Promilos Opublikowano 29 Lipca 2010 Zgłoś Udostępnij Opublikowano 29 Lipca 2010 Witam. Miałem problem z menadżerem zadań ,panelem sterowania,dodaj usuń programy prawy przycisk myszki właściwości nic nie działało.Wyświetlało sie -Operacja została anulowana z powodu ograniczeń nałożonych na ten komputer. Skontaktuj się z administratorem."Teraz wszystkie funkcje działają namieszałem coś w rejestrze czytając rózne artykuły w google. Za to jak chce np. zagrać w pesa orginalnego oczywiście,czy wiine gry to mi wyskakuje że są nie zainstalowane. Chce zrobić przywracanie systemu (tak by było najprościej) ale nie moge ,wyskakuje ,,Przywracanie nie kompletne,Żadne zmiany nie zostały wprowadzone,, Wirusów nie mam ,sprawdzałem Dr. web ,Mbam ,esetem dokładnie jak coś było skasowałem. Problem jest z rejestrem. PRosze o pomoc OTL TXT. OTL logfile created on: 2010-07-29 19:01:01 - Run 8 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Jurek\Pulpit\Programy\Ochrona kompa Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 234,38 Gb Total Space | 189,87 Gb Free Space | 81,01% Space Free | Partition Type: NTFS Drive D: | 7,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF E: Drive not present or media not loaded Drive F: | 298,09 Gb Total Space | 164,81 Gb Free Space | 55,29% Space Free | Partition Type: NTFS Drive G: | 231,38 Gb Total Space | 178,22 Gb Free Space | 77,02% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JL-A8BFE5D811C3 Current User Name: Jurek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010-07-28 21:27:11 | 003,220,912 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe PRC - [2010-07-18 12:06:52 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jurek\Pulpit\Programy\Ochrona kompa\OTL.exe PRC - [2010-05-25 15:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe PRC - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2010-04-07 21:07:04 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (SafeList) ========== MOD - [2010-07-18 12:06:52 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jurek\Pulpit\Programy\Ochrona kompa\OTL.exe MOD - [2009-11-18 21:12:06 | 000,070,960 | ---- | M] (Stardock.net, Inc) -- C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll MOD - [2009-03-26 15:35:40 | 000,034,224 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\idmmkb.dll MOD - [2008-04-26 16:14:22 | 000,042,672 | ---- | M] (Stardock.Net, Inc) -- C:\WINDOWS\system32\wbsys.dll MOD - [2008-04-14 19:16:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2007-09-27 12:40:14 | 000,488,523 | ---- | M] (Stardock Corporation) -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll MOD - [2007-07-11 15:06:58 | 000,028,740 | ---- | M] (Stardock.Net, Inc) -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - [2010-04-27 13:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010-04-07 21:10:38 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) ========== Driver Services (SafeList) ========== DRV - [2010-06-20 11:31:40 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-04-07 21:08:08 | 000,055,232 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi) DRV - [2010-04-07 21:08:06 | 000,032,584 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2010-04-07 21:08:04 | 000,134,488 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw) DRV - [2010-04-07 21:07:08 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-04-07 21:03:44 | 000,139,192 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2010-04-04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-04-13 18:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-05-02 16:32:34 | 000,135,680 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsa.sys -- (nmwcdsa) DRV - [2007-05-02 16:31:54 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsacm.sys -- (nmwcdsacm) DRV - [2007-05-02 16:31:54 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsacj.sys -- (nmwcdsacj) DRV - [2007-05-02 16:31:54 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsac.sys -- (nmwcdsac) DRV - [2007-04-14 16:28:00 | 000,094,592 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2006-09-12 19:27:00 | 004,381,184 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.google.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.google.com/ IE - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-06-28 13:40:29 | 000,000,000 | ---D | M] O1 HOSTS File: ([2010-07-28 22:06:55 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [TNOD UP] C:\Program Files\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) O4 - HKU\.DEFAULT..\Run: [samsung.PCSync] C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-18..\Run: [samsung.PCSync] C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-21-1409082233-1644491937-725345543-1003..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKU\S-1-5-21-1409082233-1644491937-725345543-1003..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0 O7 - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderInfo = 0 O7 - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm () O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {FDDBE2B8-4AD8-6602-946D-94C5A32FA6C1} http://cached.gamedesire.com/g_bin/pl/billard8_2_0_0_41.cab (GameDesire Pool 8) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 193.110.120.5 194.204.159.1 O20 - AppInit_DLLs: (wbsys.dll) - C:\WINDOWS\System32\wbsys.dll (Stardock.Net, Inc) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\WBSrv: DllName - C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll (Stardock Corporation) O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-05-13 13:09:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008-08-22 07:57:52 | 000,230,728 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - D:\autorun.exe -- [ UDF ] O32 - AutoRun File - [2008-05-30 08:54:04 | 000,000,047 | R--- | M] () - D:\Autorun.inf -- [ UDF ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-07-29 18:31:03 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy [2010-07-29 18:31:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\Help [2010-07-29 18:31:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\Help [2010-07-29 17:38:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2010-07-29 15:48:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Moje dokumenty\The KMPlayer [2010-07-28 21:26:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\IDM [2010-07-28 21:26:27 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager [2010-07-28 20:56:12 | 000,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft [2010-07-28 20:47:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\DMCache [2010-07-28 20:34:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\ESET [2010-07-28 18:31:07 | 000,000,000 | ---D | C] -- C:\Program Files\Odkurzacz [2010-07-28 17:18:47 | 000,000,000 | ---D | C] -- C:\Program Files\Max Soft [2010-07-28 16:28:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jurek\Recent [2010-07-28 14:34:49 | 000,000,000 | ---D | C] -- C:\rsit [2010-07-28 13:45:43 | 003,205,744 | ---- | C] (Tonec Inc.) -- C:\Documents and Settings\Jurek\Dane aplikacji\idman519.exe [2010-07-25 16:56:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2010-07-24 15:22:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll [2010-07-24 15:22:24 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll [2010-07-20 18:51:59 | 000,000,000 | ---D | C] -- C:\Program Files\TNod User & Password Finder [2010-07-20 11:32:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-07-20 11:32:31 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-07-20 11:32:31 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-07-19 07:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\DoctorWeb [2010-07-18 21:19:16 | 000,000,000 | ---D | C] -- C:\_OTL [2010-07-15 21:06:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\QuickTime [2010-07-14 05:57:23 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2010-07-12 14:11:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\Foxit Software [2010-07-12 14:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Foxit Software [2010-07-02 13:09:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft [2010-06-29 20:02:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\Winamp ========== Files - Modified Within 30 Days ========== [2010-07-29 18:40:32 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010-07-29 18:39:56 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-07-29 18:39:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-07-29 18:31:08 | 007,077,888 | ---- | M] () -- C:\Documents and Settings\Jurek\ntuser.dat [2010-07-29 18:16:36 | 004,000,376 | -H-- | M] () -- C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-07-29 17:26:30 | 000,000,222 | ---- | M] () -- C:\Documents and Settings\Jurek\Pulpit\przywracanie rejestru w win XP.url [2010-07-29 17:19:11 | 000,490,284 | ---- | M] () -- C:\WINDOWS\System32\prfh0415.dat [2010-07-29 17:19:11 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-07-29 17:19:11 | 000,083,660 | ---- | M] () -- C:\WINDOWS\System32\prfc0415.dat [2010-07-29 17:19:11 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-07-29 15:40:33 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\Jurek\Pulpit\HiJackThis.lnk [2010-07-29 15:31:22 | 000,019,888 | ---- | M] () -- C:\Documents and Settings\Jurek\Moje dokumenty\cc_20100729_153119.reg [2010-07-29 15:23:26 | 000,524,288 | ---- | M] () -- C:\Documents and Settings\Jurek\Moje dokumenty\b.evt [2010-07-29 15:23:10 | 000,524,288 | ---- | M] () -- C:\Documents and Settings\Jurek\Moje dokumenty\j.evt [2010-07-29 14:57:01 | 000,802,816 | ---- | M] () -- C:\Documents and Settings\Jurek\Moje dokumenty\rejestr_systemowy_w_windows.doc [2010-07-29 11:34:32 | 079,291,224 | ---- | M] () -- C:\Documents and Settings\Jurek\Moje dokumenty\rejestr.reg [2010-07-28 22:06:55 | 000,000,789 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-07-28 22:04:54 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2A83E655-414D-4D18-B077-ECE00F4E2A05}.job [2010-07-28 21:38:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-07-28 18:26:41 | 000,000,707 | ---- | M] () -- C:\WINDOWS\win.ini [2010-07-28 18:26:41 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010-07-28 18:26:41 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2010-07-28 15:55:45 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Jurek\ntuser.ini [2010-07-28 13:45:43 | 003,205,744 | ---- | M] (Tonec Inc.) -- C:\Documents and Settings\Jurek\Dane aplikacji\idman519.exe [2010-07-24 15:26:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-07-22 06:38:22 | 000,189,952 | ---- | M] () -- C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-07-21 21:48:48 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Jurek\Pulpit\Skrót do Filmy.lnk [2010-07-20 18:54:06 | 000,490,284 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-07-20 18:54:06 | 000,083,660 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-07-20 18:54:05 | 001,087,700 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-07-16 09:14:27 | 000,002,560 | ---- | M] () -- C:\WINDOWS\_MSRSTRT.EXE [2010-06-29 20:04:10 | 000,001,518 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Muza.lnk ========== Files Created - No Company Name ========== [2010-07-29 17:24:37 | 000,000,222 | ---- | C] () -- C:\Documents and Settings\Jurek\Pulpit\przywracanie rejestru w win XP.url [2010-07-29 15:40:21 | 000,002,443 | ---- | C] () -- C:\Documents and Settings\Jurek\Pulpit\HiJackThis.lnk [2010-07-29 15:31:21 | 000,019,888 | ---- | C] () -- C:\Documents and Settings\Jurek\Moje dokumenty\cc_20100729_153119.reg [2010-07-29 15:23:25 | 000,524,288 | ---- | C] () -- C:\Documents and Settings\Jurek\Moje dokumenty\b.evt [2010-07-29 15:23:10 | 000,524,288 | ---- | C] () -- C:\Documents and Settings\Jurek\Moje dokumenty\j.evt [2010-07-29 14:57:00 | 000,802,816 | ---- | C] () -- C:\Documents and Settings\Jurek\Moje dokumenty\rejestr_systemowy_w_windows.doc [2010-07-29 12:48:11 | 000,490,284 | ---- | C] () -- C:\WINDOWS\System32\prfh0415.dat [2010-07-29 12:48:11 | 000,083,660 | ---- | C] () -- C:\WINDOWS\System32\prfc0415.dat [2010-07-29 11:34:21 | 079,291,224 | ---- | C] () -- C:\Documents and Settings\Jurek\Moje dokumenty\rejestr.reg [2010-07-24 15:26:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-07-21 21:48:50 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Jurek\Pulpit\Skrót do Filmy.lnk [2010-06-29 20:02:49 | 000,001,518 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Muza.lnk [2010-06-28 14:08:49 | 000,004,172 | ---- | C] () -- C:\WINDOWS\langorig.ini [2010-06-28 14:05:36 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\wbload.dll [2010-06-28 08:56:53 | 000,001,300 | ---- | C] () -- C:\WINDOWS\System32\cool.dll [2010-06-23 01:24:03 | 000,000,021 | ---- | C] () -- C:\WINDOWS\WB.ini [2010-06-20 11:31:40 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-06-03 10:00:47 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2010-06-02 16:09:03 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-06-02 16:08:57 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-06-02 16:08:57 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-06-02 16:08:56 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-06-02 16:08:56 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010-05-28 16:03:50 | 002,392,064 | ---- | C] () -- C:\WINDOWS\System32\videotrans.dll [2010-05-28 16:03:50 | 000,215,040 | ---- | C] () -- C:\WINDOWS\System32\videoformat.dll [2010-05-28 16:03:50 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\imgscaler.dll [2010-05-28 16:03:50 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\img_utils.dll [2010-05-28 16:03:50 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\videocore.dll [2010-05-28 16:03:47 | 000,128,512 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll [2010-05-14 17:27:28 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-05-14 17:13:03 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\xinput1_3.dll [2010-05-14 17:13:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\xinput1_2.dll [2010-05-14 17:12:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\xinput1_1.dll [2010-05-14 17:12:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\xinput9_1_0.dll [2010-05-14 15:56:11 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-05-13 22:30:42 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2009-10-20 01:23:46 | 000,178,960 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat ========== LOP Check ========== [2010-05-13 22:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-05-14 19:29:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2010-06-08 20:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2010-06-20 11:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-05-22 23:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-06-28 13:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-05-14 12:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-06-27 14:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IconTweaker [2010-05-30 13:25:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2010-05-14 17:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI [2010-05-30 13:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2010-05-29 21:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache [2010-05-29 21:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2010-06-07 18:57:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WOP [2010-06-28 15:57:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643} [2010-06-03 17:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\AnvSoft [2010-05-28 16:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Any Video Converter [2010-06-02 10:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Ashampoo [2010-06-20 20:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\DAEMON Tools Lite [2010-06-22 21:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Dexpot [2010-07-29 14:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\DMCache [2010-07-28 20:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\ESET [2010-07-12 14:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Foxit Software [2010-05-22 10:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Gadu-Gadu 10 [2010-05-14 20:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\GanymedeNet [2010-06-27 14:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\IconTweaker [2010-07-28 21:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\IDM [2010-06-06 22:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Multimedia Player [2010-05-29 21:52:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Nokia [2010-05-29 21:52:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Nokia Ovi Suite [2010-05-14 11:17:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Nowe Gadu-Gadu [2010-05-27 21:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\PC Suite [2010-05-29 22:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Samsung [2010-07-28 20:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\uTorrent [2010-07-12 14:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Foxit Software [2010-07-28 22:04:54 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{2A83E655-414D-4D18-B077-ECE00F4E2A05}.job ========== Purity Check ========== < End of report > Extras OTL Extras logfile created on: 2010-07-29 19:01:01 - Run 8 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Jurek\Pulpit\Programy\Ochrona kompa Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 234,38 Gb Total Space | 189,87 Gb Free Space | 81,01% Space Free | Partition Type: NTFS Drive D: | 7,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF E: Drive not present or media not loaded Drive F: | 298,09 Gb Total Space | 164,81 Gb Free Space | 55,29% Space Free | Partition Type: NTFS Drive G: | 231,38 Gb Total Space | 178,22 Gb Free Space | 77,02% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JL-A8BFE5D811C3 Current User Name: Jurek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- File not found "C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group) "C:\Program Files\Ares\chatServer.exe" = C:\Program Files\Ares\chatServer.exe:*:Enabled:Ares Chat Server -- (Ares Development Group) "C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- File not found "C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- File not found "C:\Program Files\Wings of Prey\acess.exe" = C:\Program Files\Wings of Prey\acess.exe:*:Enabled:Wings of Prey -- File not found "C:\Program Files\Codemasters\DiRT2\dirt2_game.exe" = C:\Program Files\Codemasters\DiRT2\dirt2_game.exe:*:Enabled:DiRT2 -- File not found "C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\Prince of Persia.exe" = C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\Prince of Persia.exe:*:Enabled:Prince of Persia Zapomniane Piaski -- File not found "C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\GameSettings.exe" = C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\GameSettings.exe:*:Enabled:Prince of Persia Zapomniane Piaski Settings -- File not found "C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\gu.exe" = C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\gu.exe:*:Enabled:Prince of Persia Zapomniane Piaski Update -- File not found "C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\UPlayBrowser.exe" = C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\UPlayBrowser.exe:*:Enabled:Prince of Persia Zapomniane Piaski UPlay -- File not found "C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- File not found "G:\GRY\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = G:\GRY\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- (Konami Digital Entertainment Co., Ltd.) "C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" = C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club -- (Take-Two Interactive Software, Inc.) "C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe" = C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Sony DADC Austria AG) "C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe" = C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Take-Two Interactive Software, Inc.) "C:\Documents and Settings\Jurek\Ustawienia lokalne\Temp\~os25.tmp\rlvknlg.exe" = C:\Documents and Settings\Jurek\Ustawienia lokalne\Temp\~os25.tmp\rlvknlg.exe:*:Enabled:rlvknlg.exe -- File not found ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc "{04441EE4-3631-43DB-813A-9D031380C8E5}" = MarketingReg "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp "{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch "{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy "{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite "{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20 "{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg "{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB52D2C-1857-4D6C-99C8-4D3F8FC6E124}" = Microsoft Games for Windows - LIVE "{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones "{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport "{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5 "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6BCBF099-BC3F-4832-BC0D-0AD07D4A5FE9}" = ESET Smart Security "{6BF04C63-EAC0-4F19-9E88-9A745493E7BF}" = IconPackager "{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6F05332E-6063-4FB9-9233-0577B01E124A}" = Microsoft Games for Windows - LIVE Redistributable "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver "{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01 "{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01 "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{966A7D2F-6D7C-4932-A42D-CC129E39028F}" = BVTH - IDM 5.20 BUILD 1 FULL "{9B63540D-D942-4C38-B42E-A48AE0145970}" = Virtua Tennis 2009 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser "{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009 "{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AB6F6C80-1C35-4672-BDEF-F26FF214C409}" = Samsung PC Studio 7 "{ACA85783-8EEA-4f0a-B2A3-A8173F30209F}" = C4200_doccd "{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan "{B09BCBF6-87EE-4403-A336-3A9510856535}" = HP Photosmart All-In-One Software 9.0 "{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR "{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT "{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter "{BFDE4176-5DFE-4db9-AA00-8F30CB001BDA}" = c4200_Help "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C39E671D-0528-4c5e-A034-8470C5BC393A}" = C4200 "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game "{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI "{D8B7A682-20DA-4797-8415-B1FB14D4D32B}" = PS_AIO_Software "{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver "{DCD22647-6D31-479D-8F97-16D0AA934D9E}" = PC Connectivity Solution "{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX "{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm "{E28750A2-45F2-4b63-99F7-9F81A94B1E2D}" = PS_AIO_Software_min "{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt "{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox "{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}" = Prince of Persia® Zapomniane Piaski "{F0A421DB-030E-40DE-A3E6-EC340B1074BC}" = DiRT2 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE "{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl "{FD7F242B-9AA0-40c3-941E-3A9821D19C09}" = PS_AIO_ProductContext "{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status "05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2) "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "7-Zip" = 7-Zip 4.65 "8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Ares" = Ares 2.1.5 "Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010 "Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3.20 "CCleaner" = CCleaner "com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI "Dzielenie i łączenie plików_is1" = Dzielenie i łączenie plików v1.2.2 "EA Download Manager" = EA Download Manager "FormatFactory" = FormatFactory 2.40 "Foxit Creator" = Foxit Creator "Free Window Registry Repair" = Free Window Registry Repair "Gadu-Gadu 10" = Gadu-Gadu 10 "HP Imaging Device Functions" = HP Imaging Device Functions 9.0 "HP Photosmart Essential" = HP Photosmart Essential 2.01 "HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0 "HPExtendedCapabilities" = HP Customer Parti[Filtr wulgaryzmów]tion Program 9.0 "HPOCR" = HP OCR Software 9.0 "IconPackager" = IconPackager "ie8" = Windows Internet Explorer 8 "Internet Download Manager" = Internet Download Manager "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.0.0 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "mIRC" = mIRC "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "Nokia PC Suite" = Nokia PC Suite "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "Odkurzacz 12.3_is1" = Odkurzacz 12.3 "OpenAL" = OpenAL "RegSwepper" = RegSwepper "Samsung PC Studio 7" = Samsung PC Studio 7 "The KMPlayer" = The KMPlayer (remove only) "TNod" = TNod User & Password Finder "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Winamp" = Winamp "WindowBlinds" = WindowBlinds "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7 ========== Last 10 Event Log Errors ========== [ System Events ] Error - 2010-07-29 10:50:41 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Sterownik portu równoległego z powodu następującego błędu: %%1058 Error - 2010-07-29 11:04:38 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Sterownik portu równoległego z powodu następującego błędu: %%1058 Error - 2010-07-29 11:26:15 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Sterownik portu równoległego z powodu następującego błędu: %%1058 Error - 2010-07-29 12:39:59 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Sterownik portu równoległego z powodu następującego błędu: %%1058 < End of report > GMER ni cholery nie da rady odrazu zawieszka przy właczaniu,nawet nie zaczełem skanowac. Oprócz tego komputer moge uruchomic jedynie poprzez naciśniecie F2 i potem esc.Zawiesza sie na początku uruchamiania. Odnośnik do komentarza
picasso Opublikowano 29 Lipca 2010 Zgłoś Udostępnij Opublikowano 29 Lipca 2010 Póki co nie widzę nic szkodliwego w stanie czynnym, jest tylko resztka po adware Revelant Knowledge w autoryzowanych wpisach zapory: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]"C:\Documents and Settings\Jurek\Ustawienia lokalne\Temp\~os25.tmp\rlvknlg.exe" = C:\Documents and Settings\Jurek\Ustawienia lokalne\Temp\~os25.tmp\rlvknlg.exe:*:Enabled:rlvknlg.exe -- File not found Ale ktoś tu grzebał, widzę że był stosowany skrypt do OTL, co tu robiono? Chce zrobić przywracanie systemu (tak by było najprościej) ale nie moge ,wyskakuje ,,Przywracanie nie kompletne,Żadne zmiany nie zostały wprowadzone Czy jesteś pewien, że nie przeszkadza tu ESET Smart Security? Program zabezpieczający to jest podstawowy podejrzany dla blokowania procesów rolowania systemu wstecz. Spróbuj wywołać Przywracanie systemu z poziomu Trybu awaryjnego Windows. GMER ni cholery nie da rady odrazu zawieszka przy właczaniu,nawet nie zaczełem skanowac. Nie dostosowałeś się do wymogów ogłoszenia, jest czynny Alcohol i działa w tle emulator wirtualnych napędów: DRV - [2010-06-20 11:31:40 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) Oprócz tego komputer moge uruchomic jedynie poprzez naciśniecie F2 i potem esc.Zawiesza sie na początku uruchamiania. Czy pojawia się jakiś błąd z prośbą o wciśnięcie F2? . Odnośnik do komentarza
Promilos Opublikowano 29 Lipca 2010 Autor Zgłoś Udostępnij Opublikowano 29 Lipca 2010 Bo ja już byłem na innym forum i mi próbowano pomoc coś wpisywałem w otl i fix jak dobrze pamietam,oprócz tego ja kombinowałęm troche w rejestrze po czytaniu google bo niedziałał mi panel sterowania ,menadzer zadan dodan usuń programy i prawy przycisk nmyszki jak chciałem własciwości wcisnąć,to naprawiłęm ale cooś spieprzyłem w rejestrze i jak chce właczyć np.gre to mi wyskakuje ze jest odinstalowana. W tryb awaryjny wchodzi sie wciskająć f8 przy uruchamianiu tak? Ja tego nie moge zrobić bo mi sie zawiesza na samym początku uruchamiania i mam tam coś -Press F2 to Setup prees F11 boot coś tam.Musze wcisnąc F2 i potem z tego wyjść żeby komputer uruchomić.Normalnie nie pójdzie.Sorry za niedostosowanie sie do wymogów ale walcze ztym od wczoraj nie mam siły czytać kolejnych regulaminów sorry Wyłaczyć eseta i spróbować? A propo Alcoholu ja nie widze żeby był właczony:( Odnośnik do komentarza
picasso Opublikowano 29 Lipca 2010 Zgłoś Udostępnij Opublikowano 29 Lipca 2010 Bo ja już byłem na innym forum i mi próbowano pomoc coś wpisywałem w otl i fix jak dobrze pamietam Podaj link gdzie to załatwiano.... A propo Alcoholu ja nie widze żeby był właczony:( Przecież już pokazałam te dane, pracuje w tle sterownik SPTD (to jest główny sterownik Alcohola): DRV - [2010-06-20 11:31:40 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) W ogłoszeniu masz szczegółowe informacje jak zdjąć emulację wirtuali.... W tryb awaryjny wchodzi sie wciskająć f8 przy uruchamianiu tak? Ja tego nie moge zrobić bo mi sie zawiesza na samym początku uruchamiania i mam tam coś -Press F2 to Setup prees F11 boot coś tam.Musze wcisnąc F2 i potem z tego wyjść żeby komputer uruchomić.Normalnie nie pójdzie. Tylko tyle, nie ma tam żadnego szczegółu o błędzie? Zrób tymczasową modyfikację boot.ini, by wstawić sobie pozycję Trybu awaryjnego do menu rozruchu: 1. Start > Uruchom > sysdm.cpl, wejdź w kartę Zaawansowane, wybierz Odzyskiwanie i uruchamianie > Ustawienia > Edytuj. 2. Otworzy się zawartość pliku boot.ini, podobna do tej: [boot loader]timeout=30 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect Powiel ostatnią linię z systemem operacyjnym, nadając nazwę rozpoznawczą i dopisując na końcu linii parametry /safeboot:minimal /sos /bootlog: [boot loader]timeout=30 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional Awaryjny" /noexecute=optin /fastdetect /safeboot:minimal /sos /bootlog Zapisz zmiany w pliku. 3. Od teraz przy starcie do Windows dostaniesz na czarnym tle menu wyboru między Windows a Windows awaryjnym. . Odnośnik do komentarza
Promilos Opublikowano 29 Lipca 2010 Autor Zgłoś Udostępnij Opublikowano 29 Lipca 2010 www.dobreprogramy.pl juz próbuje dzieki:) No udało sie wejśc w tryb awaryjny ale dalej nie moge zrobić przywracania .Wszystko wygląda dobrze a jak juz sie restartuje i sie uruchamia po przywracaniu Jest coś takiego. Przywracanie niekompletne .żadne zmiany nie zostały zrobione. Jednak moge uruchamiac bez wchodzenia wsetup F2 ale musze czekać z 10min zatrzymuje sie na tym SATTAII 3 :HL-DT-ST DVD RAM GH22N540 NL02 ULTRA DMA MODE-5<nasamym początku jak komp sie włacza> Odnośnik do komentarza
picasso Opublikowano 29 Lipca 2010 Zgłoś Udostępnij Opublikowano 29 Lipca 2010 www.dobreprogramy.pl No tak, ale ja tam byłam i temat jest o niczym. Kazali Ci pokazać logi i na tym się skończyło. Nie ma żadnych instrukcji ze skryptem. To kto i gdzie dawał skrypt? Pokaż mi w takim razie skutki mieszania. Wejdź do katalogu C:\_OTL i tam powinien być log z tajemniczego usuwania. Zaprezentuj go tutaj. Wszystko wygląda dobrze a jak juz sie restartuje i sie uruchamia po przywracaniu Jest coś takiego.Przywracanie niekompletne .żadne zmiany nie zostały zrobione. Spróbowałabym jeszcze jak to się będzie odbywać przy redukcji działania ESET: wyłączyć całkowicie jego ochronę (ale to nie ściąga działania w sposób kompletny) lub odmontować ESET z komputera. Jednak moge uruchamiac bez wchodzenia wsetup F2 ale musze czekać z 10min zatrzymuje sie na tymSATTAII 3 :HL-DT-ST DVD RAM GH22N540 NL02 ULTRA DMA MODE-5 Spróbuj wejść do BIOS i wyszukać funkcję kolejności bootowania napędów. W niej przenieść dysk twardy na pierwsze miejsce bootowania. . Odnośnik do komentarza
Promilos Opublikowano 29 Lipca 2010 Autor Zgłoś Udostępnij Opublikowano 29 Lipca 2010 http://forum.dobreprogramy.pl/wylaczony-menadzer-zadan-t406700.html pierwszy temat http://forum.dobreprogramy.pl/nie-dziala-przywracanie-systemu-t406884.html Drugi temat http://www.forumpc.pl/index.php?showtopic=169529 I jeszcze na innym forum. Jak mam wejść w Bios? Jak sie nie uda to co tylko format mi został? Odnośnik do komentarza
