:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/20 21:23:26 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\MODEMCSA.sys -- (MODEMCSA) DRV - [2008/01/20 21:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/20 21:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/20 21:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/20 21:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008/01/20 21:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/20 21:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/20 21:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/20 21:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/20 21:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/20 21:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/20 21:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/20 21:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV - [2008/01/20 21:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/20 21:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/01/20 21:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/01/20 21:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2008/01/10 12:59:08 | 000,081,192 | ---- | M] (CyberLink) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD) DRV - [2007/07/30 13:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007/07/30 12:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007/05/23 18:33:58 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr) DRV - [2006/12/14 02:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 02:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock) DRV - [2006/11/02 01:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv) DRV - [2006/04/04 16:20:37 | 000,009,344 | ---- | M] (Hewlett Packard) [Kernel | On_Demand] -- C:\Windows\System32\drivers\hpfxbulk.sys -- (HPFXBULK) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com IE - HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data] IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\User_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.niezalezna.pl/ IE - HKU\User_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\User_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 08:27:28 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/27 06:13:01 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/18 08:27:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2012/08/27 06:13:00 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll [2012/08/27 06:12:56 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2012/08/27 06:12:56 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2012/08/27 06:12:55 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2012/08/27 06:12:55 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2012/08/27 06:12:55 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2012/08/27 06:12:55 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\User_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\User_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKLM..\RunOnce: [OTL] C:\OTLPE.exe (OldTimer Tools) O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF [binary data] O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SetVisualStyle = %SystemRoot%\Resources\Themes\Luna.theme File not found O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} http://cached.gamede...ds_2_0_0_36.cab (Ganymede Board Games) O16 - DPF: {41ACD49D-791A-1974-0981-AA9872721044} http://cached.gamede...ds_2_0_0_39.cab (Ganymede Board Games) O16 - DPF: {556EEC63-31E2-47C3-BF29-DFF799D2FE04} https://secure.logme...ivex/RACtrl.cab (Remote Access ActiveX Client) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object) O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=972 (Performance Viewer Activex Control) O16 - DPF: {FDDBE2B8-4AD8-6602-946D-94C5A32FA6C1} http://cached.gamede...d8_2_0_0_40.cab (GameDesire Pool 8) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012/12/29 14:53:17 | 000,546,304 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe [2012/12/29 14:53:11 | 000,000,000 | ---D | C] -- C:\_OTL [2012/12/29 14:42:08 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft [2012/12/29 14:39:42 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Local Settings\Application Data\Temp [2012/12/29 14:39:41 | 000,000,000 | --SD | C] -- B:\Documents and Settings\Default User\Cookies [2012/12/29 14:39:41 | 000,000,000 | R--D | C] -- B:\Documents and Settings\Default User\Recent [2012/12/29 14:39:41 | 000,000,000 | R--D | C] -- B:\Documents and Settings\Default User\My Documents\My Pictures [2012/12/29 14:39:41 | 000,000,000 | R--D | C] -- B:\Documents and Settings\Default User\My Documents\My Music [2012/12/29 14:39:41 | 000,000,000 | R--D | C] -- B:\Documents and Settings\Default User\My Documents [2012/12/29 14:39:41 | 000,000,000 | R--D | C] -- B:\Documents and Settings\Default User\Favorites [2012/12/29 14:39:41 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Templates [2012/12/29 14:39:41 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Start Menu [2012/12/29 14:39:41 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\SendTo [2012/12/29 14:39:41 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\PrintHood [2012/12/29 14:39:41 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\NetHood [2012/12/29 14:39:41 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\My Documents\My Videos [2012/12/29 14:39:41 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Application Data\Microsoft [2012/12/29 14:39:41 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Local Settings [2012/12/29 14:39:41 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Desktop [2012/12/29 14:39:41 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Application Data [2012/12/22 06:53:52 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012/12/22 06:53:52 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2012/12/13 01:18:57 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012/12/13 01:18:57 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2012/12/13 01:18:56 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012/12/13 01:18:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012/12/13 01:18:56 