Komputer nie za każdym razem się włącza.

**Posty:** 67 · przez **kamos1602** 01 Sty 2012, 21:17

Witam, mój problem polega na tym, że komputer nie włącza się jak należy (średnio na 3 włączenia poprawnie włączy się jedynie raz). Do momentu wczytania się pulpitu wszystko jest OK, ale problem zaczyna się gdy programy zaczynają uruchamiać się wraz ze startem systemu (takie jak antywirus, gg itd.). Jeśli widzę, że np. gg się nie uruchomiło lub gdy najadę myszką na pasek startu i widzę klepsydrę zamiast normalnego wskaźnika to już wiem, że muszę zrestartować komputer. Myślałem, że to jakiś wirus, ale skanowanie nic nie wykryło (dodam, że mam problem z programem Malwarebytes Anti-Malware, a polega on na tym, że podczas zwykłego skanowania program zawiesza się i przechodzi na tryb "brak odpowiedzi" - próbowałem kilkakrotnie nim skanować i za każdym razem to samo). Dodam również, że wcześniej (jakieś 3 dni temu) problemu z uruchamianiem komputera nie było, ale połączenie z internetem co chwilę przerywało i chodząc po internecie musiałem czekać np. 30 sekund na wczytanie się np. witryny google.pl, która nie jest stroną wczytującą się tyle czasu... (obliczyłem, że internet był aktywny przez 10 sekund przy 30 sekundach braku połączenia). Odziwo problem z internetem sam zniknął, ale pojawił się nowy (poważniejszy) o którym napisałem wyżej. Daję oczywiście logi z GMERa i OTL (oba wygenerowane w trybie awaryjnym komputera, ponieważ w normalnym trybie programy się zawieszały poczas skanowania). Pozdrawiam

GMER:

Kod: Zaznacz wszystko: GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-01-01 18:15:24 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T1L0-10 WDC_WD15EARS-00MVWB0 rev.51.0AB51 Running: jcswr9n4.exe; Driver: C:\DOCUME~1\User\USTAWI~1\Temp\pxtdqpoc.sys ---- Registry - GMER 1.0.15 ---- Reg HKLM\SOFTWARE\Classes\CLSID\{51731e44-a6f7-4771-aa48-7733727a26c4}@Model 276 Reg HKLM\SOFTWARE\Classes\CLSID\{51731e44-a6f7-4771-aa48-7733727a26c4}@Therad 30 Reg HKLM\SOFTWARE\Classes\CLSID\{51731e44-a6f7-4771-aa48-7733727a26c4}@MData 0x2B 0x8F 0x78 0x29 ... Reg HKLM\SOFTWARE\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}@scansk 0x13 0xFB 0x46 0x86 ... ---- EOF - GMER 1.0.15 ----

OTL:

Kod: Zaznacz wszystko: OTL logfile created on: 2012-01-01 18:42:28 - Run 3 OTL by OldTimer - Version 3.2.31.0 Folder = D:\Jdownloader Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 87,84% Memory free 3,85 Gb Paging File | 3,79 Gb Available in Paging File | 98,40% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 52,25 Gb Free Space | 53,50% Space Free | Partition Type: NTFS Drive D: | 649,42 Gb Total Space | 526,93 Gb Free Space | 81,14% Space Free | Partition Type: NTFS Drive E: | 650,19 Gb Total Space | 599,67 Gb Free Space | 92,23% Space Free | Partition Type: NTFS Computer Name: KOMP | User Name: User | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-01-01 18:27:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Jdownloader\OTL.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2011-12-24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011-09-13 13:10:32 | 001,499,656 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2011-07-10 23:47:00 | 004,792,624 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2011-06-29 14:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion) SRV - [2011-06-17 16:43:56 | 000,409,608 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Program Files\G Data\AntiVirus\AVK\AVKService.exe -- (AVKService) SRV - [2011-06-17 16:43:54 | 000,360,768 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\G Data\GDScan\GDScan.exe -- (GDScan) SRV - [2011-05-26 02:10:36 | 001,371,904 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Program Files\G Data\AntiVirus\AVK\AVKWCtl.exe -- (AVKWCtl) SRV - [2009-07-26 05:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- E:\GRY\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc) SRV - [2006-10-23 13:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-12-30 11:55:22 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2011-12-10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011-11-13 20:12:45 | 000,052,216 | ---- | M] (G Data Software AG) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys -- (GDTdiInterceptor) DRV - [2011-11-13 20:12:43 | 000,039,544 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\HookCentre.sys -- (HookCentre) DRV - [2011-11-13 20:12:42 | 000,079,608 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV - [2011-11-13 20:12:42 | 000,040,440 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\GDBehave.sys -- (GDBehave) DRV - [2011-11-05 16:30:10 | 000,069,112 | ---- | M] (G Data Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\GRD.sys -- (GRD) DRV - [2011-07-11 17:39:13 | 000,004,716 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2010-03-01 10:43:16 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM) DRV - [2010-03-01 10:43:12 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm) DRV - [2010-03-01 10:43:12 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM) DRV - [2010-03-01 10:43:12 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex) DRV - [2010-03-01 10:43:12 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl) DRV - [2010-03-01 10:43:10 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM) DRV - [2010-03-01 10:43:10 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS) DRV - [2010-01-28 15:25:05 | 000,058,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA) DRV - [2006-12-14 09:44:06 | 000,085,120 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2006-11-15 07:34:00 | 004,225,920 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2005-01-02 22:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2) DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2003-01-10 22:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1645522239-1177238915-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl./ IE - HKU\S-1-5-21-1645522239-1177238915-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1645522239-1177238915-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-21-1645522239-1177238915-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "about:home" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Documents and Settings\All Users\Dane aplikacji\NexonUS\NGM\npNxGameUS.dll File not found FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll File not found FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-12-04 12:02:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\User\Dane aplikacji\IDM\idmmzcc5 [2011-07-11 22:17:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Extensions [2011-12-27 19:38:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\7x1rmprq.default\extensions [2011-10-17 22:10:11 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\7x1rmprq.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2011-11-13 15:31:55 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\7x1rmprq.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011-12-04 12:02:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-11-13 20:12:39 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad} [2011-11-05 16:18:22 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2011-09-17 23:43:03 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru () (No name found) -- C:\DOCUMENTS AND SETTINGS\USER\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\7X1RMPRQ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011-11-21 05:42:37 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-11-21 02:31:40 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-11-21 02:31:40 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-11-21 02:31:40 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-11-21 02:31:40 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-11-21 02:31:40 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-11-21 02:31:40 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-12-04 11:38:36 | 000,000,090 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.wp.pl O1 - Hosts: 127.0.0.1 wp.pl O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\WebFilter\AvkWebIE.dll (G Data Software AG) O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG) O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\WebFilter\AvkWebIE.dll (G Data Software AG) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-1645522239-1177238915-839522115-1004..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1645522239-1177238915-839522115-1004..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe () O4 - HKU\S-1-5-21-1645522239-1177238915-839522115-1004..\Run: [PlayNC Launcher] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1645522239-1177238915-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1645522239-1177238915-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O15 - HKU\S-1-5-21-1645522239-1177238915-839522115-1004\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A186B269-B46C-40DF-B5AC-2C3ACFA68282}: NameServer = 194.204.159.1,213.199.255.10 O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-07-11 17:07:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-07-19 11:20:15 | 000,000,000 | ---D | M] - E:\AUTODATA.3.24 -- [ NTFS ] O33 - MountPoints2\{7f599a2b-ad37-11e0-9958-001d7d33fa3f}\Shell - "" = AutoRun O33 - MountPoints2\{7f599a2b-ad37-11e0-9958-001d7d33fa3f}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{db5de0e9-2720-11e1-b1e8-00038a000015}\Shell - "" = AutoRun O33 - MountPoints2\{db5de0e9-2720-11e1-b1e8-00038a000015}\Shell\AutoRun\command - "" = G:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-12-31 23:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\Blood and Bone.2009.DVDRip.DZ.Napisy.PL [2011-12-31 23:15:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\Elita zabójców Killer Elite (2011) PL.SUBBED.READNFO.HDRip.XviD-MORS NAPISY PL [2011-12-29 14:59:03 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011-12-16 19:56:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Ubisoft Game Launcher [2011-12-16 19:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2011-12-16 19:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Moje dokumenty\Assassin's Creed Revelations [2011-12-16 14:03:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dane aplikacji\PunkBuster [2011-12-16 14:03:14 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft [2011-12-16 14:02:24 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll [2011-12-16 14:02:24 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll [2011-12-16 14:02:23 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll [2011-12-16 14:02:23 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll [2011-12-16 14:02:22 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll [2011-12-16 14:02:22 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll [2011-12-16 14:02:21 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll [2011-12-16 14:02:21 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll [2011-12-16 14:00:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ubisoft [2011-12-15 22:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\Steam [2011-12-15 19:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Dragon UnPACKer 5 [2011-12-15 19:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\Dragon UnPACKer 5 [2011-12-04 14:38:37 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\npptNT2.sys [2011-12-03 21:54:07 | 000,000,000 | ---D | C] -- C:\Program Files\NCsoft [2011-12-03 21:52:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\assembly [2011-12-03 21:52:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NCsoft [2011-12-03 21:18:27 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\User\PrivacIE [2011-12-03 20:16:06 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\User\IETldCache [2011-12-03 20:11:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2011-12-03 20:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2011-12-03 20:08:34 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2011-12-03 20:04:42 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2011-12-03 20:04:42 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2011-12-03 20:04:41 | 002,000,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2011-12-03 20:04:41 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2011-12-03 20:04:40 | 011,081,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2011-07-11 18:23:19 | 003,509,760 | ---- | C] (Karol Winnicki) -- C:\Program Files\BESTplayer.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-01-01 18:41:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-01-01 18:37:52 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2012-01-01 18:37:50 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1645522239-1177238915-839522115-1004.job [2012-01-01 18:25:12 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\User\Dane aplikacji\winscp.rnd [2012-01-01 15:49:28 | 000,134,144 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-01-01 15:48:11 | 000,556,160 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-01-01 15:48:11 | 000,493,888 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-01-01 15:48:11 | 000,105,192 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-01-01 15:48:11 | 000,084,432 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-01-01 15:45:30 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-12-31 00:06:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1645522239-1177238915-839522115-1004.job [2011-12-30 11:55:22 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011-12-25 18:26:19 | 000,717,254 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\topbanda.bmp [2011-12-25 18:25:33 | 001,239,446 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\top20.bmp [2011-12-16 14:00:54 | 000,000,809 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Assassin's Creed Revelations.lnk [2011-12-14 15:58:29 | 000,176,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-12-14 09:21:12 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011-12-13 22:39:17 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\PUTTY.RND [2011-12-10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011-12-04 19:08:43 | 000,476,427 | ---- | M] () -- C:\WINDOWS\System32\sig.bin [2011-12-04 19:08:43 | 000,034,700 | ---- | M] () -- C:\WINDOWS\System32\nmp.map [2011-12-04 12:02:41 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2011-12-04 11:38:36 | 000,000,090 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-12-31 23:16:23 | 1466,703,872 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\The.Expendables.2010.R5.XviD.AC3-DW.avi [2011-12-25 18:26:18 | 000,717,254 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\topbanda.bmp [2011-12-25 18:25:32 | 001,239,446 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\top20.bmp [2011-12-16 14:03:54 | 000,189,248 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2011-12-16 14:03:52 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2011-12-16 14:00:54 | 000,000,809 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Assassin's Creed Revelations.lnk [2011-12-04 14:38:36 | 000,005,174 | ---- | C] () -- C:\WINDOWS\System32\nppt9x.vxd [2011-11-05 22:24:17 | 000,476,427 | ---- | C] () -- C:\WINDOWS\System32\sig.bin [2011-10-09 02:10:05 | 000,241,632 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2011-09-10 00:19:09 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat [2011-08-21 11:19:32 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll [2011-08-21 11:19:32 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll [2011-08-21 11:19:32 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll [2011-08-21 11:19:31 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll [2011-08-17 22:31:42 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\User\Dane aplikacji\winscp.rnd [2011-08-17 17:57:58 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\PUTTY.RND [2011-07-11 22:17:16 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011-07-11 18:55:25 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2011-07-11 18:42:33 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-07-11 18:39:29 | 000,176,264 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-07-11 18:21:58 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011-07-11 18:20:10 | 000,134,144 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-07-11 17:26:51 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2011-07-11 17:08:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-07-11 17:03:37 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011-05-31 07:39:50 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll [2011-05-31 07:38:18 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll [2010-04-03 23:55:31 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2010-04-02 16:17:34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2006-03-02 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2006-03-02 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2006-03-02 13:00:00 | 000,556,160 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2006-03-02 13:00:00 | 000,493,888 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2006-03-02 13:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2006-03-02 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2006-03-02 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2006-03-02 13:00:00 | 000,105,192 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2006-03-02 13:00:00 | 000,084,432 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2006-03-02 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2006-03-02 13:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2006-03-02 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2006-03-02 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2006-03-02 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2006-03-02 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2006-03-02 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [color=#E56717]========== LOP Check ==========[/color] [2011-10-09 14:38:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BioWare [2011-07-15 20:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-11-05 16:23:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\G DATA [2011-07-11 22:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2011-09-05 16:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Native Instruments [2011-10-03 20:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nexon [2011-10-09 12:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU [2011-10-09 13:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonUS [2011-10-03 17:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2011-08-21 15:41:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-12-16 19:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2011-08-15 15:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Viewpoint [2011-07-12 09:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\.minecraft [2011-07-11 18:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\BESTplayer [2011-08-12 22:25:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\BitCometLite [2011-12-15 14:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\DAEMON Tools Lite [2011-10-06 09:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\DMCache [2011-10-08 21:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\FOG Downloader [2011-07-12 01:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Gadu-Gadu 10 [2011-09-05 20:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\IVONA ControlCenter [2011-07-11 18:10:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Opera [2011-12-16 14:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\PunkBuster [2011-12-30 18:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\X-Chat 2 [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CB0AACC9 < End of report >