picasso Opublikowano 29 Lipca 2010 Zgłoś Udostępnij Opublikowano 29 Lipca 2010 Jak mam wejść w Bios? Mówisz: "Press F2 to Setup prees F11 boot coś tam", to i F2 wygląda na klawisz wchodzenia w konfigurację BIOS. Co Ty w ogóle widzisz wywołując klawisz F2? Jak sie nie uda to co tylko format mi został? Niekoniecznie. Jest tu jeszcze kilka sposobów na przywrócenie poprzedniej wersji rejestru. Mam w zanadrzu sztuczkę z bezpośrednią podmianą plików rejestru z jednego z punktów Przywracania. Sposób podam jak zawiodą proste rzeczy. . Odnośnik do komentarza
Promilos Opublikowano 29 Lipca 2010 Autor Zgłoś Udostępnij Opublikowano 29 Lipca 2010 Ok:)Teraz jeszcze jak chciałem oddinstalować eseta zobaczyłem program od którego zaczeły sie wszystkie problemy usuwałem juz hama a on cały czas jest jak sie okazało BVTH-IDM 5.20 BUILD 1 Ściągałem INTERNET DOWNLOAD MANAGER Idalej go nie moge usunąc. F2 to jest setup jak sie komputer włacza(przynajmniej u mnie tak pisze) a f11 Boot .... Zaraz napisze wiecej jak sie właczy EDIT: No i lipa odinstalowałem Eseta cały czas to samo -Przywracanie niekompletne.Żadne zmiany.... Press F2 to Run Setup. Press F11 tor Boot MEnu A poodinstalowaniu eseta komputer włacza sie szybko ,sprawnie i normalnie F2 Wyświetla sie jakby tabelka a tam MAIN ,ADWANCED ,H/W MONITOR , BOOT,SECURITY ipo każdym opcje jakieś. F11 PLEASE SececTT (chyba tak tam pisało) BOOT DEVICE. -1st FOPPY DRIVE -HDD:PM - ST3500320AS -CD/DVD :PS-HL-DT-ST DVDRAM GH22N -USB:TOSHIBA MK3259GSX To tam sie wyświetla po wciśnieciu Odnośnik do komentarza
Tyrol Opublikowano 29 Lipca 2010 Zgłoś Udostępnij Opublikowano 29 Lipca 2010 Jeżeli chodzi o tryb awaryjny. Odłącz napęd LG i wtedy próbuj. Btw. Ja wchodzę w tryb awaryjny przez F7 Odnośnik do komentarza
picasso Opublikowano 29 Lipca 2010 Zgłoś Udostępnij Opublikowano 29 Lipca 2010 Promilos proszę Cię edytuj posty, jeśli nikt nie odpowiedział, jest bez sensu tworzyć nowe pod spodem. No i lipa odinstalowałem Eseta cały czas to samo -Przywracanie niekompletne.Żadne zmiany.... 1. Zastartuj na ten komputer z płyty OTLPE. Z Pulpitu uruchom My Computer. Wejdź na dysk z Windows do katalogu, gdzie Przywracanie systemu trzyma swoje pliki, czyli C:\System Volume Information. 2. W katalogu tym są różne punkty Przywracania, a są zbudowane wg schematu: C:\System Volume Information\_restore{numerki}\RPX\Snapshot Masz wybrać ten punkt Przywracania, który nie jest najnowszy i jest datowany na okres sprzed wystąpienia problemu. W środku są pliki (na pomarańczowo rejestr systemu, na niebiesko rejestr użytkownika): _REGISTRY_USER_.DEFAULT _REGISTRY_MACHINE_SECURITY _REGISTRY_MACHINE_SOFTWARE _REGISTRY_MACHINE_SYSTEM _REGISTRY_MACHINE_SAM _REGISTRY_USER_NTUSER_S-1-5-21-bardzo-długi-numerek Skopiuj je do tymczasowo utworzonego folderu np. C:\TMP. Zmień im nazwy korespondująco na: DEFAULT, SECURITY, SOFTWARE, SYSTEM, SAM, NTUSER.DAT 3. Plikami pomarańczowymi masz podstawić pliki w C:\WINDOWS\system32\config, zaś niebieskim w C:\Documents and settings\Twoje konto. Wykonaj kopię zapasową plików zastępowanych! 4. Resetujesz komputer. Skutki uboczne: podstawienie rejestru ze starszego punktu Przywracania niż aktualna sytuacja spowoduje powrót wszystkich wpisów odinstalowanych aplikacji oraz innych rzeczy usuwanych po tym punkcie Przywracania. Nic nie kombinuj na własną rękę tylko przedstaw nowe logi z OTL. Press F2 to Run Setup. Przecież mówię, to wygląda na klawisz wchodzenia w BIOS. Tu masz na obrazkach, patrz na Dell, jak to wygląda: KLIK. Ale nic tu nie kombinuj, bo nastąpiła zmiana sytuacji: A poodinstalowaniu eseta komputer włacza sie szybko ,sprawnie i normalnie . Odnośnik do komentarza
Promilos Opublikowano 30 Lipca 2010 Autor Zgłoś Udostępnij Opublikowano 30 Lipca 2010 Witam Po piewsze jesteś wielka <kwiatki> dla Ciebie:)DZiekuje za poświecenie czasu i za pomoc. Ogólnie wygląda na to że wszystko sie naprawiło:) PRoblemy jakie wystąpiły(może jednak coś żle zrobiłem) 1Umnie te wszystkie pliki były na niebiesko przeszukałem cały system volume i wszedzie to samo.POmyślałem sobie że może windowsblind zmienił kolory zrobiłem tak jak pisałaś tylko niezważająć na kolory bo umnie były jednakowe. 2Pliki Registry_user_Ntuser umnie były ze 4 takie pliki i dopiero po krórejś próbie gdy wziąłęm najwiekszy komputer wygląda normalnie ta sama tapeta ikony itp. 3Miałem ten plik dać do ,,twoje konto,, a umnie było ,,Jurek,, ,Administrator,, ,,Jurek(jakieś liczby),, i user default też wyglądało jak konto.Pierw dałem do jurek bo tak jestem zawsze zalogowany ,pewnie zrobiłem dobrze ale musiałem dać nie właściwy Ntuser i komp wyglądał jak z przed wojny ,zaczełem kombinować dałęm do każdego ztych kont Ntuser,cały czas było to samo.Dopiero jak dałęm najwiekszy Tnuser do Jurek wszystko zaczeło wyglądać ok.Więc chyba troche naśmieciłęm:) 3Padł mi internet po tej całej operacji ,wczoraj sie poddałęm poszedłem spać a dzisiaj rano CUD ,cały czas netu nie było wszedłem w połączenia sieciowe odinstalowałęm całkowice fartem do był strzał eset firewall i internet ruszył hehe:)):):).A i nie zrobiłem kopi zapasowych tych plików ,spałem już siedząc robiłem punkt po punkcie ato było napisane po operacji już CZy to juz było przywracanie systemu??(chyba nie bo nie mam eseta) Robić przywracanie systemu czy już nie trzeba? Wszystko piknie działa WIElkie Dzięki jeszczre raz:):)):)::) Daje logi TXT OTL logfile created on: 2010-07-30 14:31:26 - Run 4 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Jurek\Pulpit\Programy\Ochrona kompa Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 91,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 234,38 Gb Total Space | 189,17 Gb Free Space | 80,71% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded Drive F: | 30,09 Gb Total Space | 26,91 Gb Free Space | 89,44% Space Free | Partition Type: FAT32 Drive G: | 231,38 Gb Total Space | 178,22 Gb Free Space | 77,02% Space Free | Partition Type: NTFS Drive H: | 298,09 Gb Total Space | 164,81 Gb Free Space | 55,29% Space Free | Partition Type: NTFS I: Drive not present or media not loaded Computer Name: JL-A8BFE5D811C3 Current User Name: Jurek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010-07-28 21:27:11 | 003,220,912 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe PRC - [2010-07-18 12:06:52 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jurek\Pulpit\Programy\Ochrona kompa\OTL.exe PRC - [2010-05-25 15:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (SafeList) ========== MOD - [2010-07-18 12:06:52 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jurek\Pulpit\Programy\Ochrona kompa\OTL.exe MOD - [2009-11-18 21:12:06 | 000,070,960 | ---- | M] (Stardock.net, Inc) -- C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll MOD - [2009-03-26 15:35:40 | 000,034,224 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\idmmkb.dll MOD - [2008-04-26 16:14:22 | 000,042,672 | ---- | M] (Stardock.Net, Inc) -- C:\WINDOWS\system32\wbsys.dll MOD - [2008-04-14 19:16:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2007-09-27 12:40:14 | 000,488,523 | ---- | M] (Stardock Corporation) -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll MOD - [2007-07-11 15:06:58 | 000,028,740 | ---- | M] (Stardock.Net, Inc) -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [Auto | Stopped] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - File not found [Auto | Stopped] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2010-04-27 13:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Jurek\xp.sys -- (xp) DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\DRIVERS\epfwtdi.sys -- (epfwtdi) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\Epfwndis.sys -- (Epfwndis) DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\epfw.sys -- (epfw) DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\DRIVERS\ehdrv.sys -- (ehdrv) DRV - File not found [File_System | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\eamon.sys -- (eamon) DRV - [2010-06-20 11:31:40 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-04-04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-04-13 18:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-05-02 16:32:34 | 000,135,680 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsa.sys -- (nmwcdsa) DRV - [2007-05-02 16:31:54 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsacm.sys -- (nmwcdsacm) DRV - [2007-05-02 16:31:54 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsacj.sys -- (nmwcdsacj) DRV - [2007-05-02 16:31:54 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsac.sys -- (nmwcdsac) DRV - [2007-04-14 16:28:00 | 000,094,592 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2006-09-12 19:27:00 | 004,381,184 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.google.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.google.com/ IE - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird O1 HOSTS File: ([2010-07-28 22:06:55 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [TNOD UP] C:\Program Files\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) O4 - HKU\.DEFAULT..\Run: [samsung.PCSync] C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-18..\Run: [samsung.PCSync] C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-21-1409082233-1644491937-725345543-1003..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm () O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {FDDBE2B8-4AD8-6602-946D-94C5A32FA6C1} http://cached.gamedesire.com/g_bin/pl/billard8_2_0_0_41.cab (GameDesire Pool 8) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 193.110.120.5 194.204.159.1 O20 - AppInit_DLLs: (wbsys.dll) - C:\WINDOWS\System32\wbsys.dll (Stardock.Net, Inc) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\WBSrv: DllName - C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll (Stardock Corporation) O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-05-13 13:09:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-07-30 11:05:01 | 000,000,000 | ---D | C] -- C:\123 [2010-07-30 02:00:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy [2010-07-30 02:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\Help [2010-07-30 02:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\Help [2010-07-30 01:57:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jurek\Moje dokumenty\Moje obrazy [2010-07-30 01:57:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jurek\Moje dokumenty\Moja muzyka [2010-07-29 17:38:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2010-07-29 15:48:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Moje dokumenty\The KMPlayer [2010-07-28 21:26:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\IDM [2010-07-28 21:26:27 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager [2010-07-28 20:56:12 | 000,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft [2010-07-28 20:47:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\DMCache [2010-07-28 20:34:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\ESET [2010-07-28 18:31:07 | 000,000,000 | ---D | C] -- C:\Program Files\Odkurzacz [2010-07-28 17:18:47 | 000,000,000 | ---D | C] -- C:\Program Files\Max Soft [2010-07-28 16:28:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jurek\Recent [2010-07-28 14:34:49 | 000,000,000 | ---D | C] -- C:\rsit [2010-07-28 13:45:43 | 003,205,744 | ---- | C] (Tonec Inc.) -- C:\Documents and Settings\Jurek\Dane aplikacji\idman519.exe [2010-07-25 16:56:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2010-07-24 15:22:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll [2010-07-24 15:22:24 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll [2010-07-20 18:51:59 | 000,000,000 | ---D | C] -- C:\Program Files\TNod User & Password Finder [2010-07-20 11:32:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-07-20 11:32:31 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-07-20 11:32:31 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-07-19 07:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\DoctorWeb [2010-07-18 21:19:16 | 000,000,000 | ---D | C] -- C:\_OTL [2010-07-15 21:06:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\QuickTime [2010-07-14 05:57:23 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2010-07-12 14:11:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\Foxit Software [2010-07-12 14:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Foxit Software [2010-07-02 13:09:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft ========== Files - Modified Within 30 Days ========== [2010-07-30 14:26:00 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010-07-30 14:25:58 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-07-30 14:25:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-07-30 14:24:57 | 006,860,800 | ---- | M] () -- C:\Documents and Settings\Jurek\NTUSER.DAT [2010-07-30 05:14:55 | 003,505,826 | -H-- | M] () -- C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-07-30 05:14:33 | 000,189,952 | ---- | M] () -- C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-07-30 05:14:31 | 000,000,355 | ---- | M] () -- C:\Documents and Settings\Jurek\Pulpit\Skrót do Filmy.lnk [2010-07-30 03:43:16 | 000,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-07-30 03:43:12 | 001,085,432 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-07-30 03:43:12 | 000,490,284 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-07-30 03:43:12 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-07-30 03:43:12 | 000,083,660 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-07-30 03:43:12 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-07-30 00:29:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-07-29 22:27:13 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2A83E655-414D-4D18-B077-ECE00F4E2A05}.job [2010-07-29 21:20:19 | 000,000,182 | ---- | M] () -- C:\Documents and Settings\Jurek\Pulpit\Nie działa Przywracanie Systemu. - Fixitpc.pl.url [2010-07-29 20:53:06 | 000,786,432 | -H-- | M] () -- C:\Documents and Settings\Jurek\Pulpit\ntuser.dat [2010-07-29 20:29:50 | 000,000,350 | -HS- | M] () -- C:\boot.ini [2010-07-29 17:19:11 | 000,490,284 | ---- | M] () -- C:\WINDOWS\System32\prfh0415.dat [2010-07-29 17:19:11 | 000,083,660 | ---- | M] () -- C:\WINDOWS\System32\prfc0415.dat [2010-07-29 15:40:33 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\Jurek\Pulpit\HiJackThis.lnk [2010-07-29 15:31:22 | 000,019,888 | ---- | M] () -- C:\Documents and Settings\Jurek\Moje dokumenty\cc_20100729_153119.reg [2010-07-29 15:23:26 | 000,524,288 | ---- | M] () -- C:\Documents and Settings\Jurek\Moje dokumenty\b.evt [2010-07-29 15:23:10 | 000,524,288 | ---- | M] () -- C:\Documents and Settings\Jurek\Moje dokumenty\j.evt [2010-07-29 11:34:32 | 079,291,224 | ---- | M] () -- C:\Documents and Settings\Jurek\Moje dokumenty\rejestr.reg [2010-07-28 22:06:55 | 000,000,789 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-07-28 18:26:41 | 000,000,707 | ---- | M] () -- C:\WINDOWS\win.ini [2010-07-28 18:26:41 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010-07-28 15:55:45 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Jurek\ntuser.ini [2010-07-28 13:45:43 | 003,205,744 | ---- | M] (Tonec Inc.) -- C:\Documents and Settings\Jurek\Dane aplikacji\idman519.exe [2010-07-24 15:26:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-07-16 09:14:27 | 000,002,560 | ---- | M] () -- C:\WINDOWS\_MSRSTRT.EXE ========== Files Created - No Company Name ========== [2010-07-30 03:41:40 | 000,004,566 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2010-07-30 02:05:51 | 000,786,432 | -H-- | C] () -- C:\Documents and Settings\Jurek\Pulpit\ntuser.dat [2010-07-29 21:20:19 | 000,000,182 | ---- | C] () -- C:\Documents and Settings\Jurek\Pulpit\Nie działa Przywracanie Systemu. - Fixitpc.pl.url [2010-07-29 15:40:21 | 000,002,443 | ---- | C] () -- C:\Documents and Settings\Jurek\Pulpit\HiJackThis.lnk [2010-07-29 15:31:21 | 000,019,888 | ---- | C] () -- C:\Documents and Settings\Jurek\Moje dokumenty\cc_20100729_153119.reg [2010-07-29 15:23:25 | 000,524,288 | ---- | C] () -- C:\Documents