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012/12/13 01:18:56 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012/12/13 01:18:55 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012/12/13 01:18:55 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2012/12/13 01:18:55 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012/12/13 01:18:54 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012/12/13 01:14:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll [2012/12/13 01:14:14 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll [2012/12/13 01:14:14 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll [2012/12/13 01:14:11 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll [2012/12/13 01:14:11 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe [2012/12/13 01:14:11 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys [2012/12/13 01:14:11 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll [2012/12/12 01:59:06 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012/12/12 01:59:05 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll [2012/12/12 01:59:04 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe [2012/12/12 01:58:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2009/07/25 23:40:39 | 000,229,376 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll ========== Files - Modified Within 30 Days ========== [2012/12/29 14:50:06 | 000,001,251 | ---- | M] () -- B:\Documents and Settings\Default User\Desktop\Internet Explorer.lnk [2012/12/29 14:43:56 | 000,001,332 | ---- | M] () -- B:\Documents and Settings\Default User\Desktop\OTLPE.lnk [2012/12/27 10:14:22 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat [2012/12/27 10:13:54 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012/12/27 10:13:54 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012/12/27 10:13:54 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/12/27 10:13:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012/12/27 10:13:41 | 2649,624,576 | -HS- | M] () -- C:\hiberfil.sys [2012/12/27 09:42:12 | 000,000,056 | -HS- | M] () -- C:\_PartitionInfo [2012/12/27 08:32:54 | 000,000,680 | ---- | M] () -- C:\Users\User\AppData\Local\d3d9caps.dat [2012/12/26 14:44:00 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/12/25 17:26:55 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012/12/22 07:08:03 | 000,445,088 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012/12/21 12:45:38 | 308,579,867 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012/12/16 08:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2012/12/16 05:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012/12/05 11:35:19 | 000,891,499 | ---- | M] () -- C:\Users\User\Documents\BROWAR.DREWMET.docx ========== Files Created - No Company Name ========== [2012/12/29 14:39:42 | 000,001,547 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\MSKeyViewer Plus.lnk [2012/12/29 14:39:42 | 000,001,535 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\RegistryEditorPE.lnk [2012/12/29 14:39:42 | 000,001,483 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\HandyRecovery 1.lnk [2012/12/29 14:39:42 | 000,001,479 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Undelete Plus.lnk [2012/12/29 14:39:42 | 000,001,475 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Magical Jelly Bean Keyfinder.lnk [2012/12/29 14:39:42 | 000,001,469 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\DiskPartitioner.lnk [2012/12/29 14:39:42 | 000,001,465 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Agent Ransack.lnk [2012/12/29 14:39:42 | 000,001,437 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\notepad++.lnk [2012/12/29 14:39:42 | 000,001,427 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\2xExplorer.lnk [2012/12/29 14:39:42 | 000,001,371 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\ImgBurn.lnk [2012/12/29 14:39:42 | 000,001,353 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\DriveImage XML.lnk [2012/12/29 14:39:42 | 000,001,347 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\A43 File Management Utility.lnk [2012/12/29 14:39:42 | 000,001,347 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\7-Zip File Manager.lnk [2012/12/29 14:39:42 | 000,001,343 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Windows Registry Recovery.lnk [2012/12/29 14:39:42 | 000,001,332 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\OTLPE.lnk [2012/12/29 14:39:42 | 000,001,313 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Disk Investigator.lnk [2012/12/29 14:39:42 | 000,001,251 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Internet Explorer.lnk [2012/12/27 10:13:41 | 2649,624,576 | -HS- | C] () -- C:\hiberfil.sys [2012/12/13 01:14:27 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012/12/13 01:14:27 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012/08/13 02:28:51 | 000,000,162 | ---- | C] () -- C:\Windows\Readiris.ini [2012/08/08 09:52:00 | 000,167,936 | ---- | C] () -- C:\Windows\System32\HPM1210LM.DLL [2012/08/08 09:36:31 | 000,284,672 | ---- | C] () -- C:\Windows\System32\mvhlewsi.dll [2012/08/08 09:36:30 | 000,013,824 | ---- | C] () -- C:\Windows\System32\drivers\HPM1210FAX.sys [2012/08/08 09:36:28 | 000,167,936 | ---- | C] () -- C:\Windows\System32\m1210wia.dll [2012/08/08 09:36:28 | 000,081,920 | ---- | C] () -- C:\Windows\System32\mvusbews.dll [2012/08/08 09:36:28 | 000,049,152 | ---- | C] () -- C:\Windows\System32\HPM1210SMs.dll [2011/12/27 02:02:06 | 000,000,000 | ---- | C] () -- C:\Users\User\AppData\Local\{E80206D8-8279-4FBF-B241-57D03C24D7F3} [2011/12/10 06:03:09 | 000,000,000 | ---- | C] () -- C:\Users\User\AppData\Local\{E3FCD1BB-7A56-4F96-9D04-EF7EE30F7C66} [2010/04/21 14:43:37 | 000,000,680 | ---- | C] () -- C:\Users\User\AppData\Local\d3d9caps.dat [2010/01/25 05:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\System32\ractrlkeyhook.dll [2009/11/03 11:19:41 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009/11/03 11:19:40 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2009/11/03 11:19:38 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2009/11/03 11:19:38 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009/11/03 11:19:38 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009/11/03 