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2012-01-01 18:42:28 - Run 3 OTL by OldTimer - Version 3.2.31.0 Folder = D:\Jdownloader Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 87,84% Memory free 3,85 Gb Paging File | 3,79 Gb Available in Paging File | 98,40% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 52,25 Gb Free Space | 53,50% Space Free | Partition Type: NTFS Drive D: | 649,42 Gb Total Space | 526,93 Gb Free Space | 81,14% Space Free | Partition Type: NTFS Drive E: | 650,19 Gb Total Space | 599,67 Gb Free Space | 92,23% Space Free | Partition Type: NTFS Computer Name: KOMP | User Name: User | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-1645522239-1177238915-839522115-1004\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [[ Odkurz tutaj ]] -- C:\Program Files\Odkurzacz\odkurzacz.exe %1 (Franmo Software) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 1 "DisableThumbnailCache" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "58883:TCP" = 58883:TCP:*:Enabled:Pando Media Booster "58883:UDP" = 58883:UDP:*:Enabled:Pando Media Booster [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "58883:TCP" = 58883:TCP:*:Enabled:Pando Media Booster "58883:UDP" = 58883:UDP:*:Enabled:Pando Media Booster "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.) "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "D:\GRY\AriusMT2\metin2client.bin" = D:\GRY\AriusMT2\metin2client.bin:*:Enabled:metin2client "C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "D:\GRY\Wolfenstein - Enemy Territory\ET.exe" = D:\GRY\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET "C:\Program Files\X-Chat 2\xchat.exe" = C:\Program Files\X-Chat 2\xchat.exe:*:Enabled:X-Chat IRC Client -- () "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam "C:\Program Files\Steam\steamapps\acheron1467\team fortress 2\hl2.exe" = C:\Program Files\Steam\steamapps\acheron1467\team fortress 2\hl2.exe:*:Enabled:hl2 "D:\Jdownloader\DBO_CT_TW_Setup_20110706.zip.torrent.exe" = D:\Jdownloader\DBO_CT_TW_Setup_20110706.zip.torrent.exe:*:Enabled:DBO_CT_TW_Setup_20110706.zip.torrent.exe "C:\Program Files\Common Files\aol\acs\AOLDial.exe" = C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (AOL LLC) "C:\Program Files\Common Files\aol\acs\AOLacsd.exe" = C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC) "C:\Program Files\Common Files\aol\1313417367\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1313417367\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL LLC) "C:\Program Files\AOL 9.5\waol.exe" = C:\Program Files\AOL 9.5\waol.exe:*:Enabled:AOL -- (AOL, LLC.) "C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL LLC) "C:\Program Files\Common Files\aol\Loader\aolload.exe" = C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC) "C:\Program Files\Common Files\aol\System Information\sinf.exe" = C:\Program Files\Common Files\aol\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC) "D:\GRY\Left4Dead\hl2.exe" = D:\GRY\Left4Dead\hl2.exe:*:Enabled:hl2 "D:\GRY\Left 4 Dead 2\left4dead2.exe" = D:\GRY\Left 4 Dead 2\left4dead2.exe:*:Enabled:left4dead2 -- () "E:\GRY\Draenor\metin2.exe" = E:\GRY\Draenor\metin2.exe:*:Enabled:metin2 "E:\GRY\Draenor\metin2.bin" = E:\GRY\Draenor\metin2.bin:*:Enabled:metin2 "E:\GRY\Quake3\quake3.exe" = E:\GRY\Quake3\quake3.exe:*:Enabled:quake3 "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () "C:\Documents and Settings\All Users\Dane aplikacji\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Dane aplikacji\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager "C:\Nexon\Vindictus\en-US\Vindictus.exe" = C:\Nexon\Vindictus\en-US\Vindictus.exe:*:Enabled:Vindictus Launcher "C:\Nexon\Vindictus\en-US\NMService.exe" = C:\Nexon\Vindictus\en-US\NMService.exe:*:Enabled:Nexon Messenger Core "C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes] "C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager "E:\GRY\Vindictus\Vindictus EU\en-EU\Vindictus.exe" = E:\GRY\Vindictus\Vindictus EU\en-EU\Vindictus.exe:*:Enabled:Vindictus Launcher "E:\GRY\Vindictus\Vindictus EU\en-EU\NMService.exe" = E:\GRY\Vindictus\Vindictus EU\en-EU\NMService.exe:*:Enabled:Nexon Messenger Core "E:\GRY\Runes of Magic\Client.exe" = E:\GRY\Runes of Magic\Client.exe:*:Enabled:Runes of Magic "E:\GRY\Dragon Age\bin_ship\daorigins.exe" = E:\GRY\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Początek Gra -- (BioWare) "E:\GRY\Dragon Age\DAOriginsLauncher.exe" = E:\GRY\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Początek Program startowy -- (BioWare) "E:\GRY\Dragon Age\bin_ship\daupdatersvc.service.exe" = E:\GRY\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Początek Aktualizator -- (BioWare) "E:\GRY\PoseidonMT2\PoseidonMT2\metin2client.bin" = E:\GRY\PoseidonMT2\PoseidonMT2\metin2client.bin:*:Enabled:metin2client "D:\Jdownloader\Client Vitoria\Vitoria\Vitoria.exe" = D:\Jdownloader\Client Vitoria\Vitoria\Vitoria.exe:*:Enabled:Vitoria "D:\Jdownloader\Etores\Etores.exe" = D:\Jdownloader\Etores\Etores.exe:*:Enabled:Etores "D:\Jdownloader\Anadia Client\Anadia\Anadia.exe" = D:\Jdownloader\Anadia Client\Anadia\Anadia.exe:*:Enabled:Anadia "E:\GRY\Metin2\metin2.exe" = E:\GRY\Metin2\metin2.exe:*:Enabled:metin2 -- () "E:\GRY\Metin2\metin2.bin" = E:\GRY\Metin2\metin2.bin:*:Enabled:metin2 -- () "E:\GRY\Metin2\metin2client.bin" = E:\GRY\Metin2\metin2client.bin:*:Enabled:metin2client -- () "E:\GRY\Metin2\metin2mod_2011sf.exe" = E:\GRY\Metin2\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf -- () "E:\GRY\Metin2\Anadia.exe" = E:\GRY\Metin2\Anadia.exe:*:Enabled:Anadia "E:\GRY\Kopia Metin2\metin2.exe" = E:\GRY\Kopia Metin2\metin2.exe:*:Enabled:metin2 -- () "E:\GRY\Kopia Metin2\metin2client.bin" = E:\GRY\Kopia Metin2\metin2client.bin:*:Disabled:metin2client -- () "E:\GRY\Portal 2\portal2.exe" = E:\GRY\Portal 2\portal2.exe:*:Enabled:portal2 "D:\Jdownloader\Xanta\metin2.bin" = D:\Jdownloader\Xanta\metin2.bin:*:Enabled:metin2 "D:\Jdownloader\Xanta\metin2client.exe" = D:\Jdownloader\Xanta\metin2client.exe:*:Enabled:metin2client "C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe" = C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe:*:Enabled:netsession_win "D:\Jdownloader\AquaLand\AquaLand.bin" = D:\Jdownloader\AquaLand\AquaLand.bin:*:Enabled:AquaLand "E:\GRY\DivineWorld\DivineWorld\metin2.bin" = E:\GRY\DivineWorld\DivineWorld\metin2.bin:*:Enabled:metin2 "E:\GRY\DivineWorld\DivineWorld\metin2.exe" = E:\GRY\DivineWorld\DivineWorld\metin2.exe:*:Enabled:metin2 "E:\GRY\Metin2\Divine.exe" = E:\GRY\Metin2\Divine.exe:*:Enabled:Divine "E:\GRY\DivineWorld\DivineWorld\Divine.exe" = E:\GRY\DivineWorld\DivineWorld\Divine.exe:*:Enabled:Divine "E:\GRY\Kopia Metin2\metin2mod_2011sf.exe" = E:\GRY\Kopia Metin2\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf -- () "E:\GRY\Metin2_PL\metin2.bin" = E:\GRY\Metin2_PL\metin2.bin:*:Enabled:metin2 -- () "E:\GRY\Metin2_PL\metin2.exe" = E:\GRY\Metin2_PL\metin2.exe:*:Enabled:metin2 -- () "E:\GRY\Metin2_PL\metin2client.bin" = E:\GRY\Metin2_PL\metin2client.bin:*:Enabled:metin2client -- () "E:\GRY\Metin2_PL\metin2client.exe" = E:\GRY\Metin2_PL\metin2client.exe:*:Enabled:metin2client -- () "E:\GRY\Kopia Metin2_PL\metin2.exe" = E:\GRY\Kopia Metin2_PL\metin2.exe:*:Enabled:metin2 -- () "E:\GRY\Kopia Metin2_PL\metin2client.bin" = E:\GRY\Kopia Metin2_PL\metin2client.bin:*:Enabled:metin2client -- () "E:\GRY\Kopia Metin2_PL\metin2client.exe" = E:\GRY\Kopia Metin2_PL\metin2client.exe:*:Enabled:metin2client -- () "E:\GRY\Kopia (2) Metin2_PL\metin2client.exe" = E:\GRY\Kopia (2) Metin2_PL\metin2client.exe:*:Enabled:metin2client -- () "E:\GRY\Kopia (2) Metin2_PL\metin2client2.exe" = E:\GRY\Kopia (2) Metin2_PL\metin2client2.exe:*:Enabled:metin2client2 -- () "C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- () "E:\GRY\Assassin's Creed Revelations\ACRSP.exe" = E:\GRY\Assassin's Creed Revelations\ACRSP.exe:*:Enabled:Assassin's Creed Revelations -- () "E:\GRY\Assassin's Creed Revelations\ACRMP.exe" = E:\GRY\Assassin's Creed Revelations\ACRMP.exe:*:Enabled:Assassin's Creed Revelations Multiplayer -- () "E:\GRY\Assassin's Creed Revelations\AssassinsCreedRevelations.exe" = E:\GRY\Assassin's Creed Revelations\AssassinsCreedRevelations.exe:*:Enabled:Assassin's Creed Revelations Update -- (Ubisoft) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0E892FBB-0060-44C9-9E8C-017855956193}" = DBO_CT_TW "{1AD8819A-70E8-4380-92DA-F5B2421DAE35}" = G Data AntiVirus 2012 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm "{45410935-B52C-468A-A836-0D1000018202}" = BulletStorm "{45410935-B52C-468A-A836-0D1000018203}" = BulletStorm "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones "{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5 "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher "{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX "{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1) "{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver "{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Początek "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.217 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE "{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl "1489-3350-5074-6281" = JDownloader 0.9 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0 "AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove) "Audacity_is1" = Audacity 1.2.3 "BandiMPEG1" = Bandisoft MPEG-1 Decoder "DragonUnPACKer5_is1" = Dragon UnPACKer 5 "Gadu-Gadu 10" = Gadu-Gadu 10 "GenoPro" = GenoPro "Gothic" = Gothic "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie8" = Windows Internet Explorer 8 "KLiteCodecPack_is1" = K-Lite Codec Pack 7.2.0 (Standard) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.60.0.1800 "Metin2_is1" = Metin2 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Mozilla Firefox 8.0.1 (x86 pl)" = Mozilla Firefox 8.0.1 (x86 pl) "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "Odkurzacz 12.6_is1" = Odkurzacz 12.6 "Opera 11.60.1185" = Opera 11.60 "PunkBusterSvc" = PunkBuster Services "RealAlt_is1" = Real Alternative 2.0.2 "RealPlayer 12.0" = RealPlayer "ViewpointMediaPlayer" = Viewpoint Media Player "WIC" = Windows Imaging Component "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR 4.01 (32-bitowy) "winscp3_is1" = WinSCP 4.3.4 "WMFDist11" = Windows Media Format 11 runtime "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "X-Chat 2_is1" = X-Chat 2.8.6-2 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1645522239-1177238915-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "NCsoft-Lineage2" = Lineage II "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-11-27 16:41:18 | Computer Name = KOMP | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca OTL.exe, wersja 3.2.31.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-11-27 17:06:39 | Computer Name = KOMP | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd AVKProxy.exe, wersja 1.5.11250.801, moduł powodujący błąd BehaviourService.dll, wersja 22.0.11250.178, adres błędu 0x0006f6ce. Error - 2011-11-27 18:49:28 | Computer Name = KOMP | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca OTL.exe, wersja 3.2.31.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-11-28 02:09:38 | Computer Name = KOMP | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca OTL.exe, wersja 3.2.31.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-11-28 04:08:59 | Computer Name = KOMP | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd acrord32.exe, wersja 10.1.1.33, moduł powodujący błąd acrord32.dll, wersja 10.1.1.33, adres błędu 0x000218f8. Error - 2011-11-28 15:17:51 | Computer Name = KOMP | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd AVKProxy.exe, wersja 1.5.11250.801, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x00018ee4. Error - 2011-11-30 11:40:52 | Computer Name = KOMP | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca OTL.exe, wersja 3.2.31.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-12-03 07:54:00 | Computer Name = KOMP | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 8.0.0.4325, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-12-03 08:28:47 | Computer Name = KOMP | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd AVKProxy.exe, wersja 1.5.11250.801, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x000192f9. Error - 2011-12-03 09:40:35 | Computer Name = KOMP | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd AVKProxy.exe, wersja 1.5.11250.801, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x00010a19. [ System Events ] Error - 2012-01-01 13:30:48 | Computer Name = KOMP | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: AFD avgio Fips GDMnIcpt HookCentre intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip Error - 2012-01-01 13:37:02 | Computer Name = KOMP | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 2012-01-01 13:38:23 | Computer Name = KOMP | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: avgio Error - 2012-01-01 13:41:48 | Computer Name = KOMP | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi netman z argumentami „” w celu uruchomienia serwera: {BA126AE5-2166-11D1-B1D0-00805FC1270E} Error - 2012-01-01 13:41:53 | Computer Name = KOMP | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 2012-01-01 13:42:43 | Computer Name = KOMP | Source = Service Control Manager | ID = 7001 Description = Usługa Klient DHCP zależy od usługi NetBios przez TCP/IP, której nie można uruchomić z powodu następującego błędu: %%31 Error - 2012-01-01 13:42:43 | Computer Name = KOMP | Source = Service Control Manager | ID = 7001 Description = Usługa Klient DNS zależy od usługi Sterownik protokołu TCP/IP, której nie można uruchomić z powodu następującego błędu: %%31 Error - 2012-01-01 13:42:43 | Computer Name = KOMP | Source = Service Control Manager | ID = 7001 Description = Usługa Pomoc TCP/IP NetBIOS zależy od usługi AFD, której nie można uruchomić z powodu następującego błędu: %%31 Error - 2012-01-01 13:42:43 | Computer Name = KOMP | Source = Service Control Manager | ID = 7001 Description = Usługa Usługi IPSEC zależy od usługi Sterownik IPSEC, której nie można uruchomić z powodu następującego błędu: %%31 Error - 2012-01-01 13:42:43 | Computer Name = KOMP | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: AFD avgio Fips GDMnIcpt HookCentre intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip < End of report >

**Posty:** 18165 · przez **wojtas** 02 Sty 2012, 21:42

blokowanie wp.pl ustawione umyślnie ?