and Settings\Jurek\Moje dokumenty\b.evt [2010-07-29 15:23:10 | 000,524,288 | ---- | C] () -- C:\Documents and Settings\Jurek\Moje dokumenty\j.evt [2010-07-29 12:48:11 | 000,490,284 | ---- | C] () -- C:\WINDOWS\System32\prfh0415.dat [2010-07-29 12:48:11 | 000,083,660 | ---- | C] () -- C:\WINDOWS\System32\prfc0415.dat [2010-07-29 11:34:21 | 079,291,224 | ---- | C] () -- C:\Documents and Settings\Jurek\Moje dokumenty\rejestr.reg [2010-07-24 15:26:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-07-21 21:48:50 | 000,000,355 | ---- | C] () -- C:\Documents and Settings\Jurek\Pulpit\Skrót do Filmy.lnk [2010-06-28 14:08:49 | 000,004,172 | ---- | C] () -- C:\WINDOWS\langorig.ini [2010-06-28 14:05:36 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\wbload.dll [2010-06-28 08:56:53 | 000,001,300 | ---- | C] () -- C:\WINDOWS\System32\cool.dll [2010-06-23 01:24:03 | 000,000,021 | ---- | C] () -- C:\WINDOWS\WB.ini [2010-06-20 11:31:40 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-06-03 10:00:47 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2010-06-02 16:09:03 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-06-02 16:08:57 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-06-02 16:08:57 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-06-02 16:08:56 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-06-02 16:08:56 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010-05-28 16:03:50 | 002,392,064 | ---- | C] () -- C:\WINDOWS\System32\videotrans.dll [2010-05-28 16:03:50 | 000,215,040 | ---- | C] () -- C:\WINDOWS\System32\videoformat.dll [2010-05-28 16:03:50 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\imgscaler.dll [2010-05-28 16:03:50 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\img_utils.dll [2010-05-28 16:03:50 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\videocore.dll [2010-05-28 16:03:47 | 000,128,512 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll [2010-05-14 17:27:28 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-05-14 17:13:03 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\xinput1_3.dll [2010-05-14 17:13:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\xinput1_2.dll [2010-05-14 17:12:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\xinput1_1.dll [2010-05-14 17:12:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\xinput9_1_0.dll [2010-05-14 15:56:11 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-05-13 22:30:42 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2009-10-20 01:23:46 | 000,178,960 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat ========== LOP Check ========== [2010-05-13 22:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-05-14 19:29:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2010-06-08 20:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2010-06-20 11:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-05-22 23:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-05-14 12:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-06-27 14:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IconTweaker [2010-05-30 13:25:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2010-05-14 17:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI [2010-05-30 13:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2010-05-29 21:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache [2010-05-29 21:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2010-06-07 18:57:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WOP [2010-06-28 15:57:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643} [2010-06-03 17:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\AnvSoft [2010-05-28 16:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Any Video Converter [2010-06-02 10:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Ashampoo [2010-06-20 20:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\DAEMON Tools Lite [2010-06-22 21:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Dexpot [2010-07-29 14:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\DMCache [2010-07-28 20:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\ESET [2010-07-12 14:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Foxit Software [2010-05-22 10:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Gadu-Gadu 10 [2010-05-14 20:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\GanymedeNet [2010-06-27 14:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\IconTweaker [2010-07-28 21:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\IDM [2010-06-06 22:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Multimedia Player [2010-05-29 21:52:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Nokia [2010-05-29 21:52:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Nokia Ovi Suite [2010-05-14 11:17:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Nowe Gadu-Gadu [2010-05-27 21:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\PC Suite [2010-05-29 22:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Samsung [2010-07-28 20:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\uTorrent [2010-07-12 14:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Foxit Software [2010-07-29 22:27:13 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{2A83E655-414D-4D18-B077-ECE00F4E2A05}.job ========== Purity Check ========== < End of report > Extras OTL Extras logfile created on: 2010-07-30 14:31:26 - Run 4 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Jurek\Pulpit\Programy\Ochrona kompa Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 91,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 234,38 Gb Total Space | 189,17 Gb Free Space | 80,71% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded Drive F: | 30,09 Gb Total Space | 26,91 Gb Free Space | 89,44% Space Free | Partition Type: FAT32 Drive G: | 231,38 Gb Total Space | 178,22 Gb Free Space | 77,02% Space Free | Partition Type: NTFS Drive H: | 298,09 Gb Total Space | 164,81 Gb Free Space | 55,29% Space Free | Partition Type: NTFS I: Drive not present or media not loaded Computer Name: JL-A8BFE5D811C3 Current User Name: Jurek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- File not found "C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group) "C:\Program Files\Ares\chatServer.exe" = C:\Program Files\Ares\chatServer.exe:*:Enabled:Ares Chat Server -- (Ares Development Group) "C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- File not found "C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- File not found "C:\Program Files\Wings of Prey\acess.exe" = C:\Program Files\Wings of Prey\acess.exe:*:Enabled:Wings of Prey -- File not found "C:\Program Files\Codemasters\DiRT2\dirt2_game.exe" = C:\Program Files\Codemasters\DiRT2\dirt2_game.exe:*:Enabled:DiRT2 -- File not found "C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\Prince of Persia.exe" = C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\Prince of Persia.exe:*:Enabled:Prince of Persia Zapomniane Piaski -- File not found "C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\GameSettings.exe" = C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\GameSettings.exe:*:Enabled:Prince of Persia Zapomniane Piaski Settings -- File not found "C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\gu.exe" = C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\gu.exe:*:Enabled:Prince of Persia Zapomniane Piaski Update -- File not found "C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\UPlayBrowser.exe" = C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\UPlayBrowser.exe:*:Enabled:Prince of Persia Zapomniane Piaski UPlay -- File not found "C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- File not found "G:\GRY\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = G:\GRY\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- (Konami Digital Entertainment Co., Ltd.) "C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" = C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club -- (Take-Two Interactive Software, Inc.) "C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe" = C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Sony DADC Austria AG) "C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe" = C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Take-Two Interactive Software, Inc.) "C:\Documents and Settings\Jurek\Ustawienia lokalne\Temp\~os25.tmp\rlvknlg.exe" = C:\Documents and Settings\Jurek\Ustawienia lokalne\Temp\~os25.tmp\rlvknlg.exe:*:Enabled:rlvknlg.exe -- File not found ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc "{04441EE4-3631-43DB-813A-9D031380C8E5}" = MarketingReg "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp "{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch "{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy "{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite "{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20 "{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg "{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB52D2C-1857-4D6C-99C8-4D3F8FC6E124}" = Microsoft Games for Windows - LIVE "{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones "{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport "{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5 "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6BCBF099-BC3F-4832-BC0D-0AD07D4A5FE9}" = ESET Smart Security "{6BF04C63-EAC0-4F19-9E88-9A745493E7BF}" = IconPackager "{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6F05332E-6063-4FB9-9233-0577B01E124A}" = Microsoft Games for Windows - LIVE Redistributable "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver "{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01 "{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01 "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi "{9B63540D-D942-4C38-B42E-A48AE0145970}" = Virtua Tennis 2009 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser "{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009 "{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AB6F6C80-1C35-4672-BDEF-F26FF214C409}" = Samsung PC Studio 7 "{ACA85783-8EEA-4f0a-B2A3-A8173F30209F}" = C4200_doccd "{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan "{B09BCBF6-87EE-4403-A336-3A9510856535}" = HP Photosmart All-In-One Software 9.0 "{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR "{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT "{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter "{BFDE4176-5DFE-4db9-AA00-8F30CB001BDA}" = c4200_Help "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C39E671D-0528-4c5e-A034-8470C5BC393A}" = C4200 "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game "{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI "{D8B7A682-20DA-4797-8415-B1FB14D4D32B}" = PS_AIO_Software "{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver "{DCD22647-6D31-479D-8F97-16D0AA934D9E}" = PC Connectivity Solution "{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX "{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm "{E28750A2-45F2-4b63-99F7-9F81A94B1E2D}" = PS_AIO_Software_min "{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt "{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox "{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}" = Prince of Persia® Zapomniane Piaski "{F0A421DB-030E-40DE-A3E6-EC340B1074BC}" = DiRT2 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE "{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl "{FD7F242B-9AA0-40c3-941E-3A9821D19C09}" = PS_AIO_ProductContext "{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status "05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2) "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "7-Zip" = 7-Zip 4.65 "8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Ares" = Ares 2.1.5 "Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010 "Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3.20 "CCleaner" = CCleaner "com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI "Dzielenie i łączenie plików_is1" = Dzielenie i łączenie plików v1.2.2 "EA Download Manager" = EA Download Manager "FormatFactory" = FormatFactory 2.40 "Foxit Creator" = Foxit Creator "Gadu-Gadu 10" = Gadu-Gadu 10 "HP Imaging Device Functions" = HP Imaging Device Functions 9.0 "HP Photosmart Essential" = HP Photosmart Essential 2.01 "HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0 "HPExtendedCapabilities" = HP Customer Parti[Filtr wulgaryzmów]tion Program 9.0 "HPOCR" = HP OCR Software 9.0 "IconPackager" = IconPackager "ie8" = Windows Internet Explorer 8 "Internet Download Manager" = Internet Download Manager "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.0.0 "LogMeIn Hamachi" = LogMeIn Hamachi "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "mIRC" = mIRC "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "Nokia PC Suite" = Nokia PC Suite "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "OpenAL" = OpenAL "Samsung PC Studio 7" = Samsung PC Studio 7 "The KMPlayer" = The KMPlayer (remove only) "TNod" = TNod User & Password Finder "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Winamp" = Winamp "WindowBlinds" = WindowBlinds "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 2010-07-29 15:36:34 | Computer Name = JL-A8BFE5D811C3 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd iexplore.exe, wersja 8.0.6001.18702, moduł powodujący błąd mshtml.dll, wersja 8.0.6001.18928, adres błędu 0x000b9cd8. Error - 2010-07-29 16:01:22 | Computer Name = JL-A8BFE5D811C3 | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-29 16:01:22 | Computer Name = JL-A8BFE5D811C3 | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. [ System Events ] Error - 2010-07-30 08:21:03 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi eamon z powodu następującego błędu: %%2 Error - 2010-07-30 08:21:03 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi epfw z powodu następującego błędu: %%2 Error - 2010-07-30 08:21:03 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi ESET Service z powodu następującego błędu: %%3 Error - 2010-07-30 08:21:03 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi LogMeIn Hamachi 2.0 Tunneling Engine z powodu następującego błędu: %%3 Error - 2010-07-30 08:21:06 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: ehdrv epfwtdi Error - 2010-07-30 08:26:17 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi eamon z powodu następującego błędu: %%2 Error - 2010-07-30 08:26:17 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi epfw z powodu następującego błędu: %%2 Error - 2010-07-30 08:26:17 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi ESET Service z powodu następującego błędu: %%3 Error - 2010-07-30 08:26:17 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi LogMeIn Hamachi 2.0 Tunneling Engine z powodu następującego błędu: %%3 Error - 2010-07-30 08:26:19 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: ehdrv epfwtdi < End of report > czyli ztego wynika że cały eset sie nieusunął i firewall blokował przywracanie tak?Jeszcze nie prróbowałem przywracać czekam na dalsze instrukcje:) Odnośnik do komentarza