11:19:36 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009/11/03 11:19:36 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2009/10/26 15:31:37 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2009/10/26 15:31:36 | 000,022,328 | ---- | C] () -- C:\Users\User\AppData\Roaming\PnkBstrK.sys [2009/10/26 15:30:37 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini [2009/09/06 13:27:16 | 000,000,861 | ---- | C] () -- C:\Users\User\AppData\Local\RT73_{43892C15-5DDF-4EC0-AFE7-19D723498062}_sta [2009/09/06 13:27:10 | 000,000,835 | ---- | C] () -- C:\Users\User\AppData\Local\RT73_{43892C15-5DDF-4EC0-AFE7-19D723498062}_prof [2009/09/02 04:06:13 | 000,000,092 | ---- | C] () -- C:\Users\User\AppData\Local\fusioncache.dat [2009/08/27 10:33:28 | 000,229,376 | ---- | C] () -- C:\Windows\System32\HPPCPR01.DLL [2009/08/18 12:13:14 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/08/14 18:59:30 | 000,022,016 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/08/12 09:28:30 | 000,053,478 | ---- | C] () -- C:\Windows\mvtcpui.ini [2009/07/26 00:47:21 | 009,338,880 | ---- | C] () -- C:\Windows\System32\Facev.dll [2009/07/26 00:47:21 | 000,208,896 | ---- | C] () -- C:\Windows\System32\image.dll [2009/07/26 00:47:20 | 000,053,248 | ---- | C] () -- C:\Windows\System32\FunFrm.dll [2009/07/26 00:47:19 | 000,655,360 | ---- | C] () -- C:\Windows\System32\EncIcons.dll [2009/07/26 00:47:19 | 000,507,904 | ---- | C] () -- C:\Windows\System32\SimpleExt.dll [2009/07/26 00:47:19 | 000,241,752 | ---- | C] () -- C:\Windows\System32\IcnOvrly.dll [2009/07/26 00:47:18 | 009,502,720 | ---- | C] () -- C:\Windows\System32\FaceVerify.dll [2009/07/26 00:47:18 | 001,974,272 | ---- | C] () -- C:\Windows\System32\Imagereog.dll [2009/07/26 00:47:18 | 001,564,672 | ---- | C] () -- C:\Windows\System32\MainOp.dll [2009/07/26 00:47:18 | 001,163,264 | ---- | C] () -- C:\Windows\System32\PicNotify.dll [2009/07/26 00:47:18 | 000,221,184 | ---- | C] () -- C:\Windows\System32\SetDev.dll [2009/07/26 00:47:18 | 000,126,976 | ---- | C] () -- C:\Windows\System32\VideoOp.dll [2009/07/26 00:47:18 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Momo.dll [2009/07/26 00:47:18 | 000,049,152 | ---- | C] () -- C:\Windows\System32\DevFilt.dll [2009/07/26 00:47:17 | 000,442,368 | ---- | C] () -- C:\Windows\System32\Apblend.dll [2009/07/26 00:27:56 | 000,057,344 | ---- | C] () -- C:\Windows\AsfHelper.dll [2009/07/26 00:27:56 | 000,049,472 | ---- | C] () -- C:\Windows\System32\drivers\funfrm.sys [2009/07/26 00:27:52 | 000,241,664 | ---- | C] () -- C:\Windows\System32\3DImageRenderer.dll [2009/07/25 23:40:39 | 001,747,200 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2009/07/25 23:40:39 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2009/03/03 04:05:19 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008/08/26 14:54:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll [2008/06/13 14:22:02 | 000,008,832 | ---- | C] () -- C:\Windows\System32\drivers\Wdkbdmou.sys [2007/06/19 02:59:36 | 000,070,400 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll [2007/04/20 01:57:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/10/09 11:56:38 | 000,002,991 | ---- | C] () -- C:\Windows\Cpcsrpts.ini [2005/07/28 19:33:56 | 000,020,480 | ---- | C] () -- C:\Windows\System32\hppaecfpdrespo.dll [2001/11/14 15:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [2001/10/24 05:50:36 | 000,000,032 | ---- | C] () -- C:\Windows\hppcap.ini [2001/07/06 21:00:02 | 000,003,234 | ---- | C] () -- C:\Windows\System32\HPTCPMON.INI ========== LOP Check ========== [2011/06/23 04:21:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GanymedeNet [2009/08/14 12:58:56 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Lenovo [2012/09/17 04:04:01 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Marvell [2011/04/12 07:38:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\VSRevoGroup [2009/08/19 12:59:39 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\WA-PRO [2012/12/26 15:19:46 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < [emptytemp] > < End of report > Odnośnik do komentarza
bandrzal Opublikowano 3 Stycznia 2013 Zgłoś Udostępnij Opublikowano 3 Stycznia 2013 Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to: :OTL SRV - [2012/12/26 14:26:07 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Users\User\AppData\Local\Temp\wpbt0.dll -- (Winmgmt) O4 - HKLM..\Run: [] File not found :Commands [emptytemp] Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij Skanuj. Pokaż nowy log OTL.txt oraz raport z usuwania Skryptem. Odnośnik do komentarza
kajoj Opublikowano 4 Stycznia 2013 Autor Zgłoś Udostępnij Opublikowano 4 Stycznia 2013 Usunięty! Dzieki! Po uruchomieniu Windy (wreszcie!) pojawia się tylko komunikat o braku pliku wpbt0.dll oto log (sam log, raportu nie było) OTL logfile created on: 1/4/2013 8:38:15 AM - Run OTLPE by OldTimer - Version 3.1.30.1 Folder = X:\Programs\OTLPE Windows Vista Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 88.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 98.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 254.15 Gb Total Space | 148.43 Gb Free Space | 58.40% Space Free | Partition Type: NTFS Drive D: | 14.42 Gb Total Space | 8.49 Gb Free Space | 58.88% Space Free | Partition Type: FAT32 Drive E: | 29.19 Gb Total Space | 26.83 Gb Free Space | 91.93% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive X: | 276.79 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO Current User Name: SYSTEM Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard Using ControlSet: ControlSet002 ========== Win32 Services (SafeList) ========== SRV - [2012/08/12 15:49:48 | 000,194,032 | ---- | M] (Google) [On_Demand] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2011/07/19 23:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2011/05/18 09:18:50 | 000,099,896 | R--- | M] (HP) [Auto] -- C:\Windows\System32\HPSIsvc.exe -- (HPSIService) SRV - [2011/02/22 08:33:09 | 000,797,696 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2010/12/10 11:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) [Auto] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2010/12/10 11:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) [Auto] -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS) SRV - [2010/12/10 11:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) [Auto] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser) SRV - [2010/12/10 11:29:30 | 000,044,384 | ---- | M] (Microsoft Corporation) [Disabled] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper) SRV - [2010/05/11 08:58:04 | 000,247,352 | ---- | M] (HP) [Auto] -- C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe -- (HPM1210RcvFaxSrvc) SRV - [2010/04/29 14:48:38 | 000,136,176 | ---- | M] (Google Inc.) [On_Demand] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdatem) Usługa Google Update (gupdatem) SRV - [2010/04/29 14:48:38 | 000,136,176 | ---- | M] (Google Inc.) [Auto] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate) SRV - [2010/03/18 06:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 06:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/10/26 15:31:20 | 000,103,736 | ---- | M] () [Auto] -- C:\Windows\System32\PnkBstrB.exe -- (PnkBstrB) SRV - [2009/10/26 15:30:47 | 000,066,872 | ---- | M] () [Auto] -- C:\Windows\System32\PnkBstrA.exe -- (PnkBstrA) SRV - [2009/10/15 04:13:50 | 000,136,192 | ---- | M] (HP) [Auto] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service) SRV - [2009/01/15 12:32:59 | 000,203,296 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc) SRV - [2008/09/27 13:00:24 | 000,430,080 | ---- | M] (Lenovo Group Limited) [Auto] -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe -- (System_Repair_UpdateMonitor) SRV - [2008/08/26 14:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) [Auto] -- c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins) SRV - [2008/02/22 11:10:38 | 000,054,272 | ---- | M] () [Auto] -- C:\Program Files\RALINK\Common\RalinkRegistryWriter.exe -- (RalinkRegistryWriter) SRV - [2008/02/14 15:33:14 | 000,032,768 | ---- | M] (Lenovo Group Limited) [Auto] -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS) SRV - [2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\IgrsSvcs.exe -- (ReadyComm.DirectRouter) SRV - [2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\IgrsSvcs.exe -- (PS_MDP) SRV - [2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\IgrsSvcs.exe -- (IncSvc) SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/20 21:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008/01/20 21:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2008/01/16 14:04:36 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2007/10/02 23:53:00 | 000,094,208 | R--- | M] () [Auto] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2007/01/02 10:27:38 | 000,225,280 | ---- | M] (Hewlett-Packard Co.) [On_Demand] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08) SRV - [2006/11/08 17:35:38 | 000,053,248 | ---- | M] (Hewlett-Packard) [Auto] -- C:\Windows\System32\hpzipm12.dll -- (Pml Driver HPZ12) SRV - [2006/11/02 07:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\ehome\ehstart.dll -- (ehstart) SRV - [2006/10/26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2005/11/13 18:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand] -- -- (IpInIp) DRV - [2012/02/29 08:32:37 | 000,012,800 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec) DRV - [2011/04/15 11:14:14 | 000,017,408 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mvusbews.sys -- (mvusbews) DRV - [2011/04/15 11:14:14 | 000,013,824 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\HPM1210FAX.sys -- (HP1210FAX) DRV - [2009/07/26 00:27:54 | 000,049,472 | ---- | M] () [Kernel | System] -- C:\Windows\System32\drivers\funfrm.sys -- (funfrm) DRV - [2009/06/26 15:55:12 | 000,066,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2009/05/18 22:43:08 | 000,021,520 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC) DRV - [2009/04/11 00:06:26 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan) DRV - [2009/04/10 23:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2009/01/15 12:32:59 | 007,699,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008/09/12 00:32:55 | 000,327,192 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor) DRV - [2008/09/09 05:06:43 | 002,167,128 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/08/28 20:39:08 | 000,048,192 | ---- | M] (Lenovo) [Kernel | Auto] -- C:\Windows\System32\drivers\tvtumon.sys -- (tvtumon) DRV - [2008/07/31 00:55:19 | 000,017,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid) DRV - [2008/07/31 00:55:13 | 000,029,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap) DRV - [2008/07/31 00:55:09 | 000,100,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt) DRV - [2008/07/31 00:55:05 | 000,081,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio) DRV - [2008/06/24 17:55:12 | 000,047,104 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2008/06/13 14:23:12 | 000,008,832 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror) DRV - [2008/06/13 14:22:02 | 000,008,832 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\drivers\Wdkbdmou.sys -- (Wdkbdmou) DRV - [2008/06/11 05:23:11 | 001,097,856 | ---- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2008/05/29 03:29:41 | 000,199,600 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2008/05/22 19:08:28 | 001,747,200 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2008/04/27 17:29:25 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Sterownik karty Intel® DRV - [2008/03/28 06:44:56 | 000,210,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2008/02/26 10:17:28 | 000,493,568 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\netr73.sys -- (netr73) DRV - [2008/01/24 12:08:34 | 000,010,880 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ITEhidCIR.sys -- (vhidmini) DRV - [2008/01/20 21:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/20 21:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/20 21:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/20 21:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/20 21:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/20 21:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/20 21:23:26 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\MODEMCSA.sys -- (MODEMCSA) DRV - [2008/01/20 21:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/20 21:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/20 21:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/20 21:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008/01/20 21:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/20 21:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/20 21:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/20 21:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/20 21:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/20 21:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/20 21:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/20 21:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV - [2008/01/20 21:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/20 21:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/01/20 21:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/01/20 21:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2008/01/10 12:59:08 | 000,081,192 | ---- | M] (CyberLink) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD) DRV - [2007/07/30 13:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007/07/30 12:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007/05/23 18:33:58 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr) DRV - [2006/12/14 02:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 02:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock) DRV - [2006/11/02 01:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv) DRV - [2006/04/04 16:20:37 | 000,009,344 | ---- | M] (Hewlett Packard) [Kernel | On_Demand] -- C:\Windows\System32\drivers\hpfxbulk.sys -- (HPFXBULK) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com IE - HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data] IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\User_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.niezalezna.pl/ IE - HKU\User_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\User_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 08:27:28 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/27 06:13:01 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/18 08:27:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2012/08/27 06:13:00 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll [2012/08/27 06:12:56 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2012/08/27 06:12:56 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2012/08/27 06:12:55 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2012/08/27 06:12:55 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2012/08/27 06:12:55 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2012/08/27 06:12:55 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\User_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\User_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF [binary data] O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SetVisualStyle = %SystemRoot%\Resources\Themes\Luna.theme File not found O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} http://cached.gamedesire.com/g_bin/pl/boards_2_0_0_36.cab (Ganymede Board Games) O16 - DPF: {41ACD49D-791A-1974-0981-AA9872721044} http://cached.gamedesire.com/g_bin/pl/boards_2_0_0_39.cab (Ganymede Board Games) O16 - DPF: {556EEC63-31E2-47C3-BF29-DFF799D2FE04} https://secure.logmein.com/activex/RACtrl.cab (Remote Access ActiveX Client) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=972 (Performance Viewer Activex Control) O16 - DPF: {FDDBE2B8-4AD8-6602-946D-94C5A32FA6C1} http://cached.gamedesire.com/g_bin/pl/billard8_2_0_0_40.cab (GameDesire Pool 8) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2013/01/04 08:29:36 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft [2013/01/04 08:26:04 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Local Settings\Application Data\Temp [2013/01/04 08:26:01 | 000,000,000 | --SD | C] -- B:\Documents and Settings\Default User\Cookies [2013/01/04 08:26:01 | 000,000,000 | R--D | C] -- B:\Documents and Settings\Default User\Recent [2013/01/04 08:26:01 | 000,000,000 | R--D | C] -- B:\Documents and Settings\Default User\My Documents\My Pictures [2013/01/04 08:26:01 | 000,000,000 | R--D | C] -- B:\Documents and Settings\Default User\My Documents\My Music [2013/01/04 08:26:01 | 000,000,000 | R--D | C] -- B:\Documents and Settings\Default User\My Documents [2013/01/04 08:26:01 | 000,000,000 | R--D | C] -- B:\Documents and Settings\Default User\Favorites [2013/01/04 08:26:01 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Templates [2013/01/04 08:26:01 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Start Menu [2013/01/04 08:26:01 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\SendTo [2013/01/04 08:26:01 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\PrintHood [2013/01/04 08:26:01 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\NetHood [2013/01/04 08:26:01 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\My Documents\My Videos [2013/01/04 08:26:01 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Application Data\Microsoft [2013/01/04 08:26:01 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Local Settings [2013/01/04 08:26:01 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Desktop [2013/01/04 08:26:01 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Application Data [2012/12/29 15:03:23 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012/12/29 14:53:17 | 000,546,304 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe [2012/12/29 14:53:11 | 000,000,000 | ---D | C] -- C:\_OTL [2012/12/22 06:53:52 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012/12/22 06:53:52 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2012/12/13 01:18:57 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012/12/13 01:18:57 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2012/12/13 01:18:56 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012/12/13 01:18:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012/12/13 01:18:56 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012/12/13 01:18:56 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012/12/13 01:18:55 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012/12/13 01:18:55 