Komputer zostal zablokawany przez naruszenie prawa polskiego

[Slawo]

Witam, proszę o pomoc w odblokowaniu komputera zablokowanego prze komunikat z orzełkiem bez korony

nie moge zalaczyc logow wystepuje komunikat

Extras.Txt

 

Wysyłanie ominięte (Błąd IO)

 

 

Pozdrawiam

Sławo

[Landuss]

Bez logów ci nie pomożemy. Spróbuj je wkleić na serwisie zewnętrznym http://www.wklej.org/

[Slawo]

Czy to wystarczy??

 

OTL logfile created on: 2012-07-06 16:19:13 - Run 1

OTL by OldTimer - Version 3.2.53.1 Folder = J:\

Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

2,00 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 80,72% Memory free

3,85 Gb Paging File | 3,46 Gb Available in Paging File | 89,78% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Program Files

Drive C: | 97,65 Gb Total Space | 78,40 Gb Free Space | 80,29% Space Free | Partition Type: NTFS

Drive D: | 149,05 Gb Total Space | 93,38 Gb Free Space | 62,65% Space Free | Partition Type: NTFS

Drive E: | 135,22 Gb Total Space | 73,66 Gb Free Space | 54,47% Space Free | Partition Type: NTFS

Drive F: | 974,46 Mb Total Space | 869,91 Mb Free Space | 89,27% Space Free | Partition Type: FAT32

Drive J: | 3,74 Gb Total Space | 0,47 Gb Free Space | 12,61% Space Free | Partition Type: FAT32

 

Computer Name: PC | User Name: Administrator | Logged in as Administrator.

Boot Mode: SafeMode | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2012-07-06 16:01:30 | 000,595,968 | ---- | M] (OldTimer Tools) -- J:\OTL.exe

PRC - [2012-04-09 12:46:39 | 001,378,040 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

PRC - [2004-08-04 02:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINXP\explorer.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2012-04-09 12:46:56 | 000,177,624 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\VipreBridge.dll

MOD - [2012-04-09 12:46:55 | 000,300,368 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\Vipre.dll

MOD - [2012-04-09 12:46:49 | 000,272,368 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll

MOD - [2012-02-05 13:41:50 | 000,181,616 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll

MOD - [2012-02-05 13:41:48 | 000,210,288 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - [2012-06-28 14:51:53 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV - [2012-06-25 20:42:31 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012-06-17 11:34:10 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012-05-03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012-04-09 12:46:39 | 001,378,040 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTGLM7X.sys -- (SetupNTGLM7X)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTACCESS.sys -- (NTACCESS)

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\install4\MSICPL.sys -- (MSICPL)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - [2012-06-28 14:52:42 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINXP\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2012-06-28 14:52:42 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINXP\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2012-06-28 14:52:37 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINXP\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2012-06-28 14:52:37 | 000,097,352 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINXP\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2012-06-28 14:52:37 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINXP\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2012-06-28 14:52:36 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINXP\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2012-06-28 14:52:36 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINXP\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2012-04-09 12:46:57 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)

DRV - [2010-09-08 14:59:42 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINXP\system32\drivers\Lbd.sys -- (Lbd)

DRV - [2005-12-12 05:40:44 | 001,414,656 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2005-10-26 10:08:26 | 003,786,944 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)

DRV - [2005-03-04 05:10:26 | 000,074,496 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)

DRV - [2004-05-02 18:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINXP\System32\drivers\GVCplDrv.sys -- (GVCplDrv)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.pl

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.pl

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.selectedEngine: "Wikipedia (pl)"

FF - prefs.js..browser.startup.homepage: "www.google.pl"

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINXP\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINXP\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-07-01 08:24:43 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-17 11:34:11 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

 

[2012-02-06 20:50:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions

[2012-05-04 15:12:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\53yo6ekd.default\extensions

[2012-03-21 18:15:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012-07-01 08:24:43 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

[2012-03-05 20:26:14 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2012-06-17 11:34:11 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012-01-29 16:18:04 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml

[2012-01-29 16:18:04 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml

[2012-01-29 16:18:04 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml

[2012-01-29 16:18:04 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml

[2012-01-29 16:18:04 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml

[2012-01-29 16:18:04 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

 

O1 HOSTS File: ([2001-10-26 19:45:16 | 000,000,742 | ---- | M]) - C:\WINXP\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINXP\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [PHIME2002A] C:\WINXP\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [PHIME2002ASync] C:\WINXP\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [soundMan] C:\WINXP\SOUNDMAN.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [WSManHTTPConfig] C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\912\WSManHTTPConfig.exe ()