picasso Opublikowano 30 Lipca 2010 Zgłoś Udostępnij Opublikowano 30 Lipca 2010 Padł mi internet po tej całej operacji ,wczoraj sie poddałęm poszedłem spać a dzisiaj rano CUD ,cały czas netu nie było wszedłem w połączenia sieciowe odinstalowałęm całkowice fartem do był strzał eset firewall i internet ruszył hehe:)) Na pewno tu musiał mieć coś do rzeczy odinstalowany ESET, którego wpisy zostały przywrócone. CZy to juz było przywracanie systemu??(chyba nie bo nie mam eseta)Robić przywracanie systemu czy już nie trzeba? To nie jest pełny ekwiwalent Przywracania systemu. To jest ręczne wyciągnięcie z punktu Przywracania tylko rejestru. Zaś punkt Przywracania adresuje jeszcze pliki, ale to jest już awykonalne tutaj, by ręcznie wszystkie podmieniać z kopii w Przywracaniu, bo raz że plików jest sporo, dwa że w punkcie Przywracania mają zmienione nazwy na takie alfanumeryczne i dochodzenie przez przeliczanie sumy kontrolnej który jest który to już miazga. Kompletne Przywracanie się odbywa tylko, gdy użyjesz funkcji Przywracanie systemu w naturalny sposób, ale fukcja ta przecież nie działała. Jeszcze nie prróbowałem przywracać czekam na dalsze instrukcje:) Nie wydaje mi się to potrzebne, bo mówisz: Ogólnie wygląda na to że wszystko sie naprawiło:) Ale to co mówiłam, przywrócenie wcześniejszej wersji rejestru przywróciło śmieci - czyli usługi odinstalowanego ESET i jego wpis na liście Dodaj/Usuń (to wszystko nie działa, bo nie ma jego plików na dysku) oraz zapis szkodnika xp.sys. To już ręcznie będzie teraz do usunięcia. 1. Uruchom OTL i w sekcji Własne opcje sknowania / skrypt wklej: :OTL SRV - File not found [Auto | Stopped] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Jurek\xp.sys -- (xp) DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\DRIVERS\epfwtdi.sys -- (epfwtdi) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\Epfwndis.sys -- (Epfwndis) DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\epfw.sys -- (epfw) DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\DRIVERS\ehdrv.sys -- (ehdrv) DRV - File not found [File_System | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\eamon.sys -- (eamon) FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe File not found [2010-07-28 20:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\ESET [2010-05-13 22:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software :Reg [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6BCBF099-BC3F-4832-BC0D-0AD07D4A5FE9}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Documents and Settings\Jurek\Ustawienia lokalne\Temp\~os25.tmp\rlvknlg.exe"=- :Commands [emptytemp] Uruchom proces przez Wykonaj skrypt. Będzie reset komputera. Po restarcie log otrzymasz i go będziesz pokazywał. 2. Na wszelki wypadek przejedź jeszcze system przez dedykowany firmowy deinstalator: ESET Uninstaller. 3. Po wykonaniu tych zadań zgłoś się tu z nowym logiem z OTL i ostatecznym podsumowaniem co się dzieje. . Odnośnik do komentarza
Promilos Opublikowano 30 Lipca 2010 Autor Zgłoś Udostępnij Opublikowano 30 Lipca 2010 OTL z usuwania All processes killed ========== OTL ========== Service ekrn stopped successfully! Service ekrn deleted successfully! File C:\Program Files\ESET\ESET Smart Security\ekrn.exe not found. Service EhttpSrv stopped successfully! Service EhttpSrv deleted successfully! File C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe not found. Service xp stopped successfully! Service xp deleted successfully! File C:\Documents and Settings\Jurek\xp.sys not found. Service epfwtdi stopped successfully! Service epfwtdi deleted successfully! File C:\WINDOWS\System32\DRIVERS\epfwtdi.sys not found. Service Epfwndis stopped successfully! Service Epfwndis deleted successfully! File C:\WINDOWS\System32\DRIVERS\Epfwndis.sys not found. Service epfw stopped successfully! Service epfw deleted successfully! File C:\WINDOWS\System32\DRIVERS\epfw.sys not found. Service ehdrv stopped successfully! Service ehdrv deleted successfully! File C:\WINDOWS\System32\DRIVERS\ehdrv.sys not found. Service eamon stopped successfully! Service eamon deleted successfully! File C:\WINDOWS\System32\DRIVERS\eamon.sys not found. Registry value HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com deleted successfully. File C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\egui deleted successfully. C:\Documents and Settings\Jurek\Dane aplikacji\ESET\ESET Smart Security folder moved successfully. C:\Documents and Settings\Jurek\Dane aplikacji\ESET folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software\Avast5\log folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software\Avast5 folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software folder moved successfully. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6BCBF099-BC3F-4832-BC0D-0AD07D4A5FE9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6BCBF099-BC3F-4832-BC0D-0AD07D4A5FE9}\ not found. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Jurek\Ustawienia lokalne\Temp\~os25.tmp\rlvknlg.exe deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 205396 bytes ->Google Chrome cache emptied: 0 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Jurek ->Temp folder emptied: 388239959 bytes ->Temporary Internet Files folder emptied: 5579679 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 1316 bytes User: Jurek.JL-A8BFE5D811C3 ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 300803 bytes RecycleBin emptied: 16535985 bytes Total Files Cleaned = 392,00 mb OTL by OldTimer - Version 3.2.9.1 log created on 07302010_215541 Files\Folders moved on Reboot... File\Folder C:\Documents and Settings\Jurek\Ustawienia lokalne\Temp\~DFA1D8.tmp not found! File\Folder C:\Documents and Settings\Jurek\Ustawienia lokalne\Temp\~DFA1E3.tmp not found! File\Folder C:\Documents and Settings\Jurek\Ustawienia lokalne\Temp\~DFA23B.tmp not found! File\Folder C:\Documents and Settings\Jurek\Ustawienia lokalne\Temp\~DFA246.tmp not found! File\Folder C:\Documents and Settings\Jurek\Ustawienia lokalne\Temp\~DFA281.tmp not found! File\Folder C:\Documents and Settings\Jurek\Ustawienia lokalne\Temp\~DFA28C.tmp not found! C:\Documents and Settings\Jurek\Ustawienia lokalne\Temporary Internet Files\Content.IE5\ATA1Q3PC\index[6].htm moved successfully. C:\Documents and Settings\Jurek\Ustawienia lokalne\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully. Registry entries deleted on Reboot... OTL TXT OTL logfile created on: 2010-07-30 22:03:53 - Run 5 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Jurek\Pulpit\Programy\Ochrona kompa Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 92,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 234,38 Gb Total Space | 189,67 Gb Free Space | 80,92% Space Free | Partition Type: NTFS Drive D: | 7,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF E: Drive not present or media not loaded Drive F: | 30,09 Gb Total Space | 26,91 Gb Free Space | 89,44% Space Free | Partition Type: FAT32 Drive G: | 231,38 Gb Total Space | 178,22 Gb Free Space | 77,03% Space Free | Partition Type: NTFS Drive H: | 298,09 Gb Total Space | 164,81 Gb Free Space | 55,29% Space Free | Partition Type: NTFS I: Drive not present or media not loaded Computer Name: JL-A8BFE5D811C3 Current User Name: Jurek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010-07-28 21:27:11 | 003,220,912 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe PRC - [2010-07-18 12:06:52 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jurek\Pulpit\Programy\Ochrona kompa\OTL.exe PRC - [2010-05-25 15:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (SafeList) ========== MOD - [2010-07-18 12:06:52 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jurek\Pulpit\Programy\Ochrona kompa\OTL.exe MOD - [2009-11-18 21:12:06 | 000,070,960 | ---- | M] (Stardock.net, Inc) -- C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll MOD - [2009-03-26 15:35:40 | 000,034,224 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\idmmkb.dll MOD - [2008-04-26 16:14:22 | 000,042,672 | ---- | M] (Stardock.Net, Inc) -- C:\WINDOWS\system32\wbsys.dll MOD - [2008-04-14 19:16:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2007-09-27 12:40:14 | 000,488,523 | ---- | M] (Stardock Corporation) -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll MOD - [2007-07-11 15:06:58 | 000,028,740 | ---- | M] (Stardock.Net, Inc) -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [Auto | Stopped] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010-04-27 13:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) ========== Driver Services (SafeList) ========== DRV - [2010-06-20 11:31:40 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-04-04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-04-13 18:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-05-02 16:32:34 | 000,135,680 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsa.sys -- (nmwcdsa) DRV - [2007-05-02 16:31:54 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsacm.sys -- (nmwcdsacm) DRV - [2007-05-02 16:31:54 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsacj.sys -- (nmwcdsacj) DRV - [2007-05-02 16:31:54 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsac.sys -- (nmwcdsac) DRV - [2007-04-14 16:28:00 | 000,094,592 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2006-09-12 19:27:00 | 004,381,184 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.google.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.google.com/ IE - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2010-07-28 22:06:55 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [TNOD UP] C:\Program Files\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) O4 - HKU\.DEFAULT..\Run: [samsung.PCSync] C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-18..\Run: [samsung.PCSync] C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-21-1409082233-1644491937-725345543-1003..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKU\S-1-5-21-1409082233-1644491937-725345543-1003..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm () O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {FDDBE2B8-4AD8-6602-946D-94C5A32FA6C1} http://cached.gamedesire.com/g_bin/pl/billard8_2_0_0_41.cab (GameDesire Pool 8) O20 - AppInit_DLLs: (wbsys.dll) - C:\WINDOWS\System32\wbsys.dll (Stardock.Net, Inc) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\WBSrv: DllName - C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll (Stardock Corporation) O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-05-13 13:09:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008-08-22 07:57:52 | 000,230,728 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - D:\autorun.exe -- [ UDF ] O32 - AutoRun File - [2008-05-30 08:54:04 | 000,000,047 | R--- | M] () - D:\Autorun.inf -- [ UDF ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-07-30 14:43:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Moje dokumenty\NFS Most Wanted [2010-07-30 14:42:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\WOP [2010-07-30 11:05:01 | 000,000,000 | ---D | C] -- C:\123 [2010-07-30 02:00:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy [2010-07-30 02:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\Help [2010-07-30 02:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\Help [2010-07-30 01:57:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jurek\Moje dokumenty\Moje obrazy [2010-07-30 01:57:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jurek\Moje dokumenty\Moja muzyka [2010-07-29 17:38:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2010-07-29 15:48:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Moje dokumenty\The KMPlayer [2010-07-28 21:26:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\IDM [2010-07-28 21:26:27 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager [2010-07-28 20:56:12 | 000,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft [2010-07-28 20:47:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\DMCache [2010-07-28 18:31:07 | 000,000,000 | ---D | C] -- C:\Program Files\Odkurzacz [2010-07-28 17:18:47 | 000,000,000 | ---D | C] -- C:\Program Files\Max Soft [2010-07-28 16:28:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jurek\Recent [2010-07-28 14:34:49 | 000,000,000 | ---D | C] -- C:\rsit [2010-07-28 13:45:43 | 003,205,744 | ---- | C] (Tonec Inc.) -- C:\Documents and Settings\Jurek\Dane aplikacji\idman519.exe [2010-07-25 16:56:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2010-07-24 15:22:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll [2010-07-24 15:22:24 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll [2010-07-20 18:51:59 | 000,000,000 | ---D | C] -- C:\Program Files\TNod User & Password Finder [2010-07-20 11:32:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-07-20 11:32:31 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-07-20 11:32:31 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-07-19 07:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\DoctorWeb [2010-07-18 21:19:16 | 000,000,000 | ---D | C] -- C:\_OTL [2010-07-15 21:06:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\QuickTime [2010-07-14 05:57:23 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2010-07-12 14:11:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\Foxit Software [2010-07-12 14:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Foxit Software [2010-07-02 13:09:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft ========== Files - Modified Within 30 Days ========== [2010-07-30 21:57:20 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010-07-30 21:57:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-07-30 21:57:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-07-30 21:56:21 | 006,860,800 | ---- | M] () -- C:\Documents and Settings\Jurek\NTUSER.DAT [2010-07-30 21:50:35 | 000,000,138 | ---- | M] () -- C:\Documents and Settings\Jurek\Pulpit\Formularz testowy dla PKP.url [2010-07-30 21:50:29 | 000,000,189 | ---- | M] () -- C:\Documents and Settings\Jurek\Pulpit\Portal podróżnych - rozkład jazdy pociągów, hotele, noclegi, ciekawe miejsca#focus.url [2010-07-30 05:14:55 | 003,505,826 | -H-- | M] () -- C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-07-30 05:14:33 | 000,189,952 | ---- | M] () -- C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-07-30 05:14:31 | 000,000,355 | ---- | M] () -- C:\Documents and Settings\Jurek\Pulpit\Skrót do Filmy.lnk [2010-07-30 03:43:16 | 000,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-07-30 03:43:12 | 001,085,432 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-07-30 03:43:12 | 000,490,284 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-07-30 03:43:12 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-07-30 03:43:12 | 000,083,660 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-07-30 03:43:12 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-07-30 00:29:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-07-29 22:27:13 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2A83E655-414D-4D18-B077-ECE00F4E2A05}.job [2010-07-29 21:20:19 | 000,000,182 | ---- | M] () -- C:\Documents and Settings\Jurek\Pulpit\Nie działa Przywracanie Systemu. - Fixitpc.pl.url [2010-07-29 20:53:06 | 000,786,432 | -H-- | M] () -- C:\Documents and Settings\Jurek\Pulpit\ntuser.dat [2010-07-29 20:29:50 | 000,000,350 | -HS- | M] () -- C:\boot.ini [2010-07-29 17:19:11 | 000,490,284 | ---- | M] () -- C:\WINDOWS\System32\prfh0415.dat [2010-07-29 17:19:11 | 000,083,660 | ---- | M] () -- C:\WINDOWS\System32\prfc0415.dat [2010-07-29 15:31:22 | 000,019,888 | ---- | M] () -- C:\Documents and Settings\Jurek\Moje dokumenty\cc_20100729_153119.reg [2010-07-29 15:23:26 | 000,524,288 | ---- | M] () -- C:\Documents and Settings\Jurek\Moje dokumenty\b.evt [2010-07-29 15:23:10 | 000,524,288 | ---- | M] () -- C:\Documents and Settings\Jurek\Moje dokumenty\j.evt [2010-07-29 11:34:32 | 079,291,224 | ---- | M] () -- C:\Documents and Settings\Jurek\Moje dokumenty\rejestr.reg [2010-07-28 22:06:55 | 000,000,789 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-07-28 18:26:41 | 000,000,707 | ---- | M] () -- C:\WINDOWS\win.ini [2010-07-28 18:26:41 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010-07-28 15:55:45 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Jurek\ntuser.ini [2010-07-28 13:45:43 | 003,205,744 | ---- | M] (Tonec Inc.) -- C:\Documents and Settings\Jurek\Dane aplikacji\idman519.exe [2010-07-24 15:26:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-07-16 09:14:27 | 000,002,560 | ---- | M] () -- C:\WINDOWS\_MSRSTRT.EXE ========== Files Created - No Company Name ========== [2010-07-30 21:50:35 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Jurek\Pulpit\Formularz testowy dla PKP.url [2010-07-30 21:50:29 | 000,000,189 | ---- | C] () -- C:\Documents and Settings\Jurek\Pulpit\Portal podróżnych - rozkład jazdy pociągów, hotele, noclegi, ciekawe miejsca#focus.url [2010-07-30 03:41:40 | 000,004,566 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2010-07-30 