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2012/12/13 01:18:55 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012/12/13 01:18:54 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012/12/13 01:14:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll [2012/12/13 01:14:14 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll [2012/12/13 01:14:14 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll [2012/12/13 01:14:11 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll [2012/12/13 01:14:11 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe [2012/12/13 01:14:11 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys [2012/12/13 01:14:11 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll [2012/12/12 01:59:06 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012/12/12 01:59:05 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll [2012/12/12 01:59:04 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe [2012/12/12 01:58:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2009/07/25 23:40:39 | 000,229,376 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll ========== Files - Modified Within 30 Days ========== [2013/01/04 08:31:40 | 000,001,332 | ---- | M] () -- B:\Documents and Settings\Default User\Desktop\OTLPE.lnk [2013/01/02 03:01:18 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat [2012/12/29 15:26:58 | 000,000,281 | ---- | M] () -- C:\LENOVO (D).lnk [2012/12/29 09:12:47 | 000,000,904 | ---- | M] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk [2012/12/27 10:13:54 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012/12/27 10:13:54 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012/12/27 10:13:54 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/12/27 10:13:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012/12/27 09:42:12 | 000,000,056 | -HS- | M] () -- C:\_PartitionInfo [2012/12/27 08:32:54 | 000,000,680 | ---- | M] () -- C:\Users\User\AppData\Local\d3d9caps.dat [2012/12/26 14:44:00 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/12/25 17:26:55 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012/12/22 07:08:03 | 000,445,088 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012/12/21 12:45:38 | 308,579,867 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012/12/16 08:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2012/12/16 05:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012/12/05 11:35:19 | 000,891,499 | ---- | M] () -- C:\Users\User\Documents\BROWAR.DREWMET.docx ========== Files Created - No Company Name ========== [2013/01/04 08:26:04 | 000,001,547 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\MSKeyViewer Plus.lnk [2013/01/04 08:26:04 | 000,001,535 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\RegistryEditorPE.lnk [2013/01/04 08:26:04 | 000,001,483 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\HandyRecovery 1.lnk [2013/01/04 08:26:04 | 000,001,479 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Undelete Plus.lnk [2013/01/04 08:26:04 | 000,001,475 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Magical Jelly Bean Keyfinder.lnk [2013/01/04 08:26:04 | 000,001,469 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\DiskPartitioner.lnk [2013/01/04 08:26:04 | 000,001,465 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Agent Ransack.lnk [2013/01/04 08:26:04 | 000,001,437 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\notepad++.lnk [2013/01/04 08:26:04 | 000,001,427 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\2xExplorer.lnk [2013/01/04 08:26:04 | 000,001,371 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\ImgBurn.lnk [2013/01/04 08:26:04 | 000,001,353 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\DriveImage XML.lnk [2013/01/04 08:26:04 | 000,001,347 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\A43 File Management Utility.lnk [2013/01/04 08:26:04 | 000,001,347 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\7-Zip File Manager.lnk [2013/01/04 08:26:04 | 000,001,343 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Windows Registry Recovery.lnk [2013/01/04 08:26:04 | 000,001,332 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\OTLPE.lnk [2013/01/04 08:26:04 | 000,001,313 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Disk Investigator.lnk [2013/01/04 08:26:04 | 000,001,261 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Internet Explorer.lnk [2012/12/29 15:26:58 | 000,000,281 | ---- | C] () -- C:\LENOVO (D).lnk [2012/12/29 09:12:47 | 000,000,904 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk [2012/12/13 01:14:27 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012/12/13 01:14:27 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012/08/13 02:28:51 | 000,000,162 | ---- | C] () -- C:\Windows\Readiris.ini [2012/08/08 09:52:00 | 000,167,936 | ---- | C] () -- C:\Windows\System32\HPM1210LM.DLL [2012/08/08 09:36:31 | 000,284,672 | ---- | C] () -- C:\Windows\System32\mvhlewsi.dll [2012/08/08 09:36:30 | 000,013,824 | ---- | C] () -- C:\Windows\System32\drivers\HPM1210FAX.sys [2012/08/08 09:36:28 | 000,167,936 | ---- | C] () -- C:\Windows\System32\m1210wia.dll [2012/08/08 09:36:28 | 000,081,920 | ---- | C] () -- C:\Windows\System32\mvusbews.dll [2012/08/08 09:36:28 | 000,049,152 | ---- | C] () -- C:\Windows\System32\HPM1210SMs.dll [2011/12/27 02:02:06 | 000,000,000 | ---- | C] () -- C:\Users\User\AppData\Local\{E80206D8-8279-4FBF-B241-57D03C24D7F3} [2011/12/10 06:03:09 | 000,000,000 | ---- | C] () -- C:\Users\User\AppData\Local\{E3FCD1BB-7A56-4F96-9D04-EF7EE30F7C66} [2010/04/21 14:43:37 | 000,000,680 | ---- | C] () -- C:\Users\User\AppData\Local\d3d9caps.dat [2010/01/25 05:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\System32\ractrlkeyhook.dll [2009/11/03 11:19:41 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009/11/03 11:19:40 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2009/11/03 11:19:38 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2009/11/03 11:19:38 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009/11/03 11:19:38 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009/11/03 11:19:36 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009/11/03 11:19:36 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2009/10/26 