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab (Java Plug-in 1.5.0_12)

O16 - DPF: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_15-windows-i586.cab (Java Plug-in 1.5.0_15)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINXP\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINXP\system32\userinit.exe) - C:\WINXP\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINXP\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: C:\WINXP\Web\Wallpaper\Idylla.bmp

O24 - Desktop BackupWallPaper: C:\WINXP\Web\Wallpaper\Idylla.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2012-01-12 22:34:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (lsdelete)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012-07-06 14:38:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\hellomoto

[2012-07-06 09:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\najem

[2012-06-22 21:43:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\cv

[2012-06-06 20:27:47 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\WINXP\System32\FlashPlayerApp.exe

[2012-06-06 20:27:47 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\WINXP\System32\FlashPlayerCPLApp.cpl

[3 C:\WINXP\*.tmp files -> C:\WINXP\*.tmp -> ]

[1 C:\WINXP\System32\*.tmp files -> C:\WINXP\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2012-07-06 16:06:39 | 000,002,048 | --S- | M] () -- C:\WINXP\bootstat.dat

[2012-07-06 16:05:26 | 000,000,458 | ---- | M] () -- C:\WINXP\tasks\Ad-Aware Update (Weekly).job

[2012-07-06 16:04:03 | 000,001,046 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskMachineCore.job

[2012-07-06 15:20:11 | 000,000,664 | ---- | M] () -- C:\WINXP\System32\d3d9caps.dat

[2012-07-06 14:41:00 | 000,000,926 | ---- | M] () -- C:\WINXP\tasks\Adobe Flash Player Updater.job

[2012-07-06 14:12:00 | 000,001,050 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskMachineUA.job

[2012-07-06 08:23:24 | 000,002,206 | ---- | M] () -- C:\WINXP\System32\wpa.dbl

[2012-07-02 20:14:00 | 000,069,881 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\234ci, transakcje, przelewy, karty kredytowe).pdf

[2012-07-02 19:43:05 | 001,113,990 | R--- | M] () -- C:\Documents and Settings\Administrator\Pulpit\298_klucz_pkwiu_2008_2004_05_11.pdf

[2012-07-01 08:24:43 | 000,002,644 | ---- | M] () -- C:\WINXP\System32\CONFIG.NT

[2012-06-28 14:52:42 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINXP\System32\drivers\aswSP.sys

[2012-06-28 14:52:42 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINXP\System32\drivers\aswTdi.sys

[2012-06-28 14:52:37 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINXP\System32\drivers\aswSnx.sys

[2012-06-28 14:52:37 | 000,097,352 | ---- | M] (AVAST Software) -- C:\WINXP\System32\drivers\aswmon2.sys

[2012-06-28 14:52:37 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINXP\System32\drivers\aswmon.sys

[2012-06-28 14:52:37 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINXP\System32\drivers\aswRdr.sys

[2012-06-28 14:52:36 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINXP\System32\drivers\aavmker4.sys

[2012-06-28 14:52:36 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINXP\System32\drivers\aswFsBlk.sys

[2012-06-28 14:52:20 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINXP\avastSS.scr

[2012-06-28 14:51:49 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINXP\System32\aswBoot.exe

[2012-06-25 20:42:29 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINXP\System32\FlashPlayerApp.exe

[2012-06-25 20:42:29 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINXP\System32\FlashPlayerCPLApp.cpl

[2012-06-09 11:24:47 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[3 C:\WINXP\*.tmp files -> C:\WINXP\*.tmp -> ]

[1 C:\WINXP\System32\*.tmp files -> C:\WINXP\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2012-07-06 15:15:08 | 000,015,880 | ---- | C] () -- C:\WINXP\System32\lsdelete.exe

[2012-07-06 15:06:58 | 000,000,664 | ---- | C] () -- C:\WINXP\System32\d3d9caps.dat

[2012-07-02 20:13:59 | 000,069,881 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\234ci, transakcje, przelewy, karty kredytowe).pdf

[2012-07-02 19:43:32 | 001,113,990 | R--- | C] () -- C:\Documents and Settings\Administrator\Pulpit\298_klucz_pkwiu_2008_2004_05_11.pdf

[2012-06-07 21:09:09 | 763,999,806 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Listy.do.M.2011.PL.READNFO.DVDSCR.XviD-BiDA.avi

[2012-06-06 20:27:48 | 000,000,926 | ---- | C] () -- C:\WINXP\tasks\Adobe Flash Player Updater.job

[2012-02-27 22:19:16 | 000,077,824 | ---- | C] () -- C:\WINXP\System32\sasperf.dll

[2012-02-27 22:09:06 | 002,145,776 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat

[2012-02-12 20:16:15 | 000,180,624 | ---- | C] () -- C:\WINXP\System32\Primomonnt.dll

[2012-02-06 20:22:09 | 000,023,040 | R--- | C] () -- C:\WINXP\System32\drivers\GVCplDrv.sys

[2012-01-15 20:06:37 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012-01-12 23:46:14 | 000,000,000 | ---- | C] () -- C:\WINXP\ativpsrm.bin

[2012-01-12 23:45:09 | 000,520,192 | ---- | C] () -- C:\WINXP\System32\ati2sgag.exe

[2012-01-12 23:40:11 | 000,049,152 | ---- | C] () -- C:\WINXP\System32\ChCfg.exe

[2012-01-12 23:39:52 | 000,000,164 | ---- | C] () -- C:\WINXP\avrack.ini

[2012-01-12 23:39:45 | 000,157,184 | R--- | C] () -- C:\WINXP\System32\RTLCPAPI.dll

[2012-01-12 23:28:49 | 000,004,205 | ---- | C] () -- C:\WINXP\ODBCINST.INI

[2012-01-12 23:26:48 | 000,328,296 | ---- | C] () -- C:\WINXP\System32\FNTCACHE.DAT

[2012-01-12 22:36:35 | 000,002,048 | --S- | C] () -- C:\WINXP\bootstat.dat

[2012-01-12 22:32:26 | 000,021,856 | ---- | C] () -- C:\WINXP\System32\emptyregdb.dat

[2011-02-10 06:03:48 | 000,000,314 | ---- | C] () -- C:\WINXP\primopdf.ini

 

< End of report >

 

 

OTL Extras logfile created on: 2012-07-06 16:19:13 - Run 1

OTL by OldTimer - Version 3.2.53.1 Folder = J:\

Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

2,00 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 80,72% Memory free

3,85 Gb Paging File | 3,46 Gb Available in Paging File | 89,78% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Program Files

Drive C: | 97,65 Gb Total Space | 78,40 Gb Free Space | 80,29% Space Free | Partition Type: NTFS

Drive D: | 149,05 Gb Total Space | 93,38 Gb Free Space | 62,65% Space Free | Partition Type: NTFS

Drive E: | 135,22 Gb Total Space | 73,66 Gb Free Space | 54,47% Space Free | Partition Type: NTFS

Drive F: | 974,46 Mb Total Space | 869,91 Mb Free Space | 89,27% Space Free | Partition Type: FAT32

Drive J: | 3,74 Gb Total Space | 0,47 Gb Free Space | 12,61% Space Free | Partition Type: FAT32

 

Computer Name: PC | User Name: Administrator | Logged in as Administrator.

Boot Mode: SafeMode | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 1

"AntiVirusOverride" = 1

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)

"C:\Program Files\Java\jre1.5.0_12\bin\java.exe" = C:\Program Files\Java\jre1.5.0_12\bin\java.exe:*:Enabled:Java 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{1C79FD33-8139-4071-959E-0C9B8FFB8EED}" = SAS Add-In 4.3 for Microsoft Office

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{24343291-8112-4167-8AF2-D8EA2EA1825E}" = SAS Enterprise Guide 4.3

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31

"{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK

"{3248F0A8-6813-11D6-A77B-00B0D0150120}" = J2SE Runtime Environment 5.0 Update 12

"{3248F0A8-6813-11D6-A77B-00B0D0150150}" = J2SE Runtime Environment 5.0 Update 15

"{32A3A4F4-B792-11D6-A78A-00B0D0150150}" = J2SE Development Kit 5.0 Update 15

"{32C09720-1B54-4599-A093-8D30C5A19699}" = SAS Rapid Predictive Modeling

"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12

"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007

"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007

"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007

"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007

"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007

"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007

"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007

"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007

"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007

"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware

"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"{F9390B82-786C-43CF-A970-D39E23EF0366}" = SAS 9.2

"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio

"05392cc774343725d752656aa71efdc6" = SAS Data Integration Studio 4.2

"08b33f34fcc011da91e9a2a8b9a2fdce" = SAS Analytics Platform 1.5

"0cb720d8b1f8db581667978db7c27210" = SAS Intelligence Platform Object Framework 9.2

"12cd5548f285d7bd5eab3503361fc635" = SAS Enterprise Miner 6.2

"1d8476e4fcca11dab0f6f685d746a93a" = SAS/SECURE Java 9.2

"1ebbeb34fcc311dab0f6f685d746a93a" = SAS Deployment Tester 1.3 for SAS Management Console