02:05:51 | 000,786,432 | -H-- | C] () -- C:\Documents and Settings\Jurek\Pulpit\ntuser.dat [2010-07-29 21:20:19 | 000,000,182 | ---- | C] () -- C:\Documents and Settings\Jurek\Pulpit\Nie działa Przywracanie Systemu. - Fixitpc.pl.url [2010-07-29 15:31:21 | 000,019,888 | ---- | C] () -- C:\Documents and Settings\Jurek\Moje dokumenty\cc_20100729_153119.reg [2010-07-29 15:23:25 | 000,524,288 | ---- | C] () -- C:\Documents and Settings\Jurek\Moje dokumenty\b.evt [2010-07-29 15:23:10 | 000,524,288 | ---- | C] () -- C:\Documents and Settings\Jurek\Moje dokumenty\j.evt [2010-07-29 12:48:11 | 000,490,284 | ---- | C] () -- C:\WINDOWS\System32\prfh0415.dat [2010-07-29 12:48:11 | 000,083,660 | ---- | C] () -- C:\WINDOWS\System32\prfc0415.dat [2010-07-29 11:34:21 | 079,291,224 | ---- | C] () -- C:\Documents and Settings\Jurek\Moje dokumenty\rejestr.reg [2010-07-24 15:26:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-07-21 21:48:50 | 000,000,355 | ---- | C] () -- C:\Documents and Settings\Jurek\Pulpit\Skrót do Filmy.lnk [2010-06-28 14:08:49 | 000,004,172 | ---- | C] () -- C:\WINDOWS\langorig.ini [2010-06-28 14:05:36 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\wbload.dll [2010-06-28 08:56:53 | 000,001,300 | ---- | C] () -- C:\WINDOWS\System32\cool.dll [2010-06-23 01:24:03 | 000,000,021 | ---- | C] () -- C:\WINDOWS\WB.ini [2010-06-20 11:31:40 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-06-03 10:00:47 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2010-06-02 16:09:03 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-06-02 16:08:57 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-06-02 16:08:57 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-06-02 16:08:56 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-06-02 16:08:56 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010-05-28 16:03:50 | 002,392,064 | ---- | C] () -- C:\WINDOWS\System32\videotrans.dll [2010-05-28 16:03:50 | 000,215,040 | ---- | C] () -- C:\WINDOWS\System32\videoformat.dll [2010-05-28 16:03:50 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\imgscaler.dll [2010-05-28 16:03:50 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\img_utils.dll [2010-05-28 16:03:50 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\videocore.dll [2010-05-28 16:03:47 | 000,128,512 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll [2010-05-14 17:27:28 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-05-14 17:13:03 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\xinput1_3.dll [2010-05-14 17:13:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\xinput1_2.dll [2010-05-14 17:12:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\xinput1_1.dll [2010-05-14 17:12:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\xinput9_1_0.dll [2010-05-14 15:56:11 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-05-13 22:30:42 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2009-10-20 01:23:46 | 000,178,960 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat ========== LOP Check ========== [2010-05-14 19:29:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2010-06-08 20:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2010-06-20 11:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-05-22 23:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-05-14 12:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-06-27 14:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IconTweaker [2010-05-30 13:25:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2010-05-14 17:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI [2010-05-30 13:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2010-05-29 21:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache [2010-05-29 21:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2010-06-07 18:57:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WOP [2010-06-28 15:57:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643} [2010-06-03 17:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\AnvSoft [2010-05-28 16:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Any Video Converter [2010-06-02 10:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Ashampoo [2010-06-20 20:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\DAEMON Tools Lite [2010-06-22 21:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Dexpot [2010-07-29 14:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\DMCache [2010-07-12 14:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Foxit Software [2010-05-22 10:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Gadu-Gadu 10 [2010-05-14 20:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\GanymedeNet [2010-06-27 14:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\IconTweaker [2010-07-28 21:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\IDM [2010-06-06 22:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Multimedia Player [2010-05-29 21:52:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Nokia [2010-05-29 21:52:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Nokia Ovi Suite [2010-05-14 11:17:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Nowe Gadu-Gadu [2010-05-27 21:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\PC Suite [2010-05-29 22:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Samsung [2010-07-28 20:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\uTorrent [2010-07-12 14:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Foxit Software [2010-07-29 22:27:13 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{2A83E655-414D-4D18-B077-ECE00F4E2A05}.job ========== Purity Check ========== < End of report > OTL extras OTL Extras logfile created on: 2010-07-30 22:03:54 - Run 5 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Jurek\Pulpit\Programy\Ochrona kompa Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 92,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 234,38 Gb Total Space | 189,67 Gb Free Space | 80,92% Space Free | Partition Type: NTFS Drive D: | 7,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF E: Drive not present or media not loaded Drive F: | 30,09 Gb Total Space | 26,91 Gb Free Space | 89,44% Space Free | Partition Type: FAT32 Drive G: | 231,38 Gb Total Space | 178,22 Gb Free Space | 77,03% Space Free | Partition Type: NTFS Drive H: | 298,09 Gb Total Space | 164,81 Gb Free Space | 55,29% Space Free | Partition Type: NTFS I: Drive not present or media not loaded Computer Name: JL-A8BFE5D811C3 Current User Name: Jurek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- File not found "C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group) "C:\Program Files\Ares\chatServer.exe" = C:\Program Files\Ares\chatServer.exe:*:Enabled:Ares Chat Server -- (Ares Development Group) "C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- File not found "C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- File not found "C:\Program Files\Wings of Prey\acess.exe" = C:\Program Files\Wings of Prey\acess.exe:*:Enabled:Wings of Prey -- File not found "C:\Program Files\Codemasters\DiRT2\dirt2_game.exe" = C:\Program Files\Codemasters\DiRT2\dirt2_game.exe:*:Enabled:DiRT2 -- File not found "C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\Prince of Persia.exe" = C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\Prince of Persia.exe:*:Enabled:Prince of Persia Zapomniane Piaski -- File not found "C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\GameSettings.exe" = C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\GameSettings.exe:*:Enabled:Prince of Persia Zapomniane Piaski Settings -- File not found "C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\gu.exe" = C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\gu.exe:*:Enabled:Prince of Persia Zapomniane Piaski Update -- File not found "C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\UPlayBrowser.exe" = C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\UPlayBrowser.exe:*:Enabled:Prince of Persia Zapomniane Piaski UPlay -- File not found "C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- File not found "G:\GRY\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = G:\GRY\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- (Konami Digital Entertainment Co., Ltd.) "C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" = C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club -- (Take-Two Interactive Software, Inc.) "C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe" = C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Sony DADC Austria AG) "C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe" = C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Take-Two Interactive Software, Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc "{04441EE4-3631-43DB-813A-9D031380C8E5}" = MarketingReg "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp "{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch "{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy "{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite "{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20 "{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg "{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB52D2C-1857-4D6C-99C8-4D3F8FC6E124}" = Microsoft Games for Windows - LIVE "{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones "{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport "{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5 "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6BF04C63-EAC0-4F19-9E88-9A745493E7BF}" = IconPackager "{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6F05332E-6063-4FB9-9233-0577B01E124A}" = Microsoft Games for Windows - LIVE Redistributable "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver "{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01 "{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01 "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi "{9B63540D-D942-4C38-B42E-A48AE0145970}" = Virtua Tennis 2009 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser "{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009 "{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AB6F6C80-1C35-4672-BDEF-F26FF214C409}" = Samsung PC Studio 7 "{ACA85783-8EEA-4f0a-B2A3-A8173F30209F}" = C4200_doccd "{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan "{B09BCBF6-87EE-4403-A336-3A9510856535}" = HP Photosmart All-In-One Software 9.0 "{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR "{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT "{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter "{BFDE4176-5DFE-4db9-AA00-8F30CB001BDA}" = c4200_Help "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C39E671D-0528-4c5e-A034-8470C5BC393A}" = C4200 "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game "{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI "{D8B7A682-20DA-4797-8415-B1FB14D4D32B}" = PS_AIO_Software "{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver "{DCD22647-6D31-479D-8F97-16D0AA934D9E}" = PC Connectivity Solution "{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX "{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm "{E28750A2-45F2-4b63-99F7-9F81A94B1E2D}" = PS_AIO_Software_min "{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt "{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox "{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}" = Prince of Persia® Zapomniane Piaski "{F0A421DB-030E-40DE-A3E6-EC340B1074BC}" = DiRT2 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE "{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl "{FD7F242B-9AA0-40c3-941E-3A9821D19C09}" = PS_AIO_ProductContext "{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status "05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2) "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "7-Zip" = 7-Zip 4.65 "8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Ares" = Ares 2.1.5 "Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010 "Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3.20 "CCleaner" = CCleaner "com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI "Dzielenie i łączenie plików_is1" = Dzielenie i łączenie plików v1.2.2 "EA Download Manager" = EA Download Manager "FormatFactory" = FormatFactory 2.40 "Foxit Creator" = Foxit Creator "Gadu-Gadu 10" = Gadu-Gadu 10 "HP Imaging Device Functions" = HP Imaging Device Functions 9.0 "HP Photosmart Essential" = HP Photosmart Essential 2.01 "HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0 "HPExtendedCapabilities" = HP Customer Parti[Filtr wulgaryzmów]tion Program 9.0 "HPOCR" = HP OCR Software 9.0 "IconPackager" = IconPackager "ie8" = Windows Internet Explorer 8 "Internet Download Manager" = Internet Download Manager "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.0.0 "LogMeIn Hamachi" = LogMeIn Hamachi "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "mIRC" = mIRC "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "Nokia PC Suite" = Nokia PC Suite "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "OpenAL" = OpenAL "Samsung PC Studio 7" = Samsung PC Studio 7 "The KMPlayer" = The KMPlayer (remove only) "TNod" = TNod User & Password Finder "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Winamp" = Winamp "WindowBlinds" = WindowBlinds "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 2010-07-29 15:36:34 | Computer Name = JL-A8BFE5D811C3 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd iexplore.exe, wersja 8.0.6001.18702, moduł powodujący błąd mshtml.dll, wersja 8.0.6001.18928, adres błędu 0x000b9cd8. Error - 2010-07-29 16:01:22 | Computer Name = JL-A8BFE5D811C3 | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-29 16:01:22 | Computer Name = JL-A8BFE5D811C3 | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. [ System Events ] Error - 2010-07-30 08:21:06 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: ehdrv epfwtdi Error - 2010-07-30 08:26:17 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi eamon z powodu następującego błędu: %%2 Error - 2010-07-30 08:26:17 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi epfw z powodu następującego błędu: %%2 Error - 2010-07-30 08:26:17 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi ESET Service z powodu następującego błędu: %%3 Error - 2010-07-30 08:26:17 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi LogMeIn Hamachi 2.0 Tunneling Engine z powodu następującego błędu: %%3 Error - 2010-07-30 08:26:19 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: ehdrv epfwtdi Error - 2010-07-30 15:55:41 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-07-30 15:55:42 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-07-30 15:55:43 | Computer Name = JL-A8BFE5D811C3 | Source = PlugPlayManager | ID = 11 Description = Urządzenie Root\LEGACY_XP\0000 zniknęło z systemu bez uprzedniego przygotowania go do usunięcia. Error - 2010-07-30 15:57:29 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi LogMeIn Hamachi 2.0 Tunneling Engine z powodu następującego błędu: %%3 < End of report > Wszystko dobrze chodzi.Dzieki jeszcze raz:). Moge sobie teraz już eseta zainstalować znów? Moge Cclanerem wszystko przeczyścić? Chyba jedyna rada żeby nie mieć takich awari to trzeba nabieżąco robić kopie rejestru? A może coś jeszcze? Czy jak sobie zaistaluje Mbam to z esetem nie bedzie sie gryzło ?I czy komp sie niebedzie od tego zamulał? A ijeszcze log z esetunistaler >>>>>>>>>>>>>>>>>>>>>> BEGIN >>>>>>>>>>>>>>>>>>>>>>> [07/30/10 22:00:44] C:\Documents and Settings\Jurek\Moje dokumenty\Downloads\Programs\ESETUninstaller.exe 4.0.14.0 [07/30/10 22:00:44] Input arguments: [07/30/10 22:00:44] Online (PC booted from fixed disk) mode detected. [07/30/10 22:00:44] ERROR! PC is running in normal boot, please run safe boot or boot live CD/DVD/USB. [07/30/10 22:00:44] Press any key to exit ... >>>>>>>>>>>>>>>>>>>>>>>> END >>>>>>>>>>>>>>>>>>>>>>>> Nie moge zainstalowac eseta pokazuje sie- Instalator Windows Funkcja której próbujesz użyc znajduje sie w niedostępnym zasobie sieciowym.Co mam zrobić? Odnośnik do komentarza