Error - 2012-01-01 13:42:43 | Computer Name = KOMP | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: AFD avgio Fips GDMnIcpt HookCentre intelppm IPSec MRxSmb NetBIOS NetBT RasAcd
Rdbss
Tcpip

cała masa błędów w kompie.. hmm

Uruchom narzędzie Kaspersky TDSSKiller gdyby coś znalazł wybierz opcję Skip i wklej tylko raport

Daj loga z Combofixa

**Posty:** 67 · przez **kamos1602** 02 Sty 2012, 22:48

Blokowanie wp.pl zostało ustawione umyślnie, ponieważ plik hosts nie blokował wpisanych stron (wpisałem tam wp.pl i również nie blokował).

Daję oczywiście logi

Log z Kaspersky:

Kod: Zaznacz wszystko: 20:48:47.0468 3420 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16 20:48:47.0593 3420 ============================================================ 20:48:47.0593 3420 Current date / time: 2012/01/02 20:48:47.0593 20:48:47.0593 3420 SystemInfo: 20:48:47.0593 3420 20:48:47.0593 3420 OS Version: 5.1.2600 ServicePack: 3.0 20:48:47.0593 3420 Product type: Workstation 20:48:47.0593 3420 ComputerName: KOMP 20:48:47.0593 3420 UserName: User 20:48:47.0593 3420 Windows directory: C:\WINDOWS 20:48:47.0593 3420 System windows directory: C:\WINDOWS 20:48:47.0593 3420 Processor architecture: Intel x86 20:48:47.0593 3420 Number of processors: 2 20:48:47.0593 3420 Page size: 0x1000 20:48:47.0593 3420 Boot type: Normal boot 20:48:47.0593 3420 ============================================================ 20:48:49.0875 3420 Initialize success 20:49:48.0000 1096 ============================================================ 20:49:48.0000 1096 Scan started 20:49:48.0000 1096 Mode: Manual; 20:49:48.0000 1096 ============================================================ 20:49:49.0265 1096 Abiosdsk - ok 20:49:49.0281 1096 abp480n5 - ok 20:49:49.0296 1096 ACPI (05118282f5d039595a2b92b4a4afe197) C:\WINDOWS\system32\DRIVERS\ACPI.sys 20:49:49.0312 1096 ACPI - ok 20:49:49.0328 1096 ACPIEC (66a42b7db194e24b973bbcce840a0f3f) C:\WINDOWS\system32\drivers\ACPIEC.sys 20:49:49.0328 1096 ACPIEC - ok 20:49:49.0343 1096 adpu160m - ok 20:49:49.0359 1096 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 20:49:49.0359 1096 aec - ok 20:49:49.0390 1096 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 20:49:49.0390 1096 AFD - ok 20:49:49.0390 1096 Aha154x - ok 20:49:49.0406 1096 aic78u2 - ok 20:49:49.0421 1096 aic78xx - ok 20:49:49.0437 1096 AliIde - ok 20:49:49.0437 1096 amsint - ok 20:49:49.0453 1096 asc - ok 20:49:49.0468 1096 asc3350p - ok 20:49:49.0484 1096 asc3550 - ok 20:49:49.0531 1096 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 20:49:49.0546 1096 AsyncMac - ok 20:49:49.0546 1096 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 20:49:49.0546 1096 atapi - ok 20:49:49.0562 1096 Atdisk - ok 20:49:49.0609 1096 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 20:49:49.0609 1096 Atmarpc - ok 20:49:49.0640 1096 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 20:49:49.0640 1096 audstub - ok 20:49:49.0687 1096 avgio - ok 20:49:49.0734 1096 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 20:49:49.0734 1096 Beep - ok 20:49:49.0765 1096 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 20:49:49.0781 1096 cbidf2k - ok 20:49:49.0781 1096 cd20xrnt - ok 20:49:49.0796 1096 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 20:49:49.0796 1096 Cdaudio - ok 20:49:49.0812 1096 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 20:49:49.0812 1096 Cdfs - ok 20:49:49.0828 1096 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 20:49:49.0828 1096 Cdrom - ok 20:49:49.0828 1096 Changer - ok 20:49:49.0859 1096 CmdIde - ok 20:49:49.0875 1096 Cpqarray - ok 20:49:49.0890 1096 dac2w2k - ok 20:49:49.0906 1096 dac960nt - ok 20:49:49.0921 1096 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 20:49:49.0921 1096 Disk - ok 20:49:49.0968 1096 dmboot (bc9219abc5696942e6f9ac8a9b28670f) C:\WINDOWS\system32\drivers\dmboot.sys 20:49:49.0968 1096 dmboot - ok 20:49:49.0984 1096 dmio (5fa232e3ba6e1346f9f5a7e519320cb0) C:\WINDOWS\system32\drivers\dmio.sys 20:49:50.0000 1096 dmio - ok 20:49:50.0015 1096 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 20:49:50.0015 1096 dmload - ok 20:49:50.0046 1096 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 20:49:50.0046 1096 DMusic - ok 20:49:50.0062 1096 dpti2o - ok 20:49:50.0078 1096 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 20:49:50.0078 1096 drmkaud - ok 20:49:50.0156 1096 dump_wmimmc - ok 20:49:50.0156 1096 EagleNT - ok 20:49:50.0171 1096 EagleXNt - ok 20:49:50.0187 1096 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 20:49:50.0203 1096 Fastfat - ok 20:49:50.0218 1096 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 20:49:50.0218 1096 Fdc - ok 20:49:50.0218 1096 Fips (09e2a4d33f81a06a8aab2ba0a0b5d235) C:\WINDOWS\system32\drivers\Fips.sys 20:49:50.0234 1096 Fips - ok 20:49:50.0250 1096 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 20:49:50.0250 1096 Flpydisk - ok 20:49:50.0265 1096 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 20:49:50.0265 1096 FltMgr - ok 20:49:50.0281 1096 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 20:49:50.0281 1096 Fs_Rec - ok 20:49:50.0296 1096 Ftdisk (ed6d921d8ab423138fb35beee6d6a6cb) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 20:49:50.0296 1096 Ftdisk - ok 20:49:50.0312 1096 GDBehave (1f654007b9e5764880a627b7a5390c4b) C:\WINDOWS\system32\drivers\GDBehave.sys 20:49:50.0312 1096 GDBehave - ok 20:49:50.0328 1096 GDMnIcpt (bf8fdd85091b8ae1a0acceecf84c5298) C:\WINDOWS\system32\drivers\MiniIcpt.sys 20:49:50.0328 1096 GDMnIcpt - ok 20:49:50.0343 1096 gdrv (3ce7b47ece29189855881f721df0746e) C:\WINDOWS\gdrv.sys 20:49:51.0078 1096 gdrv - ok 20:49:51.0203 1096 GDTdiInterceptor (564777071576ce55b9204a02ec8fd645) C:\WINDOWS\system32\drivers\GDTdiIcpt.sys 20:49:51.0218 1096 GDTdiInterceptor - ok 20:49:51.0234 1096 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 20:49:51.0234 1096 Gpc - ok 20:49:51.0265 1096 GRD (7706ff2240fb112af8c2a02558e2a1cd) C:\WINDOWS\system32\drivers\GRD.sys 20:49:51.0265 1096 GRD - ok 20:49:51.0281 1096 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 20:49:51.0281 1096 HDAudBus - ok 20:49:51.0296 1096 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 20:49:51.0296 1096 hidusb - ok 20:49:51.0343 1096 HookCentre (31f0cc83185e2504f139200d77198769) C:\WINDOWS\system32\drivers\HookCentre.sys 20:49:51.0343 1096 HookCentre - ok 20:49:51.0343 1096 hpn - ok 20:49:51.0390 1096 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 20:49:51.0390 1096 HTTP - ok 20:49:51.0406 1096 i2omgmt - ok 20:49:51.0406 1096 i2omp - ok 20:49:51.0437 1096 i8042prt (177b372af55c4460d0968b5f1d02aa1c) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 20:49:51.0437 1096 i8042prt - ok 20:49:51.0453 1096 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 20:49:51.0453 1096 Imapi - ok 20:49:51.0468 1096 ini910u - ok 20:49:51.0578 1096 IntcAzAudAddService (60d7460b07012d364ced11dd9fd83e1f) C:\WINDOWS\system32\drivers\RtkHDAud.sys 20:49:51.0671 1096 IntcAzAudAddService - ok 20:49:51.0671 1096 IntelIde - ok 20:49:51.0687 1096 intelppm (da153edc09de8c4f846c085caa39d1cc) C:\WINDOWS\system32\DRIVERS\intelppm.sys 20:49:51.0687 1096 intelppm - ok 20:49:51.0703 1096 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 20:49:51.0703 1096 Ip6Fw - ok 20:49:51.0734 1096 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 20:49:51.0734 1096 IpFilterDriver - ok 20:49:51.0812 1096 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 20:49:51.0812 1096 IpInIp - ok 20:49:51.0828 1096 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 20:49:51.0828 1096 IpNat - ok 20:49:51.0843 1096 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 20:49:51.0843 1096 IPSec - ok 20:49:51.0859 1096 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 20:49:51.0859 1096 IRENUM - ok 20:49:51.0890 1096 isapnp (c8eef2e93835b81bd335de2123121283) C:\WINDOWS\system32\DRIVERS\isapnp.sys 20:49:51.0890 1096 isapnp - ok 20:49:51.0906 1096 Kbdclass (2aeca45d4aeaacbdcb77ad11184e4601) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 20:49:51.0906 1096 Kbdclass - ok 20:49:51.0921 1096 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 20:49:51.0921 1096 kmixer - ok 20:49:51.0937 1096 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 20:49:51.0937 1096 KSecDD - ok 20:49:51.0953 1096 lbrtfdc - ok 20:49:51.0968 1096 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys 20:49:51.0984 1096 MBAMProtector - ok 20:49:52.0015 1096 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys 20:49:52.0015 1096 MBAMSwissArmy - ok 20:49:52.0031 1096 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 20:49:52.0031 1096 mnmdd - ok 20:49:52.0046 1096 Modem (4a068db7dc37d5afedb6512d2931d7b3) C:\WINDOWS\system32\drivers\Modem.sys 20:49:52.0046 1096 Modem - ok 20:49:52.0062 1096 Mouclass (fbed3df6b884f8cf00447b73507f2c48) C:\WINDOWS\system32\DRIVERS\mouclass.sys 20:49:52.0062 1096 Mouclass - ok 20:49:52.0062 1096 mouhid (ecec1e6cd558ab80f944f31326e9d3b5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 20:49:52.0062 1096 mouhid - ok 20:49:52.0078 1096 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 20:49:52.0078 1096 MountMgr - ok 20:49:52.0093 1096 mraid35x - ok 20:49:52.0093 1096 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 20:49:52.0109 1096 MRxDAV - ok 20:49:52.0125 1096 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 20:49:52.0140 1096 MRxSmb - ok 20:49:52.0171 1096 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 20:49:52.0171 1096 Msfs - ok 20:49:52.0203 1096 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 20:49:52.0203 1096 MSKSSRV - ok 20:49:52.0203 1096 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 20:49:52.0218 1096 MSPCLOCK - ok 20:49:52.0218 1096 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 20:49:52.0218 1096 MSPQM - ok 20:49:52.0234 1096 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 20:49:52.0234 1096 mssmbios - ok 20:49:52.0250 1096 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 20:49:52.0250 1096 Mup - ok 20:49:52.0281 1096 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 20:49:52.0281 1096 NDIS - ok 20:49:52.0296 1096 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 20:49:52.0296 1096 NdisTapi - ok 20:49:52.0328 1096 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 20:49:52.0328 1096 Ndisuio - ok 20:49:52.0328 1096 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 20:49:52.0328 1096 NdisWan - ok 20:49:52.0343 1096 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 20:49:52.0343 1096 NDProxy - ok 20:49:52.0359 1096 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 20:49:52.0359 1096 NetBIOS - ok 20:49:52.0359 1096 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 20:49:52.0375 1096 NetBT - ok 20:49:52.0421 1096 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 20:49:52.0421 1096 Npfs - ok 20:49:52.0453 1096 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys 20:49:52.0453 1096 NPPTNT2 - ok 20:49:52.0468 1096 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 20:49:52.0484 1096 Ntfs - ok 20:49:52.0484 1096 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 20:49:52.0500 1096 Null - ok 20:49:52.0671 1096 nv (30913cbf518396912e54c2c9f1dd0f09) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 20:49:52.0828 1096 nv - ok 20:49:52.0828 1096 NVHDA (2d2b7b3ad297c659efa1d02852ca9860) C:\WINDOWS\system32\drivers\nvhda32.sys 20:49:52.0843 1096 NVHDA - ok 20:49:52.0859 1096 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 20:49:52.0859 1096 NwlnkFlt - ok 20:49:52.0875 1096 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 20:49:52.0875 1096 NwlnkFwd - ok 20:49:52.0890 1096 Parport (2d4cdaebced17743aa9e25d3016dc229) C:\WINDOWS\system32\DRIVERS\parport.sys 20:49:52.0890 1096 Parport - ok 20:49:52.0890 1096 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 20:49:52.0906 1096 PartMgr - ok 20:49:52.0921 1096 ParVdm (453ec2c2a20a1382f564541918520eeb) C:\WINDOWS\system32\drivers\ParVdm.sys 20:49:52.0937 1096 ParVdm - ok 20:49:52.0937 1096 PCI (6862c69168d787b85a7d95ccd33c694e) C:\WINDOWS\system32\DRIVERS\pci.sys 20:49:52.0937 1096 PCI - ok 20:49:52.0953 1096 PCIDump - ok 20:49:52.0953 1096 PCIIde (548cf2d6369eae441a4c6baa75bc4f0a) C:\WINDOWS\system32\DRIVERS\pciide.sys 20:49:52.0953 1096 PCIIde - ok 20:49:52.0968 1096 Pcmcia (8db27f1ae9593c94095485305a583862) C:\WINDOWS\system32\drivers\Pcmcia.sys 20:49:52.0968 1096 Pcmcia - ok 20:49:52.0984 1096 PDCOMP - ok 20:49:52.0984 1096 PDFRAME - ok 20:49:53.0000 1096 PDRELI - ok 20:49:53.0000 1096 PDRFRAME - ok 20:49:53.0015 1096 perc2 - ok 20:49:53.0031 1096 perc2hib - ok 20:49:53.0062 1096 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 20:49:53.0062 1096 PptpMiniport - ok 20:49:53.0078 1096 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 