"2ebaa88b7b64182e4af82897354182ce" = SAS Deployment Tester - Server 1.3

"4835c259d88f3adc046d62a97265ec17" = SAS Locale Setup Manager 2.1

"8d3018ac1115bc56200761861bf27a01" = SAS Web Infrastructure Client 4.2

"8d56d2f8fcc711dab5e885c02d2bd404" = SAS Personal Login Manager 9.2

"a4c307b8fcc711dab0f6f685d746a93a" = SAS OLAP Server Monitor 9.2 for SAS Management Console

"Ad-Aware" = Ad-Aware

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI

"ATI Display Driver" = ATI Display Driver

"avast" = avast! Free Antivirus

"b643676d8d98e17ece5dcc2b8b52952b" = SAS Enterprise Miner 6.2 Plug-ins for SAS Management Console

"bd0f8feb009ed55c77b533018745ba20" = SAS Forecast Server 3.1 Plug-ins for SAS Management Console

"c2271ba0fcc711da94be9841cef842ae" = SAS OLAP Cube Studio 4.2

"c36effd50786536bc7c5e5402f910e57" = SAS Client Connection Profile Configuration 9.2

"cff553139e4cca63ea7d86bad8227ae2" = SAS Metadata Bridges 2.1

"d512c678901db9d321c85ecf7c30ae2e" = SAS Deployment Tester - Client 1.3

"e6d1697afcc611dab0f6f685d746a93a" = SAS Management Console 9.2

"ee31fdc91982ae98bd88b8f693f16cb3" = SAS Data Integration Studio Server Data 4.2

"ef4589713f6ed2b47fcc491e232a64b1" = SAS Text Miner Java Client 4.2

"ENTERPRISE" = Microsoft Office Enterprise 2007

"febb569a337f725f5f8607711f665d3b" = SAS Versioned Jar Repository 9.2

"Foxit Reader_is1" = Foxit Reader 5.1

"Gadu-Gadu 10" = Gadu-Gadu 10

"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft Visual Studio 2005 Tools for Office Runtime" = Narzędzia programu Visual Studio 2005 Second Edition do obsługi pakietu Office

"Mozilla Firefox 13.0.1 (x86 pl)" = Mozilla Firefox 13.0.1 (x86 pl)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software

"WIC" = Windows Imaging Component

"WinRAR archiver" = WinRAR 4.11 (32-bit)

"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

 

========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 2012-06-13 15:07:34 | Computer Name = PC | Source = Application Hang | ID = 1002

Description = Aplikacja zawieszająca Foxit Updater.exe, wersja 1.0.0.818, moduł

zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

 

Error - 2012-06-14 01:06:49 | Computer Name = PC | Source = crypt32 | ID = 131080

Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej

listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,

wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu.

 

Error - 2012-06-22 11:20:26 | Computer Name = PC | Source = crypt32 | ID = 131080

Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej

listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,

wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu.

 

Error - 2012-06-22 11:20:26 | Computer Name = PC | Source = crypt32 | ID = 131080

Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej

listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,

wystąpił błąd: To połączenie sieciowe nie istnieje.

 

Error - 2012-06-22 11:20:53 | Computer Name = PC | Source = crypt32 | ID = 131080

Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej

listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,

wystąpił błąd: Nie można określić nazwy serwera lub adresu

 

Error - 2012-06-22 11:20:54 | Computer Name = PC | Source = crypt32 | ID = 131080

Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej

listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,

wystąpił błąd: To połączenie sieciowe nie istnieje.

 

Error - 2012-06-29 15:59:46 | Computer Name = PC | Source = .NET Runtime 2.0 Error Reporting | ID = 5000

Description = EventType clr20r3, P1 winword.exe, P2 12.0.4518.1014, P3 45428028,

P4 sas.officeaddin, P5 4.3.0.0, P6 4c3f4a5d, P7 1918, P8 0, P9 rxoejih3rskjez4xxwpxudkcppwjodng,

P10 NIL.

 

Error - 2012-06-29 15:59:50 | Computer Name = PC | Source = Microsoft Office 12 | ID = 5000

Description = EventType clr20r3, P1 winword.exe, P2 12.0.4518.1014, P3 45428028,

P4 sas.officeaddin, P5 4.3.0.0, P6 4c3f4a5d, P7 1918, P8 0, P9 rxoejih3rskjez4xxwpxudkcppwjodng,

P10 NIL.

 

Error - 2012-06-30 04:29:33 | Computer Name = PC | Source = crypt32 | ID = 131080

Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej

listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,

wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu.

 

Error - 2012-07-06 09:30:23 | Computer Name = PC | Source = EventSystem | ID = 4609

Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył

zły kod powrotu. HRESULT to 8007043C z w wierszu 44 z d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.

Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą

 

[ OSession Events ]

Error - 2012-03-30 15:37:41 | Computer Name = PC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 9546

seconds with 1440 seconds of active time. This session ended with a crash.

 

Error - 2012-06-29 15:59:48 | Computer Name = PC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1505

seconds with 0 seconds of active time. This session ended with a crash.

 

[ System Events ]

Error - 2012-07-06 09:42:15 | Computer Name = PC | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd "%1084" podczas próby uruchomienia usługi

EventSystem z argumentami "" w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}

 

Error - 2012-07-06 09:44:28 | Computer Name = PC | Source = Service Control Manager | ID = 7026

Description = Nie można załadować następujących sterowników startu rozruchowego

lub systemowego: aswSnx

 

Error - 2012-07-06 09:47:53 | Computer Name = PC | Source = Service Control Manager | ID = 7026

Description = Nie można załadować następujących sterowników startu rozruchowego

lub systemowego: aswSnx

 

Error - 2012-07-06 10:04:39 | Computer Name = PC | Source = Service Control Manager | ID = 7026

Description = Nie można załadować następujących sterowników startu rozruchowego

lub systemowego: aswSnx

 

Error - 2012-07-06 10:06:55 | Computer Name = PC | Source = Service Control Manager | ID = 7001

Description = Usługa Klient DHCP zależy od usługi NetBios przez TCP/IP, której nie

można uruchomić z powodu następującego błędu: %%31

 

Error - 2012-07-06 10:06:55 | Computer Name = PC | Source = Service Control Manager | ID = 7001

Description = Usługa Klient DNS zależy od usługi Sterownik protokołu TCP/IP, której

nie można uruchomić z powodu następującego błędu: %%31

 

Error - 2012-07-06 10:06:55 | Computer Name = PC | Source = Service Control Manager | ID = 7001

Description = Usługa Pomoc TCP/IP NetBIOS zależy od usługi AFD, której nie można

uruchomić z powodu następującego błędu: %%31

 

Error - 2012-07-06 10:06:55 | Computer Name = PC | Source = Service Control Manager | ID = 7001

Description = Usługa Usługi IPSEC zależy od usługi Sterownik IPSEC, której nie można

uruchomić z powodu następującego błędu: %%31

 

Error - 2012-07-06 10:06:55 | Computer Name = PC | Source = Service Control Manager | ID = 7026

Description = Nie można załadować następujących sterowników startu rozruchowego

lub systemowego: Aavmker4 AFD aswRdr aswSnx aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS

NetBT

RasAcd

Rdbss

Tcpip

 

Error - 2012-07-06 10:07:17 | Computer Name = PC | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd "%1084" podczas próby uruchomienia usługi

EventSystem z argumentami "" w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}

 

 

< End of report >

 

 

 

Niestety wklej.org chyba mnie przerosło....

[Landuss]

Logi wstawiaj opcją ZAŁĄCZNIKI na forum a nie wlepiaj do posta jak sieczke.

 

Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej następujący tekst:

 

:OTL
O4 - HKLM..\Run: [WSManHTTPConfig] C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\912\WSManHTTPConfig.exe ()
 
 
:Files
C:\Documents and Settings\Administrator\Dane aplikacji\hellomoto
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\912
 
:Commands
[emptytemp]

 

Adnotacja dla innych czytających: skrypt unikatowy - dopasowany tylko i wyłącznie pod ten system, proszę nie stosować na swoich systemach.

 

Kliknij w Wykonaj skrypt. Zatwierdź restart komputera.

 

Uruchamiasz OTL ponownie, tym razem wywołujesz opcję Skanuj. Pokazujesz nowe logi z OTL

[Slawo]

WIELKIE dzięki, komputer wygląda na odblokowany,

 

w załaczeniu log z OTL z kompa uruchomionego w trybie normalnym.

 

proszę o dalsze wskazówki, za sieczke jeszcze raz przepraszam wcześniej żadną siłą nie mogłem załaczyc plików do forum.

OTL.Txt

[Landuss]

Infekcja usunięta w caości. Wykonaj jeszcze to co poniżej:

 

1. Użyj opcji Sprzątanie z OTL.

 

2. Opróżnij folder przywracania systemu: KLIK

 

3. Zaktualizuj system do stanu Service Pack 3(ważne!) oraz wymienione programy do najnowszych wersji:

 

Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

 

Internet Explorer (Version = 6.0.2900.2180)

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31

 

Szczegóły aktualizacyjne: KLIK

 

4. Dla bezpieczeństwa zmień hasła logowania do serwisów w sieci.