15:31:37 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2009/10/26 15:31:36 | 000,022,328 | ---- | C] () -- C:\Users\User\AppData\Roaming\PnkBstrK.sys [2009/10/26 15:30:37 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini [2009/09/06 13:27:16 | 000,000,861 | ---- | C] () -- C:\Users\User\AppData\Local\RT73_{43892C15-5DDF-4EC0-AFE7-19D723498062}_sta [2009/09/06 13:27:10 | 000,000,835 | ---- | C] () -- C:\Users\User\AppData\Local\RT73_{43892C15-5DDF-4EC0-AFE7-19D723498062}_prof [2009/09/02 04:06:13 | 000,000,092 | ---- | C] () -- C:\Users\User\AppData\Local\fusioncache.dat [2009/08/27 10:33:28 | 000,229,376 | ---- | C] () -- C:\Windows\System32\HPPCPR01.DLL [2009/08/18 12:13:14 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/08/14 18:59:30 | 000,022,016 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/08/12 09:28:30 | 000,053,478 | ---- | C] () -- C:\Windows\mvtcpui.ini [2009/07/26 00:47:21 | 009,338,880 | ---- | C] () -- C:\Windows\System32\Facev.dll [2009/07/26 00:47:21 | 000,208,896 | ---- | C] () -- C:\Windows\System32\image.dll [2009/07/26 00:47:20 | 000,053,248 | ---- | C] () -- C:\Windows\System32\FunFrm.dll [2009/07/26 00:47:19 | 000,655,360 | ---- | C] () -- C:\Windows\System32\EncIcons.dll [2009/07/26 00:47:19 | 000,507,904 | ---- | C] () -- C:\Windows\System32\SimpleExt.dll [2009/07/26 00:47:19 | 000,241,752 | ---- | C] () -- C:\Windows\System32\IcnOvrly.dll [2009/07/26 00:47:18 | 009,502,720 | ---- | C] () -- C:\Windows\System32\FaceVerify.dll [2009/07/26 00:47:18 | 001,974,272 | ---- | C] () -- C:\Windows\System32\Imagereog.dll [2009/07/26 00:47:18 | 001,564,672 | ---- | C] () -- C:\Windows\System32\MainOp.dll [2009/07/26 00:47:18 | 001,163,264 | ---- | C] () -- C:\Windows\System32\PicNotify.dll [2009/07/26 00:47:18 | 000,221,184 | ---- | C] () -- C:\Windows\System32\SetDev.dll [2009/07/26 00:47:18 | 000,126,976 | ---- | C] () -- C:\Windows\System32\VideoOp.dll [2009/07/26 00:47:18 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Momo.dll [2009/07/26 00:47:18 | 000,049,152 | ---- | C] () -- C:\Windows\System32\DevFilt.dll [2009/07/26 00:47:17 | 000,442,368 | ---- | C] () -- C:\Windows\System32\Apblend.dll [2009/07/26 00:27:56 | 000,057,344 | ---- | C] () -- C:\Windows\AsfHelper.dll [2009/07/26 00:27:56 | 000,049,472 | ---- | C] () -- C:\Windows\System32\drivers\funfrm.sys [2009/07/26 00:27:52 | 000,241,664 | ---- | C] () -- C:\Windows\System32\3DImageRenderer.dll [2009/07/25 23:40:39 | 001,747,200 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2009/07/25 23:40:39 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2009/03/03 04:05:19 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008/08/26 14:54:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll [2008/06/13 14:22:02 | 000,008,832 | ---- | C] () -- C:\Windows\System32\drivers\Wdkbdmou.sys [2007/06/19 02:59:36 | 000,070,400 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll [2007/04/20 01:57:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/10/09 11:56:38 | 000,002,991 | ---- | C] () -- C:\Windows\Cpcsrpts.ini [2005/07/28 19:33:56 | 000,020,480 | ---- | C] () -- C:\Windows\System32\hppaecfpdrespo.dll [2001/11/14 15:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [2001/10/24 05:50:36 | 000,000,032 | ---- | C] () -- C:\Windows\hppcap.ini [2001/07/06 21:00:02 | 000,003,234 | ---- | C] () -- C:\Windows\System32\HPTCPMON.INI ========== LOP Check ========== [2011/06/23 04:21:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GanymedeNet [2009/08/14 12:58:56 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Lenovo [2012/09/17 04:04:01 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Marvell [2011/04/12 07:38:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\VSRevoGroup [2009/08/19 12:59:39 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\WA-PRO [2012/12/26 15:19:46 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Odnośnik do komentarza
jessica Opublikowano 4 Stycznia 2013 Zgłoś Udostępnij Opublikowano 4 Stycznia 2013 :OTL SRV - [2012/12/26 14:26:07 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Users\User\AppData\Local\Temp\wpbt0.dll -- (Winmgmt) @bandrzal - Skrypt źle skonstruowany - w ten sposób usunąłeś całą usługę Systemową "winmgmt". Odnośnik do komentarza
kajoj Opublikowano 4 Stycznia 2013 Autor Zgłoś Udostępnij Opublikowano 4 Stycznia 2013 czyi teraz uruchomić to, co napisała Jessica? Nadal w OTLPE czy OTL na właściwym systemie wystarczy? Odnośnik do komentarza
jessica Opublikowano 4 Stycznia 2013 Zgłoś Udostępnij Opublikowano 4 Stycznia 2013 czyi teraz uruchomić to, co napisała Jessica? Nadal w OTLPE czy OTL na właściwym systemie wystarczy? Ależ nie, ja nie podałam żadnego Skryptu do wykonania. Zwróciłam tylko uwagę,dla @bandrzal'a, że zamiast pomóc, to uszkodził System. . Odnośnik do komentarza
Nights Opublikowano 4 Stycznia 2013 Zgłoś Udostępnij Opublikowano 4 Stycznia 2013 Jessica, przepraszam Cię bardzo, ale z jakiej racji pomagasz w dziale, nie mając do tego zezwolenia? To forum z zamysłu ma działać w sposób "profesjonalny", a Ty wykorzystujesz tylko fakt, że moderatorzy tego działu są chwilowo nieobecni. Jeśli masz aż tak bardzo dużą potrzebę pomocy, to może zmień forum? Do autora tematu: Nie, bandzal nie uszkodził Ci systemu, ani nie usunął żadnej usługi systemowej (naprawdę? Usługa systemowa w folderze Temp?). Użytkownik jessica wprowadza Cię w błąd i po prostu zalecam poczekanie na moderatorów działu, którzy mają wyłączne prawo dokonywania takich zaleceń użytkownikowi. Odnośnik do komentarza
jessica Opublikowano 4 Stycznia 2013 Zgłoś Udostępnij Opublikowano 4 Stycznia 2013 Jessica, przepraszam Cię bardzo, ale z jakiej racji pomagasz w dziale, nie mając do tego zezwolenia? To forum z zamysłu ma działać w sposób "profesjonalny", a Ty wykorzystujesz tylko fakt, że moderatorzy tego działu są chwilowo nieobecni. @Nights Wiem, że nie powinnam pomagać, ale jak widzę, ile tu osób od 21 grudnia sformatowało dysk tylko dlatego, że nie doczekali się pomocy, lub @Landuss wprawdzie odpowiedział, ale zbyt późno, bo użytkownik po długim czekaniu zdecydował się sformatować dysk, to boli mnie takie lekceważenie użytkowników.. Jak nie wierzysz, to sam sprawdź, ile tematów od dnia 21 grudnia zostało porzuconych (czytaj:sformatowali dysk) Tylko kilku użytkowników uciekło stąd na inne fora, reszta musiała sformatować dysk, bo z infekcją "WEELSOF" nie da się w ogóle korzystać z komputera. Z kilkoma użytkownikami skontaktowałam się - odpisali, że już nie potrzebują pomocy, bo sformatowali dysk, nie mogli dłużej czekać. Czy na tym polega profesjonalizm tego Forum? Odnośnik do komentarza