20:49:53.0078 1096 PSched - ok 20:49:53.0078 1096 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 20:49:53.0093 1096 Ptilink - ok 20:49:53.0093 1096 ql1080 - ok 20:49:53.0109 1096 Ql10wnt - ok 20:49:53.0109 1096 ql12160 - ok 20:49:53.0125 1096 ql1240 - ok 20:49:53.0125 1096 ql1280 - ok 20:49:53.0140 1096 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 20:49:53.0140 1096 RasAcd - ok 20:49:53.0156 1096 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 20:49:53.0156 1096 Rasl2tp - ok 20:49:53.0171 1096 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 20:49:53.0171 1096 RasPppoe - ok 20:49:53.0187 1096 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 20:49:53.0187 1096 Raspti - ok 20:49:53.0187 1096 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 20:49:53.0203 1096 Rdbss - ok 20:49:53.0203 1096 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 20:49:53.0203 1096 RDPCDD - ok 20:49:53.0234 1096 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 20:49:53.0250 1096 RDPWD - ok 20:49:53.0250 1096 redbook (e0c7bbd18040b58651bac700c804861d) C:\WINDOWS\system32\DRIVERS\redbook.sys 20:49:53.0250 1096 redbook - ok 20:49:53.0281 1096 RTL8023xp (1e11171c0b9989e1bdaa59e96b2e81c4) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys 20:49:53.0281 1096 RTL8023xp - ok 20:49:53.0296 1096 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 20:49:53.0312 1096 rtl8139 - ok 20:49:53.0328 1096 s1039bus (d259d085f215b57b7170dc2d0b646b2a) C:\WINDOWS\system32\DRIVERS\s1039bus.sys 20:49:53.0343 1096 s1039bus - ok 20:49:53.0359 1096 s1039mdfl (4d2b6621b5913e8b1cbb650a6037b8a2) C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys 20:49:53.0359 1096 s1039mdfl - ok 20:49:53.0375 1096 s1039mdm (8149799844ab2e91ea92e9cad4224254) C:\WINDOWS\system32\DRIVERS\s1039mdm.sys 20:49:53.0375 1096 s1039mdm - ok 20:49:53.0390 1096 s1039mgmt (5e91068b3f5e003b83d8a99dc0c76e2c) C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys 20:49:53.0390 1096 s1039mgmt - ok 20:49:53.0406 1096 s1039nd5 (df54dbf1c4105d2074d07929f6ba91aa) C:\WINDOWS\system32\DRIVERS\s1039nd5.sys 20:49:53.0406 1096 s1039nd5 - ok 20:49:53.0437 1096 s1039obex (1bc084b0708d42e29e2222346149e52f) C:\WINDOWS\system32\DRIVERS\s1039obex.sys 20:49:53.0437 1096 s1039obex - ok 20:49:53.0453 1096 s1039unic (2e8ccb7bf5b1eb34bcf4ebf880b3e11c) C:\WINDOWS\system32\DRIVERS\s1039unic.sys 20:49:53.0453 1096 s1039unic - ok 20:49:53.0500 1096 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 20:49:53.0500 1096 Secdrv - ok 20:49:53.0515 1096 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 20:49:53.0515 1096 serenum - ok 20:49:53.0515 1096 Serial (d07b02f88165e69b9f17162cf592c8a6) C:\WINDOWS\system32\DRIVERS\serial.sys 20:49:53.0515 1096 Serial - ok 20:49:53.0562 1096 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 20:49:53.0562 1096 Sfloppy - ok 20:49:53.0578 1096 Simbad - ok 20:49:53.0640 1096 Sparrow - ok 20:49:53.0687 1096 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 20:49:53.0687 1096 splitter - ok 20:49:53.0703 1096 sptd - ok 20:49:53.0718 1096 sr (eb032822be406ef220d546ddffcf0002) C:\WINDOWS\system32\DRIVERS\sr.sys 20:49:53.0734 1096 sr - ok 20:49:53.0765 1096 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 20:49:53.0781 1096 Srv - ok 20:49:53.0796 1096 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 20:49:53.0796 1096 swenum - ok 20:49:53.0843 1096 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 20:49:53.0843 1096 swmidi - ok 20:49:53.0859 1096 symc810 - ok 20:49:53.0859 1096 symc8xx - ok 20:49:53.0875 1096 sym_hi - ok 20:49:53.0875 1096 sym_u3 - ok 20:49:53.0921 1096 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 20:49:53.0921 1096 sysaudio - ok 20:49:53.0953 1096 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 20:49:53.0953 1096 Tcpip - ok 20:49:53.0968 1096 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 20:49:53.0968 1096 TDPIPE - ok 20:49:53.0984 1096 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 20:49:53.0984 1096 TDTCP - ok 20:49:54.0000 1096 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 20:49:54.0000 1096 TermDD - ok 20:49:54.0015 1096 TosIde - ok 20:49:54.0046 1096 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 20:49:54.0046 1096 Udfs - ok 20:49:54.0062 1096 ultra - ok 20:49:54.0093 1096 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 20:49:54.0093 1096 Update - ok 20:49:54.0125 1096 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 20:49:54.0125 1096 usbehci - ok 20:49:54.0156 1096 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 20:49:54.0156 1096 usbhub - ok 20:49:54.0171 1096 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 20:49:54.0171 1096 usbprint - ok 20:49:54.0203 1096 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 20:49:54.0203 1096 USBSTOR - ok 20:49:54.0203 1096 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 20:49:54.0218 1096 usbuhci - ok 20:49:54.0218 1096 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 20:49:54.0218 1096 VgaSave - ok 20:49:54.0234 1096 ViaIde - ok 20:49:54.0234 1096 VolSnap (56b191ac5fc0df219949c95a6c87afe7) C:\WINDOWS\system32\drivers\VolSnap.sys 20:49:54.0250 1096 VolSnap - ok 20:49:54.0265 1096 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 20:49:54.0265 1096 Wanarp - ok 20:49:54.0281 1096 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys 20:49:54.0281 1096 wanatw - ok 20:49:54.0296 1096 WDICA - ok 20:49:54.0312 1096 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 20:49:54.0312 1096 wdmaud - ok 20:49:54.0390 1096 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 20:49:54.0390 1096 WpdUsb - ok 20:49:54.0453 1096 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 20:49:54.0468 1096 WudfPf - ok 20:49:54.0484 1096 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 20:49:54.0484 1096 WudfRd - ok 20:49:54.0531 1096 MBR (0x1B8) (32052574bf9f325ae309abc7bfd04460) \Device\Harddisk0\DR0 20:49:54.0718 1096 \Device\Harddisk0\DR0 - ok 20:49:54.0734 1096 Boot (0x1200) (9f4e84cee814698e3164c768a97ef254) \Device\Harddisk0\DR0\Partition0 20:49:54.0734 1096 \Device\Harddisk0\DR0\Partition0 - ok 20:49:54.0765 1096 Boot (0x1200) (27b0de33bc30eaf5ed54821b14343075) \Device\Harddisk0\DR0\Partition1 20:49:54.0765 1096 \Device\Harddisk0\DR0\Partition1 - ok 20:49:54.0781 1096 Boot (0x1200) (0d9213684a20805600f2701b1d9bcb8d) \Device\Harddisk0\DR0\Partition2 20:49:54.0796 1096 \Device\Harddisk0\DR0\Partition2 - ok 20:49:54.0796 1096 ============================================================ 20:49:54.0796 1096 Scan finished 20:49:54.0796 1096 ============================================================ 20:49:54.0812 3860 Detected object count: 0 20:49:54.0812 3860 Actual detected object count: 0 20:50:12.0640 1544 ============================================================ 20:50:12.0640 1544 Scan started 20:50:12.0640 1544 Mode: Manual; SigCheck; TDLFS; 20:50:12.0640 1544 ============================================================ 20:50:13.0125 1544 Abiosdsk - ok 20:50:13.0140 1544 abp480n5 - ok 20:50:13.0171 1544 ACPI (05118282f5d039595a2b92b4a4afe197) C:\WINDOWS\system32\DRIVERS\ACPI.sys 20:50:14.0687 1544 ACPI - ok 20:50:14.0703 1544 ACPIEC (66a42b7db194e24b973bbcce840a0f3f) C:\WINDOWS\system32\drivers\ACPIEC.sys 20:50:14.0828 1544 ACPIEC - ok 20:50:14.0843 1544 adpu160m - ok 20:50:14.0859 1544 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 20:50:14.0984 1544 aec - ok 20:50:15.0000 1544 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 20:50:15.0078 1544 AFD - ok 20:50:15.0078 1544 Aha154x - ok 20:50:15.0093 1544 aic78u2 - ok 20:50:15.0093 1544 aic78xx - ok 20:50:15.0109 1544 AliIde - ok 20:50:15.0109 1544 amsint - ok 20:50:15.0125 1544 asc - ok 20:50:15.0140 1544 asc3350p - ok 20:50:15.0140 1544 asc3550 - ok 20:50:15.0171 1544 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 20:50:15.0265 1544 AsyncMac - ok 20:50:15.0281 1544 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 20:50:15.0406 1544 atapi - ok 20:50:15.0406 1544 Atdisk - ok 20:50:15.0421 1544 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 20:50:15.0531 1544 Atmarpc - ok 20:50:15.0546 1544 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 20:50:15.0640 1544 audstub - ok 20:50:15.0640 1544 avgio - ok 20:50:15.0796 1544 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 20:50:15.0906 1544 Beep - ok 20:50:15.0937 1544 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 20:50:16.0046 1544 cbidf2k - ok 20:50:16.0062 1544 cd20xrnt - ok 20:50:16.0078 1544 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 20:50:16.0187 1544 Cdaudio - ok 20:50:16.0203 1544 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 20:50:16.0312 1544 Cdfs - ok 20:50:16.0343 1544 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 20:50:16.0453 1544 Cdrom - ok 20:50:16.0453 1544 Changer - ok 20:50:16.0468 1544 CmdIde - ok 20:50:16.0484 1544 Cpqarray - ok 20:50:16.0500 1544 dac2w2k - ok 20:50:16.0500 1544 dac960nt - ok 20:50:16.0515 1544 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 20:50:16.0640 1544 Disk - ok 20:50:16.0656 1544 dmboot (bc9219abc5696942e6f9ac8a9b28670f) C:\WINDOWS\system32\drivers\dmboot.sys 20:50:16.0796 1544 dmboot - ok 20:50:16.0828 1544 dmio (5fa232e3ba6e1346f9f5a7e519320cb0) C:\WINDOWS\system32\drivers\dmio.sys 20:50:16.0921 1544 dmio - ok 20:50:16.0937 1544 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 20:50:17.0046 1544 dmload - ok 20:50:17.0062 1544 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 20:50:17.0171 1544 DMusic - ok 20:50:17.0187 1544 dpti2o - ok 20:50:17.0203 1544 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 20:50:17.0296 1544 drmkaud - ok 20:50:17.0359 1544 dump_wmimmc - ok 20:50:17.0359 1544 EagleNT - ok 20:50:17.0375 1544 EagleXNt - ok 20:50:17.0390 1544 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 20:50:17.0515 1544 Fastfat - ok 20:50:17.0531 1544 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 20:50:17.0625 1544 Fdc - ok 20:50:17.0656 1544 Fips (09e2a4d33f81a06a8aab2ba0a0b5d235) C:\WINDOWS\system32\drivers\Fips.sys 20:50:17.0765 1544 Fips - ok 20:50:17.0781 1544 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 20:50:17.0875 1544 Flpydisk - ok 20:50:17.0906 1544 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 20:50:18.0015 1544 FltMgr - ok 20:50:18.0031 1544 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 20:50:18.0125 1544 Fs_Rec - ok 20:50:18.0140 1544 Ftdisk (ed6d921d8ab423138fb35beee6d6a6cb) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 20:50:18.0250 1544 Ftdisk - ok 20:50:18.0265 1544 GDBehave (1f654007b9e5764880a627b7a5390c4b) C:\WINDOWS\system32\drivers\GDBehave.sys 20:50:18.0843 1544 GDBehave - ok 20:50:18.0843 1544 GDMnIcpt (bf8fdd85091b8ae1a0acceecf84c5298) C:\WINDOWS\system32\drivers\MiniIcpt.sys 20:50:18.0890 1544 GDMnIcpt - ok 20:50:18.0890 1544 gdrv (3ce7b47ece29189855881f721df0746e) C:\WINDOWS\gdrv.sys 20:50:18.0921 1544 gdrv ( UnsignedFile.Multi.Generic ) - warning 20:50:18.0921 1544 gdrv - detected UnsignedFile.Multi.Generic (1) 20:50:18.0937 1544 GDTdiInterceptor (564777071576ce55b9204a02ec8fd645) C:\WINDOWS\system32\drivers\GDTdiIcpt.sys 20:50:18.0984 1544 GDTdiInterceptor - ok 20:50:19.0000 1544 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 20:50:19.0109 1544 Gpc - ok 20:50:19.0156 1544 GRD (7706ff2240fb112af8c2a02558e2a1cd) C:\WINDOWS\system32\drivers\GRD.sys 20:50:19.0203 1544 GRD - ok 20:50:19.0203 1544 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 20:50:19.0328 1544 HDAudBus - ok 20:50:19.0343 1544 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 20:50:19.0437 1544 hidusb - ok 20:50:19.0484 1544 HookCentre (31f0cc83185e2504f139200d77198769) C:\WINDOWS\system32\drivers\HookCentre.sys 20:50:19.0515 1544 HookCentre - ok 20:50:19.0515 1544 hpn - ok 20:50:19.0546 1544 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 20:50:19.0625 1544 HTTP - ok 20:50:19.0640 1544 i2omgmt - ok 20:50:19.0640 1544 i2omp - ok 20:50:19.0656 1544 i8042prt (177b372af55c4460d0968b5f1d02aa1c) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 20:50:19.0765 1544 i8042prt - ok 20:50:19.0781 1544 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 20:50:19.0875 1544 Imapi - ok 20:50:19.0906 1544 ini910u - ok 20:50:20.0046 1544 IntcAzAudAddService (60d7460b07012d364ced11dd9fd83e1f) C:\WINDOWS\system32\drivers\RtkHDAud.sys 20:50:20.0328 1544 IntcAzAudAddService - ok 20:50:20.0328 1544 IntelIde - ok 20:50:20.0343 1544 intelppm (da153edc09de8c4f846c085caa39d1cc) C:\WINDOWS\system32\DRIVERS\intelppm.sys 20:50:20.0453 1544 intelppm - ok 20:50:20.0468 1544 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 20:50:20.0578 1544 Ip6Fw - ok 20:50:20.0609 1544 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 20:50:20.0734 