picasso Opublikowano 30 Lipca 2010 Zgłoś Udostępnij Opublikowano 30 Lipca 2010 Co zaplanowałam, usunęło się. Jeszcze: 1. W kwestii ESET Uninstaller: [07/30/10 22:00:44] Online (PC booted from fixed disk) mode detected. [07/30/10 22:00:44] ERROR! PC is running in normal boot, please run safe boot or boot live CD/DVD/USB. [07/30/10 22:00:44] Press any key to exit ... Narzędzie masz zastartować z poziomu Trybu awaryjnego Windows. To było napisane w artykule ESET, nie doczytałeś. 2. Pytaniem jest co się dzieje z Hamachi, które figuruje na liście zainstalowanych programów, ale sypie błędami: Error - 2010-07-30 15:57:29 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000Description = Nie można uruchomić usługi LogMeIn Hamachi 2.0 Tunneling Engine zpowodu następującego błędu: %%3 ... a jedna z jego usług wykazuje brak pliku: ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) ========== Driver Services (SafeList) ========== DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) Czy jak sobie zaistaluje Mbam to z esetem nie bedzie sie gryzło ?I czy komp sie niebedzie od tego zamulał? MBAM jest raczej bezkolizyjny, bo to skaner na żądanie i nie ma czynnej ochrony tłowej. Jeśli coś ma "przymulać", to prędzej z winy ESET jako takiego. W końcu to jest potężny pakiet. . Odnośnik do komentarza
Promilos Opublikowano 30 Lipca 2010 Autor Zgłoś Udostępnij Opublikowano 30 Lipca 2010 Już sobvie poradziłem z esetem jak chciałęm zainstalować pojawiła sie ikonka napraw lub usuń to usunołem resztki i zainstalowałem od nowa tak samo zrobie z hamatchi . JAk bym sobie wykupił pełną wersje mbam to bedzie dobre popłaczenie z esetem?Czy sam eset wystarczy? WIELKIE DZIEKI:) Wymiatasz w temacie:). Będe polecał twoje forum i Ciebie wszystkim z jakimiś problemami komputerowymi. Odnośnik do komentarza
picasso Opublikowano 30 Lipca 2010 Zgłoś Udostępnij Opublikowano 30 Lipca 2010 Możesz teraz pozbyć się odpadków po używaniu OTL. W OTL wywołaj opcję Sprzątanie. To usunie kwarantannę OTL oraz sam program jako taki. JAk bym sobie wykupił pełną wersje mbam to bedzie dobre popłaczenie z esetem?Czy sam eset wystarczy? Tu wystarczy pakiet ESET oraz darmowa wersja MBAM (skaner na żądanie). Nie ma co przesadzać z ilością czynnych strażników. . Odnośnik do komentarza
Promilos Opublikowano 31 Lipca 2010 Autor Zgłoś Udostępnij Opublikowano 31 Lipca 2010 Witam. Zdrobiłem dokładny scan Esetem i wykrył mi to- 2010-07-31 14:59:57 Ochrona systemu plików w czasie rzeczywistym plik C:\System Volume Information\_restore{228791AC-377E-4237-BC6E-3735D517C10A}\RP223\A0060618.exe prawdopodobnie odmiana wirusa Win32/Agent koń trojański ZARZĄDZANIE NT\SYSTEM Zdarzenie wystąpiło podczas modyfikowania pliku przez aplikację: C:\WINDOWS\system32\svchost.exe. 2010-07-31 14:59:56 Ochrona systemu plików w czasie rzeczywistym plik C:\System Volume Information\_restore{228791AC-377E-4237-BC6E-3735D517C10A}\RP223\A0060617.exe prawdopodobnie odmiana wirusa Win32/Agent koń trojański ZARZĄDZANIE NT\SYSTEM Zdarzenie wystąpiło podczas modyfikowania pliku przez aplikację: C:\WINDOWS\system32\svchost.exe. 2010-07-31 14:59:56 Ochrona systemu plików w czasie rzeczywistym plik C:\System Volume Information\_restore{228791AC-377E-4237-BC6E-3735D517C10A}\RP223\A0060616.exe prawdopodobnie odmiana wirusa Win32/Agent koń trojański ZARZĄDZANIE NT\SYSTEM Zdarzenie wystąpiło podczas modyfikowania pliku przez aplikację: C:\WINDOWS\system32\svchost.exe. 2010-07-31 14:59:54 Ochrona systemu plików w czasie rzeczywistym plik C:\System Volume Information\_restore{228791AC-377E-4237-BC6E-3735D517C10A}\RP223\A0060615.exe prawdopodobnie odmiana wirusa Win32/Agent koń trojański ZARZĄDZANIE NT\SYSTEM Zdarzenie wystąpiło podczas modyfikowania pliku przez aplikację: C:\WINDOWS\system32\svchost.exe. Otl.txt OTL logfile created on: 2010-07-31 15:18:01 - Run 3 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Jurek\Pulpit\Programy\Ochrona kompa Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 234,38 Gb Total Space | 192,45 Gb Free Space | 82,11% Space Free | Partition Type: NTFS Drive D: | 7,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 231,38 Gb Total Space | 178,75 Gb Free Space | 77,25% Space Free | Partition Type: NTFS Drive H: | 298,09 Gb Total Space | 164,81 Gb Free Space | 55,29% Space Free | Partition Type: NTFS I: Drive not present or media not loaded Computer Name: JL-A8BFE5D811C3 Current User Name: Jurek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010-07-31 09:49:01 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jurek\Pulpit\Programy\Ochrona kompa\OTL.exe PRC - [2010-07-28 21:27:11 | 003,220,912 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe PRC - [2010-07-14 09:53:32 | 002,678,784 | ---- | M] (Free Time) -- C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe PRC - [2010-05-25 15:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe PRC - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2010-04-07 21:07:04 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (SafeList) ========== MOD - [2010-07-31 09:49:01 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jurek\Pulpit\Programy\Ochrona kompa\OTL.exe MOD - [2009-11-18 21:12:06 | 000,070,960 | ---- | M] (Stardock.net, Inc) -- C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll MOD - [2009-03-26 15:35:40 | 000,034,224 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\idmmkb.dll MOD - [2008-04-26 16:14:22 | 000,042,672 | ---- | M] (Stardock.Net, Inc) -- C:\WINDOWS\system32\wbsys.dll MOD - [2008-04-14 19:16:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2007-09-27 12:40:14 | 000,488,523 | ---- | M] (Stardock Corporation) -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll MOD - [2007-07-11 15:06:58 | 000,028,740 | ---- | M] (Stardock.Net, Inc) -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - [2010-04-27 13:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010-04-07 21:10:38 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) ========== Driver Services (SafeList) ========== DRV - [2010-06-20 11:31:40 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-04-07 21:08:08 | 000,055,232 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi) DRV - [2010-04-07 21:08:06 | 000,032,584 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2010-04-07 21:08:04 | 000,134,488 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw) DRV - [2010-04-07 21:07:08 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-04-07 21:03:44 | 000,139,192 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2010-04-04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-04-13 18:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-05-02 16:32:34 | 000,135,680 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsa.sys -- (nmwcdsa) DRV - [2007-05-02 16:31:54 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsacm.sys -- (nmwcdsacm) DRV - [2007-05-02 16:31:54 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsacj.sys -- (nmwcdsacj) DRV - [2007-05-02 16:31:54 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsac.sys -- (nmwcdsac) DRV - [2007-04-14 16:28:00 | 000,094,592 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2006-09-12 19:27:00 | 004,381,184 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.google.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.google.com/ IE - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-07-31 09:32:26 | 000,000,000 | ---D | M] O1 HOSTS File: ([2010-07-28 22:06:55 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O3 - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [TNOD UP] C:\Program Files\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) O4 - HKU\.DEFAULT..\Run: [samsung.PCSync] C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-18..\Run: [samsung.PCSync] C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-21-1409082233-1644491937-725345543-1003..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm () O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {FDDBE2B8-4AD8-6602-946D-94C5A32FA6C1} http://cached.gamedesire.com/g_bin/pl/billard8_2_0_0_41.cab (GameDesire Pool 8) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 193.110.120.5 194.204.159.1 O20 - AppInit_DLLs: (wbsys.dll) - C:\WINDOWS\System32\wbsys.dll (Stardock.Net, Inc) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\WBSrv: DllName - C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll (Stardock Corporation) O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-05-13 13:09:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008-08-22 07:57:52 | 000,230,728 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - D:\autorun.exe -- [ UDF ] O32 - AutoRun File - [2008-05-30 08:54:04 | 000,000,047 | R--- | M] () - D:\Autorun.inf -- [ UDF ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-07-31 13:47:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jurek\Recent [2010-07-31 11:15:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-07-31 11:15:45 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-07-31 11:15:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-07-31 11:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Moje dokumenty\My Shared Folder [2010-07-31 11:04:21 | 000,000,000 | ---D | C] -- C:\Program Files\Ares [2010-07-31 09:39:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Aspyr [2010-07-31 09:39:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Aspyr [2010-07-31 09:38:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2010-07-31 09:38:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\ESET [2010-07-31 00:45:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Moje dokumenty\FFOutput [2010-07-31 00:17:10 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys [2010-07-30 23:59:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\.screenshooter [2010-07-30 23:59:44 | 000,000,000 | ---D | C] -- C:\Program Files\ScreenShooter [2010-07-30 23:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010-07-30 23:17:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-07-30 22:57:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\storage [2010-07-30 22:40:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Stardock [2010-07-30 21:54:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\Aspyr [2010-07-30 21:54:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Moje dokumenty\Aspyr [2010-07-30 14:43:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Moje dokumenty\NFS Most Wanted [2010-07-30 14:42:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\WOP [2010-07-30 02:00:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy [2010-07-30 02:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\Help [2010-07-30 02:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\Help [2010-07-29 17:38:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2010-07-29 15:48:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Moje dokumenty\The KMPlayer [2010-07-28 21:26:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\IDM [2010-07-28 21:26:27 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager [2010-07-28 20:56:12 | 000,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft [2010-07-28 20:47:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\DMCache [2010-07-28 13:45:43 | 003,205,744 | ---- | C] (Tonec Inc.) -- C:\Documents and Settings\Jurek\Dane aplikacji\idman519.exe [2010-07-25 16:56:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2010-07-24 15:22:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll [2010-07-24 15:22:24 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll [2010-07-20 18:51:59 | 000,000,000 | ---D | C] -- C:\Program Files\TNod User & Password Finder [2010-07-19 07:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\DoctorWeb [2010-07-15 21:06:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\QuickTime [2010-07-14 05:57:23 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2010-07-12 14:11:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jurek\Dane aplikacji\Foxit Software [2010-07-12 14:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Foxit Software [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010-07-31 14:04:02 | 000,202,240 | ---- | M] () -- C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-07-31 13:59:56 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010-07-31 13:59:55 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-07-31 13:59:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-07-31 13:51:08 | 007,077,888 | ---- | M] () -- C:\Documents and Settings\Jurek\NTUSER.DAT [2010-07-31 11:22:24 | 000,000,707 | ---- | M] () -- C:\WINDOWS\win.ini [2010-07-31 11:22:24 | 000,000,350 | -HS- | M] () -- C:\boot.ini [2010-07-31 11:22:24 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010-07-31 10:49:36 | 000,013,664 | ---- | M] () -- C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-07-31 10:26:00 | 000,009,915 | -H-- | M] () -- C:\Documents and Settings\Jurek\Pulpit\folder.jpg [2010-07-31 09:41:09 | 000,101,440 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-07-31 00:09:40 | 000,445,016 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll [2010-07-31 00:09:40 | 000,109,144 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll [2010-07-31 00:06:17 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2A83E655-414D-4D18-B077-ECE00F4E2A05}.job [2010-07-30 23:09:22 | 528,208,308 | ---- | M] () -- C:\Documents and Settings\Jurek\Pulpit\13 piętro.avi [2010-07-30 22:47:45 | 004,001,462 | -H-- | M] () -- C:\Documents and Settings\Jurek\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-07-30 21:49:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-07-30 05:14:31 | 000,000,355 | ---- | M] () -- C:\Documents and Settings\Jurek\Pulpit\Skrót do Filmy.lnk [2010-07-30 03:43:12 | 001,085,432 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-07-30 03:43:12 | 000,490,284 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-07-30 03:43:12 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-07-30 03:43:12 | 000,083,660 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-07-30 03:43:12 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-07-29 20:53:06 | 000,786,432 | -H-- | M] () -- C:\Documents and Settings\Jurek\Pulpit\ntuser.dat [2010-07-29 17:19:11 | 000,490,284 | ---- | M] () -- C:\WINDOWS\System32\prfh0415.dat [2010-07-29 17:19:11 | 000,083,660 | ---- | M] () -- C:\WINDOWS\System32\prfc0415.dat [2010-07-28 22:06:55 | 000,000,789 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-07-28 15:55:45 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Jurek\ntuser.ini [2010-07-28 13:45:43 | 003,205,744 | ---- | M] (Tonec Inc.) -- C:\Documents and Settings\Jurek\Dane aplikacji\idman519.exe [2010-07-24 15:26:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-07-16 09:14:27 | 000,002,560 | ---- | M] () -- C:\WINDOWS\_MSRSTRT.EXE [2010-07-14 01:23:32 | 1693,009,920 | ---- | M] () -- C:\Documents and Settings\Jurek\Pulpit\Legion.avi [2010-07-09 15:23:29 | 877,813,160 | ---- | M] () -- C:\Documents and Settings\Jurek\Pulpit\Grown Ups 2010 DVDSCR XViD-KiNGDOM v2.avi [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010-07-31 14:00:51 | 1693,009,920 | ---- | C] () -- C:\Documents and Settings\Jurek\Pulpit\Legion.avi [2010-07-31 10:26:00 | 000,009,915 | -H-- | C] () -- C:\Documents and Settings\Jurek\Pulpit\folder.jpg [2010-07-31 10:23:44 | 877,813,160 | ---- | C] () -- C:\Documents and Settings\Jurek\Pulpit\Grown Ups 2010 DVDSCR XViD-KiNGDOM v2.avi [2010-07-30 22:06:17 | 528,208,308 | ---- | C] () -- C:\Documents and Settings\Jurek\Pulpit\13 piętro.avi [2010-07-30 02:05:51 | 000,786,432 | -H-- | C] () -- C:\Documents and Settings\Jurek\Pulpit\ntuser.dat [2010-07-29 12:48:11 | 000,490,284 | ---- | C] () -- C:\WINDOWS\System32\prfh0415.dat [2010-07-29 12:48:11 | 000,083,660 | ---- | C] () -- C:\WINDOWS\System32\prfc0415.dat [2010-07-24 15:26:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-07-21 21:48:50 | 000,000,355 | ---- | C] () -- C:\Documents and Settings\Jurek\Pulpit\Skrót do Filmy.lnk [2010-06-28 14:08:49 | 000,004,172 | ---- | C] () -- C:\WINDOWS\langorig.ini [2010-06-28 14:05:36 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\wbload.dll [2010-06-28 08:56:53 | 000,001,300 | ---- | C] () -- C:\WINDOWS\System32\cool.dll [2010-06-23 01:24:03 | 000,000,021 | ---- | C] () -- C:\WINDOWS\WB.ini [2010-06-20 11:31:40 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-06-03 10:00:47 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2010-06-02 16:09:03 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-06-02 16:08:57 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-06-02 16:08:57 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-06-02 16:08:56 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-06-02 16:08:56 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010-05-28 16:03:50 | 002,392,064 | ---- | C] () -- C:\WINDOWS\System32\videotrans.dll [2010-05-28 16:03:50 | 000,215,040 | ---- | C] () -- C:\WINDOWS\System32\videoformat.dll [2010-05-28 16:03:50 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\imgscaler.dll [2010-05-28 16:03:50 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\img_utils.dll [2010-05-28 16:03:50 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\videocore.dll [2010-05-28 16:03:47 | 000,128,512 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll [2010-05-14 17:27:28 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-05-14 17:13:03 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\xinput1_3.dll [2010-05-14 17:13:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\xinput1_2.dll [2010-05-14 17:12:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\xinput1_1.dll [2010-05-14 17:12:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\xinput9_1_0.dll [2010-05-14 15:56:11 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-05-13 22:30:42 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2009-10-20 01:23:46 | 000,178,960 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat ========== LOP Check ========== [2010-05-14 19:29:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2010-07-31 09:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Aspyr [2010-06-08 20:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2010-06-20 11:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-05-22 23:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-07-30 23:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-05-14 12:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-06-27 14:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IconTweaker [2010-05-30 13:25:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2010-05-14 17:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI [2010-05-30 13:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2010-05-29 21:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache [2010-05-29 21:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2010-06-07 18:57:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WOP [2010-06-28 15:57:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643} [2010-06-03 17:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\AnvSoft [2010-05-28 16:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Any Video Converter [2010-06-02 10:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Ashampoo [2010-06-20 20:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\DAEMON Tools Lite [2010-06-22 21:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Dexpot [2010-07-29 14:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\DMCache [2010-07-31 09:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\ESET [2010-07-12 14:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Foxit Software [2010-05-22 10:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Gadu-Gadu 10 [2010-05-14 20:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\GanymedeNet [2010-06-27 14:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\IconTweaker [2010-07-30 23:02:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\IDM [2010-06-06 22:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Multimedia Player [2010-05-29 21:52:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Nokia [2010-05-29 21:52:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Nokia Ovi Suite [2010-05-14 11:17:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Nowe Gadu-Gadu [2010-05-27 21:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\PC Suite [2010-05-29 22:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\Samsung [2010-07-28 20:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jurek\Dane aplikacji\uTorrent [2010-07-12 14:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Foxit Software [2010-07-31 00:06:17 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{2A83E655-414D-4D18-B077-ECE00F4E2A05}.job ========== Purity Check ========== < End of report > OTL Extras logfile created on: 2010-07-31 15:18:01 - Run 3 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Jurek\Pulpit\Programy\Ochrona kompa Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 234,38 Gb Total Space | 192,45 Gb Free Space | 82,11% Space Free | Partition Type: NTFS Drive D: | 7,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 231,38 Gb Total Space | 178,75 Gb Free Space | 77,25% Space Free | Partition Type: NTFS Drive H: | 298,09 Gb Total Space | 164,81 Gb Free Space | 55,29% Space Free | Partition Type: NTFS I: Drive not present or media not loaded Computer Name: JL-A8BFE5D811C3 Current User Name: Jurek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-1409082233-1644491937-725345543-1003\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- File not found "C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group) "C:\Program Files\Ares\chatServer.exe" = C:\Program Files\Ares\chatServer.exe:*:Enabled:Ares Chat Server -- (Ares Development Group) "C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- File not found "C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- File not found "C:\Program Files\Wings of Prey\acess.exe" = C:\Program Files\Wings of Prey\acess.exe:*:Enabled:Wings of Prey -- File not found "C:\Program Files\Codemasters\DiRT2\dirt2_game.exe" = C:\Program Files\Codemasters\DiRT2\dirt2_game.exe:*:Enabled:DiRT2 -- File not found "C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\Prince of Persia.exe" = C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\Prince of Persia.exe:*:Enabled:Prince of Persia Zapomniane Piaski -- File not found "C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\GameSettings.exe" = C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\GameSettings.exe:*:Enabled:Prince of Persia Zapomniane Piaski Settings -- File not found "C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\gu.exe" = C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\gu.exe:*:Enabled:Prince of Persia Zapomniane Piaski Update -- File not found "C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\UPlayBrowser.exe" = C:\Program Files\Ubisoft\Prince of Persia Zapomniane Piaski\UPlayBrowser.exe:*:Enabled:Prince of Persia Zapomniane Piaski UPlay -- File not found "C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- File not found "G:\GRY\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = G:\GRY\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- (Konami Digital Entertainment Co., Ltd.) "C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" = C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club -- (Take-Two Interactive Software, Inc.) "C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe" = C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Sony DADC Austria AG) "C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe" = C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Take-Two Interactive Software, Inc.) "G:\GRY\Ubisoft\Prince of Persia Zapomniane Piaski\Prince of Persia.exe" = G:\GRY\Ubisoft\Prince of Persia Zapomniane Piaski\Prince of Persia.exe:*:Enabled:Prince of Persia -- () ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc "{04441EE4-3631-43DB-813A-9D031380C8E5}" = MarketingReg "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp "{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch "{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy "{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite "{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20 "{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg "{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB52D2C-1857-4D6C-99C8-4D3F8FC6E124}" = Microsoft Games for Windows - LIVE "{4D5B5CDD-77BD-48FB-8E2C-42A41ADC7CEC}" = Top Spin 2 "{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones "{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport "{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5 "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6BCBF099-BC3F-4832-BC0D-0AD07D4A5FE9}" = ESET Smart Security "{6BF04C63-EAC0-4F19-9E88-9A745493E7BF}" = IconPackager "{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6F05332E-6063-4FB9-9233-0577B01E124A}" = Microsoft Games for Windows - LIVE Redistributable "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver "{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01 "{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01 "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{9B63540D-D942-4C38-B42E-A48AE0145970}" = Virtua Tennis 2009 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser "{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009 "{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AB6F6C80-1C35-4672-BDEF-F26FF214C409}" = Samsung PC Studio 7 "{ACA85783-8EEA-4f0a-B2A3-A8173F30209F}" = C4200_doccd "{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan "{B09BCBF6-87EE-4403-A336-3A9510856535}" = HP Photosmart All-In-One Software 9.0 "{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR "{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT "{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter "{BFDE4176-5DFE-4db9-AA00-8F30CB001BDA}" = c4200_Help "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C39E671D-0528-4c5e-A034-8470C5BC393A}" = C4200 "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game "{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI "{D8B7A682-20DA-4797-8415-B1FB14D4D32B}" = PS_AIO_Software "{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver "{DCD22647-6D31-479D-8F97-16D0AA934D9E}" = PC Connectivity Solution "{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX "{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm "{E28750A2-45F2-4b63-99F7-9F81A94B1E2D}" = PS_AIO_Software_min "{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt "{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox "{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}" = Prince of Persia® Zapomniane Piaski "{F0A421DB-030E-40DE-A3E6-EC340B1074BC}" = DiRT2 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE "{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl "{FD7F242B-9AA0-40c3-941E-3A9821D19C09}" = PS_AIO_ProductContext "{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status "05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2) "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Ares" = Ares 2.1.6 "Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010 "Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3.20 "CCleaner" = CCleaner "com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI "Dzielenie i łączenie plików_is1" = Dzielenie i łączenie plików v1.2.2 "EA Download Manager" = EA Download Manager "FormatFactory" = FormatFactory 2.45 "Foxit Reader" = Foxit Reader "Gadu-Gadu 10" = Gadu-Gadu 10 "HP Imaging Device Functions" = HP Imaging Device Functions 9.0 "HP Photosmart Essential" = HP Photosmart Essential 2.01 "HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0 "HPExtendedCapabilities" = HP Customer Parti[Filtr wulgaryzmów]tion Program 9.0 "HPOCR" = HP OCR Software 9.0 "IconPackager" = IconPackager "ie8" = Windows Internet Explorer 8 "Internet Download Manager" = Internet Download Manager "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.0.0 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "Nokia PC Suite" = Nokia PC Suite "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "OpenAL" = OpenAL "Samsung PC Studio 7" = Samsung PC Studio 7 "The KMPlayer" = The KMPlayer (remove only) "TNod" = TNod User & Password Finder "Winamp" = Winamp "WindowBlinds" = WindowBlinds "Windows Media Format Runtime" = Windows Media Format 11 runtime "WinRAR archiver" = Archiwizator WinRAR ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 2010-07-29 15:36:34 | Computer Name = JL-A8BFE5D811C3 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd iexplore.exe, wersja 8.0.6001.18702, moduł powodujący błąd mshtml.dll, wersja 8.0.6001.18928, adres błędu 0x000b9cd8. Error - 2010-07-29 16:01:22 | Computer Name = JL-A8BFE5D811C3 | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-29 16:01:22 | Computer Name = JL-A8BFE5D811C3 | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 17:09:20 | Computer Name = JL-A8BFE5D811C3 | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 17:09:20 | Computer Name = JL-A8BFE5D811C3 | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 17:09:35 | Computer Name = JL-A8BFE5D811C3 | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu. Error - 2010-07-30 17:11:16 | Computer Name = JL-A8BFE5D811C3 | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 17:11:31 | Computer Name = JL-A8BFE5D811C3 | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu. Error - 2010-07-30 17:12:01 | Computer Name = JL-A8BFE5D811C3 | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-31 05:34:54 | Computer Name = JL-A8BFE5D811C3 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca acess.exe, wersja 0.0.0.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. [ System Events ] Error - 2010-07-30 17:46:35 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Sterownik portu równoległego z powodu następującego błędu: %%1058 Error - 2010-07-30 17:46:35 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi LogMeIn Hamachi 2.0 Tunneling Engine z powodu następującego błędu: %%3 Error - 2010-07-30 17:51:16 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Sterownik portu równoległego z powodu następującego błędu: %%1058 Error - 2010-07-30 17:51:16 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi LogMeIn Hamachi 2.0 Tunneling Engine z powodu następującego błędu: %%3 Error - 2010-07-30 18:03:44 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi LogMeIn Hamachi 2.0 Tunneling Engine z powodu następującego błędu: %%3 Error - 2010-07-30 18:20:17 | Computer Name = JL-A8BFE5D811C3 | Source = Dhcp | ID = 1001 Description = Komputerowi nie został przypisany adres z sieci (przez serwer DHCP) dla karty sieciowej o adresie 0023C3E5B4A0. Wystąpił następujący błąd: %%121. Komputer będzie dalej próbował sam uzyskać adres z serwera adresów sieciowych (DHCP). Error - 2010-07-31 03:23:40 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Sterownik portu równoległego z powodu następującego błędu: %%1058 Error - 2010-07-31 03:34:51 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Sterownik portu równoległego z powodu następującego błędu: %%1058 Error - 2010-07-31 03:34:51 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi LogMeIn Hamachi 2.0 Tunneling Engine z powodu następującego błędu: %%3 Error - 2010-07-31 05:07:31 | Computer Name = JL-A8BFE5D811C3 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Sterownik portu równoległego z powodu następującego błędu: %%1058 < End of report > Bardzo prosze o pomoc wczoraj komputer został naprawiony z wiekszej awarii patrz temat :Niedziała przywracanie systemu. Odnośnik do komentarza
Landuss Opublikowano 31 Lipca 2010 Zgłoś Udostępnij Opublikowano 31 Lipca 2010 Temat łącze w jeden. To nie jest już problem. To obiekty właśnie w Przywracaniu systemu. Jak je wyłączysz to folder przywracania się opróżni: INSTRUKCJE. Odnośnik do komentarza
Promilos Opublikowano 31 Lipca 2010 Autor Zgłoś Udostępnij Opublikowano 31 Lipca 2010 OK Dzieki Odnośnik do komentarza
Rekomendowane odpowiedzi