Nights Opublikowano 4 Stycznia 2013 Zgłoś Udostępnij Opublikowano 4 Stycznia 2013 Nie Twój problem, czy użytkownicy otrzymują pomoc, czy nie. Profesjonalizm polega własnie na tym, że pomocy udzielają osoby do tego wyznaczone. A Ciebie, jak sądzę, nikt nie upoważnił do usuwania infekcji na tym forum. Tak jak pisałem, jeśli masz aż tak dużą potrzebę pomocy - przenieś się gdzie indziej. Były święta, ludzie spotykali się z rodziną, picasso pewnie zdawała sobie sprawę, jak to wyjdzie (a może przed świętami napisała prośbę do Ciebie, abyś zajęła się podforum na czas jej nieobecności?). PS. Proponuję zapoznać się z tym tematem: https://www.fixitpc.pl/topic/10114-dodatkowa-pomoc-w-dziale-malware/ Odnośnik do komentarza
jessica Opublikowano 4 Stycznia 2013 Zgłoś Udostępnij Opublikowano 4 Stycznia 2013 Nie Twój problem, czy użytkownicy otrzymują pomoc, czy nie. Profesjonalizm polega własnie na tym, że pomocy udzielają osoby do tego wyznaczone. A Ciebie, jak sądzę, nikt nie upoważnił do usuwania infekcji na tym forum. Tak jak pisałem, jeśli masz aż tak dużą potrzebę pomocy - przenieś się gdzie indziej. Były święta, ludzie spotykali się z rodziną, picasso pewnie zdawała sobie sprawę, jak to wyjdzie (a może przed świętami napisała prośbę do Ciebie, abyś zajęła się podforum na czas jej nieobecności?). PS. Proponuję zapoznać się z tym tematem: http://www.fixitpc.p...dziale-malware/ Dawno czytałam ten temat. Czy naprawdę i Ty, i inni macie aż taką znieczulicę? Nic Was nie obchodzi, co czują użytkownicy, którzy muszą sformatować dysk tylko dlatego, że Administracja Forum podchodzi do ich problemów w sposób biurokratyczny? A dobre imię Forum bardziej ucierpiało dlatego, że użytkownicy zostali zmuszeni do sformatowania dysku z powodu braku pomocy, lub zbyt późnej pomocy, niż tym, że ja tu próbowałam pomóc. Zapytaj się tych użytkowników, którzy sformatowali dysk, co teraz sądzą o tym Forum.? Odnośnik do komentarza
Nights Opublikowano 4 Stycznia 2013 Zgłoś Udostępnij Opublikowano 4 Stycznia 2013 Nie odpowiadam za picasso, bo to jej sprawa. Mnie natomiast obchodzi, że użytkownicy kierowani przez takich jak Ty odchodzą stąd nie zawsze z czystym sprzętem. Obchodzi mnie też to, że za błędy, które Ty popełnisz odpowiadać będzie forum, a idąc dalej - picasso, nie Ty. Nie Twoje forum, więc co Ciebie obchodzi jego los? Jestem zdania, że lepiej pozostawić użytkownika z problemem, niż dopuścić możliwość uszkodzenia systemu. Poza tym... jest masa for, gdzie mogą otrzymać pomoc. To forum (przynajmniej w moim odczuciu) daje gwarancję, że wyjdę stąd z czystym systemem bez żadnego 'ale' - i to całkowicie za darmo. Dlatego też mogę całkowicie zrozumieć taką politykę forum. #edit Picasso ma wrócić w poniedziałek. Do tego czasu, jeśli możesz, wstrzymaj się z udzielaniem porad w obszarze OTL. Dzięki. Do Moderatorów: możecie śmiało usunąć moje posty w tej bezprzedmiotowej dyskusji, nie mającej żadnego związku z problemem Użytkownika, który założył ten temat. Jakby jakiś moderator miał prawa w tym podforum, to Twoje posty nie miałyby prawa bytu, a tejże dyskusji by nie było. Odnośnik do komentarza
jessica Opublikowano 4 Stycznia 2013 Zgłoś Udostępnij Opublikowano 4 Stycznia 2013 Jestem zdania, że lepiej pozostawić użytkownika z problemem, niż dopuścić możliwość uszkodzenia systemu. Dobre sobie :) ! Lepiej dopuścić do sformatowania dysku, niż dać przynajmniej nikłą szansę na usunięcie infekcji? Ciekawe, co sądzą o tym Ci, którzy sformatowali dysk tylko dlatego, że nie dostali tej nikłej szansy. Do Moderatorów: możecie śmiało usunąć moje posty w tej bezprzedmiotowej dyskusji, nie mającej żadnego związku z problemem Użytkownika, który założył ten temat. Odnośnik do komentarza
Conor29134 Opublikowano 4 Stycznia 2013 Zgłoś Udostępnij Opublikowano 4 Stycznia 2013 +1 dla jessici Do autora tematu: Nie, bandzal nie uszkodził Ci systemu, ani nie usunął żadnej usługi systemowej (naprawdę? Usługa systemowa w folderze Temp?). Użytkownik jessica wprowadza Cię w błąd i po prostu zalecam poczekanie na moderatorów działu, którzy mają wyłączne prawo dokonywania takich zaleceń użytkownikowi. Ale wiedza no fiufiu to żeś zabłysnał niczym gwiazdka na niebie gdybys pomyślał przez chwilę i spojrzał do rejestru to byś załważył że usługa jest prawidłowa a jedynie zmodyfikowana wartość "ServiceDll"=%SystemRoot%\system32\wbem\WMIsvc.dll w HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winmgmt\Parameters a moderatorzy jakby chcieli to i blokade pisania postów na forum dla danego użytkownika by wprowadzili bo mogą dowolny moderator mógłby to zrobić np: dawid Odnośnik do komentarza
kajoj Opublikowano 4 Stycznia 2013 Autor Zgłoś Udostępnij Opublikowano 4 Stycznia 2013 A ja tam jestem ogromnie wdzięczny, że jest takie forum jak to i że ludzie bezinteresownie i za darmo służą pomocą. Picasso we wcześniejszych latach na searchengines pomagała mi kilkukrotnie z wirusami i dlatego też zawsze szukam na necie jej porad. Właściciel kompa, którym sie zająłem już chciał biec do jakiejś "firmy komputerowej", gdzie pewnie sczyściliby mu kilka stówek. Ja tylko uspokajałem, że za parę dni rozwiążę problem z pomocą netu. I rozwiązałem Dziękuję! Odnośnik do komentarza
Conor29134 Opublikowano 4 Stycznia 2013 Zgłoś Udostępnij Opublikowano 4 Stycznia 2013 kajoj mimo wszystko chciałbym sprawdzić czy usługa istnieje i czy działa bo mogą być problemy jezeli została usunięta pobierz system look w zależności od zainstalowanej wersji windowsa: wersja 64bit wersja 32 bit Uruchom i w okienko wklej: :reg HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winmgmt /s HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\winmgmt /s HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\winmgmt /s HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winmgmt /s Kliknij look i podaj raport Odnośnik do komentarza
Rekomendowane odpowiedzi