1544 IpFilterDriver - ok 20:50:20.0828 1544 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 20:50:20.0937 1544 IpInIp - ok 20:50:20.0953 1544 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 20:50:21.0078 1544 IpNat - ok 20:50:21.0093 1544 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 20:50:21.0281 1544 IPSec - ok 20:50:21.0296 1544 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 20:50:21.0406 1544 IRENUM - ok 20:50:21.0437 1544 isapnp (c8eef2e93835b81bd335de2123121283) C:\WINDOWS\system32\DRIVERS\isapnp.sys 20:50:21.0562 1544 isapnp - ok 20:50:21.0562 1544 Kbdclass (2aeca45d4aeaacbdcb77ad11184e4601) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 20:50:21.0671 1544 Kbdclass - ok 20:50:21.0687 1544 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 20:50:21.0796 1544 kmixer - ok 20:50:21.0812 1544 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 20:50:21.0906 1544 KSecDD - ok 20:50:21.0906 1544 lbrtfdc - ok 20:50:21.0921 1544 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys 20:50:21.0968 1544 MBAMProtector - ok 20:50:21.0984 1544 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys 20:50:22.0015 1544 MBAMSwissArmy - ok 20:50:22.0046 1544 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 20:50:22.0156 1544 mnmdd - ok 20:50:22.0203 1544 Modem (4a068db7dc37d5afedb6512d2931d7b3) C:\WINDOWS\system32\drivers\Modem.sys 20:50:22.0312 1544 Modem - ok 20:50:22.0328 1544 Mouclass (fbed3df6b884f8cf00447b73507f2c48) C:\WINDOWS\system32\DRIVERS\mouclass.sys 20:50:22.0437 1544 Mouclass - ok 20:50:22.0437 1544 mouhid (ecec1e6cd558ab80f944f31326e9d3b5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 20:50:22.0562 1544 mouhid - ok 20:50:22.0593 1544 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 20:50:22.0703 1544 MountMgr - ok 20:50:22.0703 1544 mraid35x - ok 20:50:22.0718 1544 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 20:50:22.0828 1544 MRxDAV - ok 20:50:22.0843 1544 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 20:50:22.0921 1544 MRxSmb - ok 20:50:22.0953 1544 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 20:50:23.0062 1544 Msfs - ok 20:50:23.0109 1544 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 20:50:23.0203 1544 MSKSSRV - ok 20:50:23.0250 1544 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 20:50:23.0343 1544 MSPCLOCK - ok 20:50:23.0343 1544 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 20:50:23.0453 1544 MSPQM - ok 20:50:23.0671 1544 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 20:50:23.0828 1544 mssmbios - ok 20:50:23.0843 1544 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 20:50:23.0906 1544 Mup - ok 20:50:23.0937 1544 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 20:50:24.0046 1544 NDIS - ok 20:50:24.0093 1544 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 20:50:24.0125 1544 NdisTapi - ok 20:50:24.0140 1544 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 20:50:24.0250 1544 Ndisuio - ok 20:50:24.0281 1544 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 20:50:24.0390 1544 NdisWan - ok 20:50:24.0421 1544 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 20:50:24.0468 1544 NDProxy - ok 20:50:24.0484 1544 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 20:50:24.0593 1544 NetBIOS - ok 20:50:24.0609 1544 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 20:50:24.0718 1544 NetBT - ok 20:50:24.0750 1544 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 20:50:24.0859 1544 Npfs - ok 20:50:24.0875 1544 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys 20:50:24.0906 1544 NPPTNT2 ( UnsignedFile.Multi.Generic ) - warning 20:50:24.0906 1544 NPPTNT2 - detected UnsignedFile.Multi.Generic (1) 20:50:24.0921 1544 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 20:50:25.0062 1544 Ntfs - ok 20:50:25.0093 1544 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 20:50:25.0187 1544 Null - ok 20:50:25.0312 1544 nv (30913cbf518396912e54c2c9f1dd0f09) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 20:50:25.0656 1544 nv - ok 20:50:25.0671 1544 NVHDA (2d2b7b3ad297c659efa1d02852ca9860) C:\WINDOWS\system32\drivers\nvhda32.sys 20:50:25.0718 1544 NVHDA - ok 20:50:25.0734 1544 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 20:50:25.0828 1544 NwlnkFlt - ok 20:50:25.0843 1544 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 20:50:25.0953 1544 NwlnkFwd - ok 20:50:25.0984 1544 Parport (2d4cdaebced17743aa9e25d3016dc229) C:\WINDOWS\system32\DRIVERS\parport.sys 20:50:26.0093 1544 Parport - ok 20:50:26.0109 1544 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 20:50:26.0203 1544 PartMgr - ok 20:50:26.0234 1544 ParVdm (453ec2c2a20a1382f564541918520eeb) C:\WINDOWS\system32\drivers\ParVdm.sys 20:50:26.0328 1544 ParVdm - ok 20:50:26.0343 1544 PCI (6862c69168d787b85a7d95ccd33c694e) C:\WINDOWS\system32\DRIVERS\pci.sys 20:50:26.0437 1544 PCI - ok 20:50:26.0437 1544 PCIDump - ok 20:50:26.0453 1544 PCIIde (548cf2d6369eae441a4c6baa75bc4f0a) C:\WINDOWS\system32\DRIVERS\pciide.sys 20:50:26.0546 1544 PCIIde - ok 20:50:26.0578 1544 Pcmcia (8db27f1ae9593c94095485305a583862) C:\WINDOWS\system32\drivers\Pcmcia.sys 20:50:26.0671 1544 Pcmcia - ok 20:50:26.0687 1544 PDCOMP - ok 20:50:26.0687 1544 PDFRAME - ok 20:50:26.0703 1544 PDRELI - ok 20:50:26.0703 1544 PDRFRAME - ok 20:50:26.0718 1544 perc2 - ok 20:50:26.0718 1544 perc2hib - ok 20:50:26.0765 1544 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 20:50:26.0859 1544 PptpMiniport - ok 20:50:26.0875 1544 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 20:50:26.0984 1544 PSched - ok 20:50:26.0984 1544 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 20:50:27.0093 1544 Ptilink - ok 20:50:27.0093 1544 ql1080 - ok 20:50:27.0109 1544 Ql10wnt - ok 20:50:27.0109 1544 ql12160 - ok 20:50:27.0125 1544 ql1240 - ok 20:50:27.0125 1544 ql1280 - ok 20:50:27.0140 1544 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 20:50:27.0250 1544 RasAcd - ok 20:50:27.0265 1544 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 20:50:27.0359 1544 Rasl2tp - ok 20:50:27.0375 1544 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 20:50:27.0484 1544 RasPppoe - ok 20:50:27.0484 1544 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 20:50:27.0593 1544 Raspti - ok 20:50:27.0609 1544 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 20:50:27.0718 1544 Rdbss - ok 20:50:27.0734 1544 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 20:50:27.0828 1544 RDPCDD - ok 20:50:27.0875 1544 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 20:50:27.0937 1544 RDPWD - ok 20:50:27.0953 1544 redbook (e0c7bbd18040b58651bac700c804861d) C:\WINDOWS\system32\DRIVERS\redbook.sys 20:50:28.0062 1544 redbook - ok 20:50:28.0078 1544 RTL8023xp (1e11171c0b9989e1bdaa59e96b2e81c4) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys 20:50:28.0171 1544 RTL8023xp - ok 20:50:28.0187 1544 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 20:50:28.0281 1544 rtl8139 - ok 20:50:28.0312 1544 s1039bus (d259d085f215b57b7170dc2d0b646b2a) C:\WINDOWS\system32\DRIVERS\s1039bus.sys 20:50:28.0359 1544 s1039bus - ok 20:50:28.0359 1544 s1039mdfl (4d2b6621b5913e8b1cbb650a6037b8a2) C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys 20:50:28.0390 1544 s1039mdfl - ok 20:50:28.0406 1544 s1039mdm (8149799844ab2e91ea92e9cad4224254) C:\WINDOWS\system32\DRIVERS\s1039mdm.sys 20:50:28.0453 1544 s1039mdm - ok 20:50:28.0468 1544 s1039mgmt (5e91068b3f5e003b83d8a99dc0c76e2c) C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys 20:50:28.0500 1544 s1039mgmt - ok 20:50:28.0515 1544 s1039nd5 (df54dbf1c4105d2074d07929f6ba91aa) C:\WINDOWS\system32\DRIVERS\s1039nd5.sys 20:50:28.0546 1544 s1039nd5 - ok 20:50:28.0562 1544 s1039obex (1bc084b0708d42e29e2222346149e52f) C:\WINDOWS\system32\DRIVERS\s1039obex.sys 20:50:28.0609 1544 s1039obex - ok 20:50:28.0609 1544 s1039unic (2e8ccb7bf5b1eb34bcf4ebf880b3e11c) C:\WINDOWS\system32\DRIVERS\s1039unic.sys 20:50:28.0656 1544 s1039unic - ok 20:50:28.0687 1544 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 20:50:28.0796 1544 Secdrv - ok 20:50:28.0812 1544 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 20:50:28.0906 1544 serenum - ok 20:50:28.0906 1544 Serial (d07b02f88165e69b9f17162cf592c8a6) C:\WINDOWS\system32\DRIVERS\serial.sys 20:50:29.0015 1544 Serial - ok 20:50:29.0046 1544 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 20:50:29.0156 1544 Sfloppy - ok 20:50:29.0156 1544 Simbad - ok 20:50:29.0171 1544 Sparrow - ok 20:50:29.0203 1544 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 20:50:29.0296 1544 splitter - ok 20:50:29.0312 1544 sptd - ok 20:50:29.0328 1544 sr (eb032822be406ef220d546ddffcf0002) C:\WINDOWS\system32\DRIVERS\sr.sys 20:50:29.0437 1544 sr - ok 20:50:29.0468 1544 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 20:50:29.0531 1544 Srv - ok 20:50:29.0562 1544 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 20:50:29.0671 1544 swenum - ok 20:50:29.0687 1544 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 20:50:29.0796 1544 swmidi - ok 20:50:29.0796 1544 symc810 - ok 20:50:29.0812 1544 symc8xx - ok 20:50:29.0812 1544 sym_hi - ok 20:50:29.0828 1544 sym_u3 - ok 20:50:29.0843 1544 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 20:50:29.0953 1544 sysaudio - ok 20:50:29.0984 1544 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 20:50:30.0046 1544 Tcpip - ok 20:50:30.0078 1544 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 20:50:30.0171 1544 TDPIPE - ok 20:50:30.0187 1544 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 20:50:30.0296 1544 TDTCP - ok 20:50:30.0312 1544 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 20:50:30.0421 1544 TermDD - ok 20:50:30.0421 1544 TosIde - ok 20:50:30.0453 1544 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 20:50:30.0562 1544 Udfs - ok 20:50:30.0562 1544 ultra - ok 20:50:30.0609 1544 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 20:50:30.0718 1544 Update - ok 20:50:30.0734 1544 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 20:50:30.0843 1544 usbehci - ok 20:50:30.0890 1544 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 20:50:31.0000 1544 usbhub - ok 20:50:31.0015 1544 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 20:50:31.0125 1544 usbprint - ok 20:50:31.0171 1544 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 20:50:31.0265 1544 USBSTOR - ok 20:50:31.0296 1544 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 20:50:31.0390 1544 usbuhci - ok 20:50:31.0390 1544 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 20:50:31.0500 1544 VgaSave - ok 20:50:31.0500 1544 ViaIde - ok 20:50:31.0515 1544 VolSnap (56b191ac5fc0df219949c95a6c87afe7) C:\WINDOWS\system32\drivers\VolSnap.sys 20:50:31.0625 1544 VolSnap - ok 20:50:31.0640 1544 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 20:50:31.0750 1544 Wanarp - ok 20:50:31.0765 1544 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys 20:50:31.0843 1544 wanatw - ok 20:50:31.0843 1544 WDICA - ok 20:50:31.0859 1544 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 20:50:31.0968 1544 wdmaud - ok 20:50:32.0015 1544 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 20:50:32.0093 1544 WpdUsb - ok 20:50:32.0171 1544 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 20:50:32.0234 1544 WudfPf - ok 20:50:32.0265 1544 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 20:50:32.0312 1544 WudfRd - ok 20:50:32.0343 1544 MBR (0x1B8) (32052574bf9f325ae309abc7bfd04460) \Device\Harddisk0\DR0 20:50:32.0718 1544 \Device\Harddisk0\DR0 - ok 20:50:32.0718 1544 Boot (0x1200) (9f4e84cee814698e3164c768a97ef254) \Device\Harddisk0\DR0\Partition0 20:50:32.0718 1544 \Device\Harddisk0\DR0\Partition0 - ok 20:50:32.0734 1544 Boot (0x1200) (27b0de33bc30eaf5ed54821b14343075) \Device\Harddisk0\DR0\Partition1 20:50:32.0734 1544 \Device\Harddisk0\DR0\Partition1 - ok 20:50:32.0750 1544 Boot (0x1200) (0d9213684a20805600f2701b1d9bcb8d) \Device\Harddisk0\DR0\Partition2 20:50:32.0750 1544 \Device\Harddisk0\DR0\Partition2 - ok 20:50:32.0750 1544 ============================================================ 20:50:32.0750 1544 Scan finished 20:50:32.0750 1544 ============================================================ 20:50:32.0875 2376 Detected object count: 2 20:50:32.0875 2376 Actual detected object count: 2 20:50:41.0468 2376 gdrv ( UnsignedFile.Multi.Generic ) - skipped by user 20:50:41.0468 2376 gdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:50:41.0468 2376 NPPTNT2 ( UnsignedFile.Multi.Generic ) - skipped by user 20:50:41.0468 2376 NPPTNT2 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Pierwszy log z ComboFix'a (za pierwszym razem nie zainstalowałem konsoli odzyskiwania, ponieważ byłem w trybie awaryjnym bez dostępu do sieci, ale coś tam usunęło, więc postanowiłem dać oba logi):

Kod: Zaznacz wszystko: ComboFix 12-01-02.01 - User 2012-01-02 21:03:21.1.2 - x86 MINIMAL Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.2047.1666 [GMT 1:00] Uruchomiony z: c:\documents and settings\User\Pulpit\ComboFix.exe AV: AntiVir Desktop *Enabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7} AV: G Data AntiVirus 2012 *Disabled/Outdated* {71310606-6F3B-49F2-9A81-8315AA75FBB3} . UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !! . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Dane aplikacji\TEMP c:\documents and settings\User\Moje dokumenty\explorer c:\documents and settings\User\Moje dokumenty\explorer\id_110531084432679_110531084432626.upf c:\documents and settings\User\Ustawienia lokalne\Dane aplikacji\assembly\tmp c:\windows\av_ico c:\windows\av_ico\ico_avira_start.ico c:\windows\btc_client_iplist.txt c:\windows\front_ip_list.txt c:\windows\geoiplist c:\windows\iecheck_iplist.txt c:\windows\iplist.txt c:\windows\IsUn0415.exe c:\windows\phoenix c:\windows\phoenix\kernels\phatk\__init__.py c:\windows\phoenix\kernels\phatk\__init__.pyc c:\windows\phoenix\kernels\phatk\BFIPatcher.py c:\windows\phoenix\kernels\phatk\kernel.cl c:\windows\phoenix\kernels\poclbm\__init__.py c:\windows\phoenix\kernels\poclbm\__init__.pyc c:\windows\phoenix\kernels\poclbm\BFIPatcher.py c:\windows\phoenix\kernels\poclbm\kernel.cl c:\windows\phoenix\phoenix.exe c:\windows\proc_list1.log c:\windows\system32\TZLog.log c:\windows\winlog-dirs.txt c:\windows\winlog-ids.txt c:\windows\winsetupapi.log . . ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_DDSERVICE -------\Legacy_SRVBTCCLIENT -------\Legacy_WXPDRIVERS . . ((((((((((((((((((((((((( Pliki utworzone od 2011-12-02 do 2012-01-02 ))))))))))))))))))))))))))))))) . . 2011-12-16 18:56 . 2011-12-16 19:01 -------- d-----w- c:\documents and settings\User\Ustawienia lokalne\Dane aplikacji\Ubisoft Game Launcher 2011-12-16 18:56 . 2011-12-16 18:56 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Ubisoft 2011-12-16 13:03 . 2011-12-16 13:03 189248 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-12-16 13:03 . 2011-12-16 13:03 75136 ----a-w- c:\windows\system32\PnkBstrA.exe 2011-12-16 13:03 . 2011-12-16 13:03 -------- d-----w- c:\documents and settings\User\Dane aplikacji\PunkBuster 2011-12-16 13:03 . 2011-12-16 13:03 -------- d-----w- c:\program files\Ubisoft 2011-12-16 13:02 . 2010-06-02 03:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll 2011-12-16 13:02 . 2010-06-02 03:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll 2011-12-16 13:02 . 2010-06-02 03:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll 2011-12-16 13:02 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll 2011-12-16 13:02 . 2010-05-26 10:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll 2011-12-16 13:02 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll 2011-12-16 13:02 . 2010-05-26 10:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll 2011-12-16 13:02 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll 2011-12-15 21:09 . 2011-12-15 21:09 -------- d-----w- c:\program files\Steam 2011-12-15 18:13 . 2011-12-15 18:13 -------- d-----w- c:\program files\Dragon UnPACKer 5 2011-12-04 13:38 . 2005-01-02 21:43 4682 ----a-w- c:\windows\system32\npptNT2.sys 2011-12-04 13:38 . 2003-07-19 06:17 5174 ----a-w- c:\windows\system32\nppt9x.vxd 2011-12-04 11:02 . 2011-11-21 04:42 134104 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2011-12-03 20:54 . 2011-12-03 20:54 -------- d-----w- c:\program files\NCsoft 2011-12-03 20:52 . 2012-01-02 20:09 -------- d-----w- c:\documents and settings\User\Ustawienia lokalne\Dane aplikacji\assembly 2011-12-03 20:21 . 2011-12-03 20:21 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2011-12-03 20:18 . 2011-12-03 20:18 -------- d-sh--w- c:\documents and settings\User\PrivacIE . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-10 14:24 . 2011-08-21 14:38 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-23 14:40 . 2006-03-02 12:00 1859840 ----a-w- c:\windows\system32\win32k.sys 2011-11-13 19:12 . 2011-11-05 15:19 52216 ----a-w- c:\windows\system32\drivers\GDTdiIcpt.sys 2011-11-13 19:12 . 2011-11-05 15:18 39544 ----a-w- c:\windows\system32\drivers\HookCentre.sys 2011-11-13 19:12 . 2011-11-05 15:18 79608 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys 2011-11-13 19:12 . 2011-11-05 15:18 40440 ----a-w- c:\windows\system32\drivers\GDBehave.sys 2011-11-05 15:30 . 2011-11-05 15:30 69112 ----a-w- c:\windows\system32\drivers\GRD.sys 2011-11-04 19:13 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec 2011-11-01 16:07 . 2006-03-02 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll 2011-10-31 19:53 . 2009-10-28 14:38 348160 ----a-w- c:\windows\system32\msvcr71.dll 2011-10-31 19:53 . 2009-10-28 14:38 499712 ----a-w- c:\windows\system32\msvcp71.dll 2011-10-28 05:32 . 2006-03-02 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 10:49 . 2006-03-02 12:00 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-26 10:49 . 2004-08-04 00:39 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-18 11:13 . 2006-03-02 12:00 186880 ----a-w- c:\windows\system32\encdec.dll 2011-10-10 14:22 . 2011-07-11 16:03 692736 ----a-w- c:\windows\system32\inetcomm.dll 2010-03-24 00:27 . 2011-07-11 17:23 3509760 ----a-w- c:\program files\BESTplayer.exe 2011-11-21 04:42 . 2011-12-04 11:02 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu 10"="c:\program files\Gadu-Gadu 10\gg.exe" [2011-07-04 13374048] "Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-10-03 3077528] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16270848] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-13 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-13 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168] "G Data AntiVirus Tray Application"="c:\program files\G Data\AntiVirus\AVKTray\AVKTray.exe" [2011-06-17 921608] "TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-10-31 273528] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableSecureUIAPaths"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager] 2009-07-20 19:52 41264 ----a-w- c:\program files\Common Files\aol\1313417367\ee\aolsoftware.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KPeerNexonEU] 2011-10-03 19:26 438272 ----a-w- c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2011-12-24 16:50 460872 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Odkurzacz-MCD] 2011-02-20 07:58 370688 ----a-w- c:\program files\Odkurzacz\odk_mcd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] 2006-05-16 10:04 2879488 ------r- c:\windows\SkyTel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion] 2011-07-25 09:41 433360 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2011-10-31 19:53 273528 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "DisableThumbnailCache"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\Winamp\\winamp.exe"= "c:\\Program Files\\Gadu-Gadu 10\\gg.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\X-Chat 2\\xchat.exe"= "c:\\Program Files\\Common Files\\aol\\acs\\AOLDial.exe"= "c:\\Program Files\\Common Files\\aol\\acs\\AOLacsd.exe"= "c:\\Program Files\\Common Files\\aol\\1313417367\\ee\\aolsoftware.exe"= "c:\\Program Files\\AOL 9.5\\waol.exe"= "c:\\Program Files\\Common Files\\aol\\TopSpeed\\3.0\\aoltpsd3.exe"= "c:\\Program Files\\Common Files\\aol\\Loader\\aolload.exe"= "c:\\Program Files\\Common Files\\aol\\System Information\\sinf.exe"= "d:\\GRY\\Left 4 Dead 2\\left4dead2.exe"= "c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"= "e:\\GRY\\Dragon Age\\bin_ship\\daorigins.exe"= "e:\\GRY\\Dragon Age\\DAOriginsLauncher.exe"= "e:\\GRY\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"= "e:\\GRY\\Metin2\\metin2.exe"= "e:\\GRY\\Metin2\\metin2.bin"= "e:\\GRY\\Metin2\\metin2client.bin"= "e:\\GRY\\Metin2\\metin2mod_2011sf.exe"= "e:\\GRY\\Kopia Metin2\\metin2.exe"= "e:\\GRY\\Kopia Metin2\\metin2client.bin"= "e:\\GRY\\Kopia Metin2\\metin2mod_2011sf.exe"= "e:\\GRY\\Metin2_PL\\metin2.bin"= "e:\\GRY\\Metin2_PL\\metin2.exe"= "e:\\GRY\\Metin2_PL\\metin2client.bin"= "e:\\GRY\\Metin2_PL\\metin2client.exe"= "e:\\GRY\\Kopia Metin2_PL\\metin2.exe"= "e:\\GRY\\Kopia Metin2_PL\\metin2client.bin"= "e:\\GRY\\Kopia Metin2_PL\\metin2client.exe"= "e:\\GRY\\Kopia (2) Metin2_PL\\metin2client.exe"= "e:\\GRY\\Kopia (2) Metin2_PL\\metin2client2.exe"= "c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "e:\\GRY\\Assassin's Creed Revelations\\ACRSP.exe"= "e:\\GRY\\Assassin's Creed Revelations\\ACRMP.exe"= "e:\\GRY\\Assassin's Creed Revelations\\AssassinsCreedRevelations.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "58883:TCP"= 58883:TCP:Pando Media Booster "58883:UDP"= 58883:UDP:Pando Media Booster . R0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2011-11-05 40440] R1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2011-11-05 79608] R1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2011-11-05 69112] R1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2011-11-05 39544] R2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Common Files\G Data\AVKProxy\AVKProxy.exe [2011-06-17 1499656] R2 AVKService;G Data Scheduler;c:\program files\G Data\AntiVirus\AVK\AVKService.exe [2011-06-17 409608] R2 AVKWCtl;G Data Strażnik systemu plików;c:\program files\G Data\AntiVirus\AVK\AVKWCtl.exe [2011-05-03 1371904] R2 GDTdiInterceptor;GDTdiInterceptor;c:\windows\system32\drivers\GDTdiIcpt.sys [2011-11-05 52216] R3 GDScan;G Data Scanner;c:\program files\Common Files\G Data\GDScan\GDScan.exe [2011-06-17 360768] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2011-07-11 58600] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S3 DAUpdaterSvc;Dragon Age: Początek - Aktualizator zawartości;e:\gry\Dragon Age\bin_ship\daupdatersvc.service.exe [2011-10-09 25832] S3 dump_wmimmc;dump_wmimmc;\??\c:\program files\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys --> c:\program files\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [?] S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-21 20464] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\drivers\s1039bus.sys [2011-07-13 98672] S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\drivers\s1039mdfl.sys [2011-07-13 14960] S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\drivers\s1039mdm.sys [2011-07-13 124016] S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1039mgmt.sys [2011-07-13 117872] S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1039nd5.sys [2011-07-13 25456] S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\drivers\s1039obex.sys [2011-07-13 113904] S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1039unic.sys [2011-07-13 123504] S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-07-13 155344] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-21 652872] S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?] . Zawartość folderu 'Zaplanowane zadania' . 2012-01-02 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1645522239-1177238915-839522115-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 12:40] . 2011-12-30 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1645522239-1177238915-839522115-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 12:40] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://www.google.pl./ uInternet Settings,ProxyServer = http=127.0.0.1 uInternet Settings,ProxyOverride = <local> IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: Interfaces\{A186B269-B46C-40DF-B5AC-2C3ACFA68282}: NameServer = 194.204.159.1,213.199.255.10 FF - ProfilePath - c:\documents and settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\7x1rmprq.default\ FF - prefs.js: browser.startup.homepage - about:home . - - - - USUNIĘTO PUSTE WPISY - - - - . HKCU-Run-PlayNC Launcher - (no file) MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe MSConfigStartUp-nwiz - nwiz.exe MSConfigStartUp-Overwolf - c:\program files\Overwolf\Overwolf.exe AddRemove-Gothic - c:\windows\IsUn0415.exe AddRemove-RealPlayer 12.0 - c:\program files\Real\RealPlayer\Update\r1puninst.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-01-02 21:13 Windows 5.1.2600 Dodatek Service Pack 3 NTFS . skanowanie ukrytych procesów ... . skanowanie ukrytych wpisów autostartu ... . skanowanie ukrytych plików ... . skanowanie pomyślnie ukończone ukryte pliki: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_USERS\S-1-5-21-1645522239-1177238915-839522115-1004\Software\SecuROM\License information*] "datasecu"=hex:08,2d,de,ce,f8,78,8d,9b,a6,cf,a7,98,68,2e,86,59,42,e9,53,d0,d1, 04,6a,57,88,cd,0e,2b,96,08,08,2f,06,a2,fa,6a,65,92,8d,30,31,ad,26,8c,b6,a7,\ "rkeysecu"=hex:39,f3,07,6f,fe,f2,62,9a,07,75,3c,21,72,72,c4,47 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{51731e44-a6f7-4771-aa48-7733727a26c4}] @Denied: (Full) (Everyone) "Model"=dword:00000114 "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,88,79,0d,22,8e,33,17,75,e6,82,db,74,d6,1f,ea,8f,64,51,35,36,23,e5,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) "scansk"=hex(0):13,fb,46,86,0d,73,41,57,93,b5,7b,31,da,05,af,fb,e4,b6,ac,3d,36, 3e,c2,0d,13,97,bb,a2,bf,7e,26,be,f5,21,b1,65,5d,8b,c5,67,00,00,00,00,00,00,\ . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- . - - - - - - - > 'explorer.exe'(10224) c:\windows\system32\WININET.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\WinSCP\DragExt.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\windows\system32\nvsvc32.exe c:\windows\RTHDCPL.EXE c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\RUNDLL32.EXE c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\PnkBstrA.exe c:\windows\system32\wbem\wmiapsrv.exe c:\program files\G Data\AntiVirus\AVK\AVK.exe . ************************************************************************** . Czas ukończenia: 2012-01-02 21:16:31 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2012-01-02 20:16 . Przed: 56 781 135 872 bajtów wolnych Po: 57 773 723 648 bajtów wolnych . - - End Of File - - E2A7B3F389A11EC091732947E1FC93C8

Drugi log z ComboFix'a (po zainstalowaniu konsoli odzyskiwania):

Kod: Zaznacz wszystko: ComboFix 12-01-02.01 - User 2012-01-02 21:35:04.2.2 - x86 NETWORK Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.2047.1778 [GMT 1:00] Uruchomiony z: c:\documents and settings\User\Pulpit\ComboFix.exe AV: AntiVir Desktop *Enabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7} AV: G Data AntiVirus 2012 *Enabled/Outdated* {71310606-6F3B-49F2-9A81-8315AA75FBB3} . . ((((((((((((((((((((((((( Pliki utworzone od 2011-12-02 do 2012-01-02 ))))))))))))))))))))))))))))))) . . 2011-12-16 18:56 . 2011-12-16 19:01 -------- d-----w- c:\documents and settings\User\Ustawienia lokalne\Dane aplikacji\Ubisoft Game Launcher 2011-12-16 18:56 . 2011-12-16 18:56 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Ubisoft 2011-12-16 13:03 . 2011-12-16 13:03 189248 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-12-16 13:03 . 2011-12-16 13:03 75136 ----a-w- c:\windows\system32\PnkBstrA.exe 2011-12-16 13:03 . 2011-12-16 13:03 -------- d-----w- c:\documents and settings\User\Dane aplikacji\PunkBuster 2011-12-16 13:03 . 2011-12-16 13:03 -------- d-----w- c:\program files\Ubisoft 2011-12-16 13:02 . 2010-06-02 03:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll 2011-12-16 13:02 . 2010-06-02 03:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll 2011-12-16 13:02 . 2010-06-02 03:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll 2011-12-16 13:02 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll 2011-12-16 13:02 . 2010-05-26 10:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll 2011-12-16 13:02 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll 2011-12-16 13:02 . 2010-05-26 10:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll 2011-12-16 13:02 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll 2011-12-15 21:09 . 2011-12-15 21:09 -------- d-----w- c:\program files\Steam 2011-12-15 18:13 . 2011-12-15 18:13 -------- d-----w- c:\program files\Dragon UnPACKer 5 2011-12-04 13:38 . 2005-01-02 21:43 4682 ----a-w- c:\windows\system32\npptNT2.sys 2011-12-04 13:38 . 2003-07-19 06:17 5174 ----a-w- c:\windows\system32\nppt9x.vxd 2011-12-04 11:02 . 2011-11-21 04:42 134104 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2011-12-03 20:54 . 2011-12-03 20:54 -------- d-----w- c:\program files\NCsoft 2011-12-03 20:52 . 2012-01-02 20:09 -------- d-----w- c:\documents and settings\User\Ustawienia lokalne\Dane aplikacji\assembly . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-10 14:24 . 2011-08-21 14:38 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-23 14:40 . 2006-03-02 12:00 1859840 ----a-w- c:\windows\system32\win32k.sys 2011-11-13 19:12 . 2011-11-05 15:19 52216 ----a-w- c:\windows\system32\drivers\GDTdiIcpt.sys 2011-11-13 19:12 . 2011-11-05 15:18 39544 ----a-w- c:\windows\system32\drivers\HookCentre.sys 2011-11-13 19:12 . 2011-11-05 15:18 79608 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys 2011-11-13 19:12 . 2011-11-05 15:18 40440 ----a-w- c:\windows\system32\drivers\GDBehave.sys 2011-11-05 15:30 . 2011-11-05 15:30 69112 ----a-w- c:\windows\system32\drivers\GRD.sys 2011-11-04 19:13 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec 2011-11-01 16:07 . 2006-03-02 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll 2011-10-31 19:53 . 2009-10-28 14:38 348160 ----a-w- c:\windows\system32\msvcr71.dll 2011-10-31 19:53 . 2009-10-28 14:38 499712 ----a-w- c:\windows\system32\msvcp71.dll 2011-10-28 05:32 . 2006-03-02 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 10:49 . 2006-03-02 12:00 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-26 10:49 . 2004-08-04 00:39 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-18 11:13 . 2006-03-02 12:00 186880 ----a-w- c:\windows\system32\encdec.dll 2011-10-10 14:22 . 2011-07-11 16:03 692736 ----a-w- c:\windows\system32\inetcomm.dll 2010-03-24 00:27 . 2011-07-11 17:23 3509760 ----a-w- c:\program files\BESTplayer.exe 2011-11-21 04:42 . 2011-12-04 11:02 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu 10"="c:\program files\Gadu-Gadu 10\gg.exe" [2011-07-04 13374048] "Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-10-03 3077528] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16270848] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-13 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-13 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168] "G Data AntiVirus Tray Application"="c:\program files\G Data\AntiVirus\AVKTray\AVKTray.exe" [2011-06-17 921608] "TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-10-31 273528] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableSecureUIAPaths"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager] 2009-07-20 19:52 41264 ----a-w- c:\program files\Common Files\aol\1313417367\ee\aolsoftware.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KPeerNexonEU] 2011-10-03 19:26 438272 ----a-w- c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2011-12-24 16:50 460872 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Odkurzacz-MCD] 2011-02-20 07:58 370688 ----a-w- c:\program files\Odkurzacz\odk_mcd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] 2006-05-16 10:04 2879488 ------r- c:\windows\SkyTel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion] 2011-07-25 09:41 433360 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2011-10-31 19:53 273528 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "DisableThumbnailCache"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\Winamp\\winamp.exe"= "c:\\Program Files\\Gadu-Gadu 10\\gg.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\X-Chat 2\\xchat.exe"= "c:\\Program Files\\Common Files\\aol\\acs\\AOLDial.exe"= "c:\\Program Files\\Common Files\\aol\\acs\\AOLacsd.exe"= "c:\\Program Files\\Common Files\\aol\\1313417367\\ee\\aolsoftware.exe"= "c:\\Program Files\\AOL 9.5\\waol.exe"= "c:\\Program Files\\Common Files\\aol\\TopSpeed\\3.0\\aoltpsd3.exe"= "c:\\Program Files\\Common Files\\aol\\Loader\\aolload.exe"= "c:\\Program Files\\Common Files\\aol\\System Information\\sinf.exe"= "d:\\GRY\\Left 4 Dead 2\\left4dead2.exe"= "c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"= "e:\\GRY\\Dragon Age\\bin_ship\\daorigins.exe"= "e:\\GRY\\Dragon Age\\DAOriginsLauncher.exe"= "e:\\GRY\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"= "e:\\GRY\\Metin2\\metin2.exe"= "e:\\GRY\\Metin2\\metin2.bin"= "e:\\GRY\\Metin2\\metin2client.bin"= "e:\\GRY\\Metin2\\metin2mod_2011sf.exe"= "e:\\GRY\\Kopia Metin2\\metin2.exe"= "e:\\GRY\\Kopia Metin2\\metin2client.bin"= "e:\\GRY\\Kopia Metin2\\metin2mod_2011sf.exe"= "e:\\GRY\\Metin2_PL\\metin2.bin"= "e:\\GRY\\Metin2_PL\\metin2.exe"= "e:\\GRY\\Metin2_PL\\metin2client.bin"= "e:\\GRY\\Metin2_PL\\metin2client.exe"= "e:\\GRY\\Kopia Metin2_PL\\metin2.exe"= "e:\\GRY\\Kopia Metin2_PL\\metin2client.bin"= "e:\\GRY\\Kopia Metin2_PL\\metin2client.exe"= "e:\\GRY\\Kopia (2) Metin2_PL\\metin2client.exe"= "e:\\GRY\\Kopia (2) Metin2_PL\\metin2client2.exe"= "c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "e:\\GRY\\Assassin's Creed Revelations\\ACRSP.exe"= "e:\\GRY\\Assassin's Creed Revelations\\ACRMP.exe"= "e:\\GRY\\Assassin's Creed Revelations\\AssassinsCreedRevelations.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "58883:TCP"= 58883:TCP:Pando Media Booster "58883:UDP"= 58883:UDP:Pando Media Booster . R0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2011-11-05 40440] S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2011-11-05 79608] S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2011-11-05 69112] S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2011-11-05 39544] S2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Common Files\G Data\AVKProxy\AVKProxy.exe [2011-06-17 1499656] S2 AVKService;G Data Scheduler;c:\program files\G Data\AntiVirus\AVK\AVKService.exe [2011-06-17 409608] S2 AVKWCtl;G Data Strażnik systemu plików;c:\program files\G Data\AntiVirus\AVK\AVKWCtl.exe [2011-05-03 1371904] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 GDTdiInterceptor;GDTdiInterceptor;c:\windows\system32\drivers\GDTdiIcpt.sys [2011-11-05 52216] S3 DAUpdaterSvc;Dragon Age: Początek - Aktualizator zawartości;e:\gry\Dragon Age\bin_ship\daupdatersvc.service.exe [2011-10-09 25832] S3 dump_wmimmc;dump_wmimmc;\??\c:\program files\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys --> c:\program files\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [?] S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?] S3 GDScan;G Data Scanner;c:\program files\Common Files\G Data\GDScan\GDScan.exe [2011-06-17 360768] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-21 20464] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2011-07-11 58600] S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\drivers\s1039bus.sys [2011-07-13 98672] S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\drivers\s1039mdfl.sys [2011-07-13 14960] S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\drivers\s1039mdm.sys [2011-07-13 124016] S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1039mgmt.sys [2011-07-13 117872] S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1039nd5.sys [2011-07-13 25456] S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\drivers\s1039obex.sys [2011-07-13 113904] S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1039unic.sys [2011-07-13 123504] S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-07-13 155344] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-21 652872] S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?] . Zawartość folderu 'Zaplanowane zadania' . 2012-01-02 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1645522239-1177238915-839522115-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 12:40] . 2011-12-30 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1645522239-1177238915-839522115-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 12:40] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://www.google.pl./ uInternet Settings,ProxyServer = http=127.0.0.1 uInternet Settings,ProxyOverride = <local> IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: Interfaces\{A186B269-B46C-40DF-B5AC-2C3ACFA68282}: NameServer = 194.204.159.1,213.199.255.10 FF - ProfilePath - c:\documents and settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\7x1rmprq.default\ FF - prefs.js: browser.startup.homepage - about:home . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-01-02 21:37 Windows 5.1.2600 Dodatek Service Pack 3 NTFS . skanowanie ukrytych procesów ... . skanowanie ukrytych wpisów autostartu ... . skanowanie ukrytych plików ... . skanowanie pomyślnie ukończone ukryte pliki: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_USERS\S-1-5-21-1645522239-1177238915-839522115-1004\Software\SecuROM\License information*] "datasecu"=hex:08,2d,de,ce,f8,78,8d,9b,a6,cf,a7,98,68,2e,86,59,42,e9,53,d0,d1, 04,6a,57,88,cd,0e,2b,96,08,08,2f,06,a2,fa,6a,65,92,8d,30,31,ad,26,8c,b6,a7,\ "rkeysecu"=hex:39,f3,07,6f,fe,f2,62,9a,07,75,3c,21,72,72,c4,47 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{51731e44-a6f7-4771-aa48-7733727a26c4}] @Denied: (Full) (Everyone) "Model"=dword:00000114 "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,88,79,0d,22,8e,33,17,75,e6,82,db,74,d6,1f,ea,8f,64,51,35,36,23,e5,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) "scansk"=hex(0):13,fb,46,86,0d,73,41,57,93,b5,7b,31,da,05,af,fb,e4,b6,ac,3d,36, 3e,c2,0d,13,97,bb,a2,bf,7e,26,be,f5,21,b1,65,5d,8b,c5,67,00,00,00,00,00,00,\ . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- . - - - - - - - > 'explorer.exe'(1084) c:\windows\system32\WININET.dll . Czas ukończenia: 2012-01-02 21:38:42 ComboFix-quarantined-files.txt 2012-01-02 20:38 ComboFix2.txt 2012-01-02 20:16 . Przed: 57 749 299 200 bajtów wolnych Po: 57 747 095 552 bajtów wolnych . WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=AlwaysOff /fastdetect . - - End Of File - - 0134D1FB28651AE35DE91713513C3F0D

Pozdrawiam

**Posty:** 18165 · przez **wojtas** 02 Sty 2012, 23:02

odpal Kaspra z opcji Cure teraz

dajesz z niego raport i nowy log z OTL

**Posty:** 67 · przez **kamos1602** 03 Sty 2012, 00:05

Log z Kaspra:

Kod: Zaznacz wszystko: 22:42:02.0375 1612 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16 22:42:02.0515 1612 ============================================================ 22:42:02.0515 1612 Current date / time: 2012/01/02 22:42:02.0515 22:42:02.0515 1612 SystemInfo: 22:42:02.0515 1612 22:42:02.0515 1612 OS Version: 5.1.2600 ServicePack: 3.0 22:42:02.0515 1612 Product type: Workstation 22:42:02.0515 1612 ComputerName: KOMP 22:42:02.0515 1612 UserName: User 22:42:02.0515 1612 Windows directory: C:\WINDOWS 22:42:02.0515 1612 System windows directory: C:\WINDOWS 22:42:02.0515 1612 Processor architecture: Intel x86 22:42:02.0515 1612 Number of processors: 2 22:42:02.0515 1612 Page size: 0x1000 22:42:02.0515 1612 Boot type: Normal boot 22:42:02.0515 1612 ============================================================ 22:42:04.0890 1612 Initialize success 22:42:10.0578 2680 ============================================================ 22:42:10.0578 2680 Scan started 22:42:10.0578 2680 Mode: Manual; SigCheck; TDLFS; 22:42:10.0578 2680 ============================================================ 22:42:12.0421 2680 Abiosdsk - ok 22:42:12.0421 2680 abp480n5 - ok 22:42:12.0453 2680 ACPI (05118282f5d039595a2b92b4a4afe197) C:\WINDOWS\system32\DRIVERS\ACPI.sys 22:42:12.0843 2680 ACPI - ok 22:42:12.0890 2680 ACPIEC (66a42b7db194e24b973bbcce840a0f3f) C:\WINDOWS\system32\drivers\ACPIEC.sys 22:42:13.0000 2680 ACPIEC - ok 22:42:13.0000 2680 adpu160m - ok 22:42:13.0046 2680 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 22:42:13.0156 2680 aec - ok 22:42:13.0187 2680 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 22:42:13.0281 2680 AFD - ok 22:42:13.0281 2680 Aha154x - ok 22:42:13.0296 2680 aic78u2 - ok 22:42:13.0296 2680 aic78xx - ok 22:42:13.0312 2680 AliIde - ok 22:42:13.0328 2680 amsint - ok 22:42:13.0343 2680 asc - ok 22:42:13.0343 2680 asc3350p - ok 22:42:13.0359 2680 asc3550 - ok 22:42:13.0406 2680 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 22:42:13.0500 2680 AsyncMac - ok 22:42:13.0515 2680 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 22:42:13.0656 2680 atapi - ok 22:42:13.0671 2680 Atdisk - ok 22:42:13.0703 2680 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 22:42:13.0796 2680 Atmarpc - ok 22:42:13.0843 2680 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 22:42:13.0937 2680 audstub - ok 22:42:13.0968 2680 avgio - ok 22:42:14.0015 2680 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 22:42:14.0125 2680 Beep - ok 22:42:14.0203 2680 catchme - ok 22:42:14.0234 2680 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 22:42:14.0328 2680 cbidf2k - ok 22:42:14.0343 2680 cd20xrnt - ok 22:42:14.0359 2680 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 22:42:14.0468 2680 Cdaudio - ok 22:42:14.0500 2680 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 22:42:14.0609 2680 Cdfs - ok 22:42:14.0656 2680 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 22:42:14.0750 2680 Cdrom - ok 22:42:14.0765 2680 Changer - ok 22:42:14.0781 2680 CmdIde - ok 22:42:14.0796 2680 Cpqarray - ok 22:42:14.0812 2680 dac2w2k - ok 22:42:14.0812 2680 dac960nt - ok 22:42:14.0828 2680 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 22:42:14.0937 2680 Disk - ok 22:42:14.0968 2680 dmboot (bc9219abc5696942e6f9ac8a9b28670f) C:\WINDOWS\system32\drivers\dmboot.sys 22:42:15.0093 2680 dmboot - ok 22:42:15.0109 2680 dmio (5fa232e3ba6e1346f9f5a7e519320cb0) C:\WINDOWS\system32\drivers\dmio.sys 22:42:15.0218 2680 dmio - ok 22:42:15.0234 2680 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 22:42:15.0343 2680 dmload - ok 22:42:15.0359 2680 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 22:42:15.0468 2680 DMusic - ok 22:42:15.0484 2680 dpti2o - ok 22:42:15.0531 2680 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 22:42:15.0625 2680 drmkaud - ok 22:42:15.0703 2680 dump_wmimmc - ok 22:42:15.0718 2680 EagleNT - ok 22:42:15.0734 2680 EagleXNt - ok 22:42:15.0750 2680 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 22:42:15.0890 2680 Fastfat - ok 22:42:15.0937 2680 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 22:42:16.0046 2680 Fdc - ok 22:42:16.0062 2680 Fips (09e2a4d33f81a06a8aab2ba0a0b5d235) C:\WINDOWS\system32\drivers\Fips.sys 22:42:16.0171 2680 Fips - ok 22:42:16.0187 2680 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 22:42:16.0281 2680 Flpydisk - ok 22:42:16.0312 2680 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 22:42:16.0421 2680 FltMgr - ok 22:42:16.0421 2680 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 22:42:16.0531 2680 Fs_Rec - ok 22:42:16.0531 2680 Ftdisk (ed6d921d8ab423138fb35beee6d6a6cb) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 22:42:16.0640 2680 Ftdisk - ok 22:42:16.0656 2680 GDBehave (1f654007b9e5764880a627b7a5390c4b) C:\WINDOWS\system32\drivers\GDBehave.sys 22:42:16.0812 2680 GDBehave - ok 22:42:16.0812 2680 GDMnIcpt (bf8fdd85091b8ae1a0acceecf84c5298) C:\WINDOWS\system32\drivers\MiniIcpt.sys 22:42:16.0859 2680 GDMnIcpt - ok 22:42:16.0890 2680 gdrv (3ce7b47ece29189855881f721df0746e) C:\WINDOWS\gdrv.sys 22:42:17.0671 2680 gdrv ( UnsignedFile.Multi.Generic ) - warning 22:42:17.0671 2680 gdrv - detected UnsignedFile.Multi.Generic (1) 22:42:17.0765 2680 GDTdiInterceptor (564777071576ce55b9204a02ec8fd645) C:\WINDOWS\system32\drivers\GDTdiIcpt.sys 22:42:17.0812 2680 GDTdiInterceptor - ok 22:42:17.0875 2680 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 22:42:17.0984 2680 Gpc - ok 22:42:18.0015 2680 GRD (7706ff2240fb112af8c2a02558e2a1cd) C:\WINDOWS\system32\drivers\GRD.sys 22:42:18.0062 2680 GRD - ok 22:42:18.0062 2680 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 22:42:18.0203 2680 HDAudBus - ok 22:42:18.0218 2680 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 22:42:18.0312 2680 hidusb - ok 22:42:18.0343 2680 HookCentre (31f0cc83185e2504f139200d77198769) C:\WINDOWS\system32\drivers\HookCentre.sys 22:42:18.0390 2680 HookCentre - ok 22:42:18.0390 2680 hpn - ok 22:42:18.0421 2680 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 22:42:18.0500 2680 HTTP - ok 22:42:18.0515 2680 i2omgmt - ok 22:42:18.0515 2680 i2omp - ok 22:42:18.0531 2680 i8042prt (177b372af55c4460d0968b5f1d02aa1c) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 22:42:18.0640 2680 i8042prt - ok 22:42:18.0687 2680 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 22:42:18.0796 2680 Imapi - ok 22:42:18.0796 2680 ini910u - ok 22:42:18.0906 2680 IntcAzAudAddService (60d7460b07012d364ced11dd9fd83e1f) C:\WINDOWS\system32\drivers\RtkHDAud.sys 22:42:19.0156 2680 IntcAzAudAddService - ok 22:42:19.0156 2680 IntelIde - ok 22:42:19.0171 2680 intelppm (da153edc09de8c4f846c085caa39d1cc) C:\WINDOWS\system32\DRIVERS\intelppm.sys 22:42:19.0281 2680 intelppm - ok 22:42:19.0296 2680 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 22:42:19.0390 2680 Ip6Fw - ok 22:42:19.0484 2680 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 22:42:19.0593 2680 IpFilterDriver - ok 22:42:19.0640 2680 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 22:42:19.0750 2680 IpInIp - ok 22:42:19.0750 2680 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 22:42:19.0859 2680 IpNat - ok 22:42:19.0875 2680 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 22:42:19.0968 2680 IPSec - ok 22:42:19.0984 2680 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 22:42:20.0078 2680 IRENUM - ok 22:42:20.0109 2680 isapnp (c8eef2e93835b81bd335de2123121283) C:\WINDOWS\system32\DRIVERS\isapnp.sys 22:42:20.0218 2680 isapnp - ok 22:42:20.0234 2680 Kbdclass (2aeca45d4aeaacbdcb77ad11184e4601) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 22:42:20.0328 2680 Kbdclass - ok 22:42:20.0359 2680 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 22:42:20.0468 2680 kmixer - ok 22:42:20.0484 2680 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 22:42:20.0546 2680 KSecDD - ok 22:42:20.0562 2680 lbrtfdc - ok 22:42:20.0578 2680 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys 22:42:20.0625 2680 MBAMProtector - ok 22:42:20.0640 2680 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 22:42:20.0734 2680 mnmdd - ok 22:42:20.0765 2680 Modem (4a068db7dc37d5afedb6512d2931d7b3) C:\WINDOWS\system32\drivers\Modem.sys 22:42:20.0859 2680 Modem - ok 22:42:20.0875 2680 Mouclass (fbed3df6b884f8cf00447b73507f2c48) C:\WINDOWS\system32\DRIVERS\mouclass.sys 22:42:20.0968 2680 Mouclass - ok 22:42:21.0000 2680 mouhid (ecec1e6cd558ab80f944f31326e9d3b5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 22:42:21.0109 2680 mouhid - ok 22:42:21.0109 2680 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 22:42:21.0218 2680 MountMgr - ok 22:42:21.0218 2680 mraid35x - ok 22:42:21.0234 2680 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 22:42:21.0343 2680 MRxDAV - ok 22:42:21.0359 2680 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 22:42:21.0453 2680 MRxSmb - ok 22:42:21.0468 2680 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 22:42:21.0578 2680 Msfs - ok 22:42:21.0625 2680 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 22:42:21.0734 2680 MSKSSRV - ok 22:42:21.0750 2680 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 22:42:21.0843 2680 MSPCLOCK - ok 22:42:21.0859 2680 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 22:42:21.0953 2680 MSPQM - ok 22:42:21.0968 2680 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 22:42:22.0062 2680 mssmbios - ok 22:42:22.0078 2680 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 22:42:23.0265 2680 Mup - ok 22:42:23.0468 2680 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 22:42:23.0578 2680 NDIS - ok 22:42:23.0671 2680 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 22:42:23.0734 2680 NdisTapi - ok 22:42:23.0781 2680 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 22:42:23.0875 2680 Ndisuio - ok 22:42:23.0953 2680 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 22:42:24.0062 2680 NdisWan - ok 22:42:24.0062 2680 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 22:42:24.0125 2680 NDProxy - ok 22:42:24.0125 2680 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 22:42:24.0265 2680 NetBIOS - ok 22:42:24.0265 2680 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 22:42:24.0375 2680 NetBT - ok 22:42:24.0468 2680 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 22:42:24.0578 2680 Npfs - ok 22:42:24.0609 2680 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys 22:42:24.0640 2680 NPPTNT2 ( UnsignedFile.Multi.Generic ) - warning 22:42:24.0640 2680 NPPTNT2 - detected UnsignedFile.Multi.Generic (1) 22:42:24.0656 2680 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 22:42:24.0796 2680 Ntfs - ok 22:42:24.0812 2680 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 22:42:24.0906 2680 Null - ok 22:42:25.0046 2680 nv (30913cbf518396912e54c2c9f1dd0f09) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 22:42:25.0484 2680 nv - ok 22:42:25.0578 2680 NVHDA (2d2b7b3ad297c659efa1d02852ca9860) C:\WINDOWS\system32\drivers\nvhda32.sys 22:42:25.0609 2680 NVHDA - ok 22:42:25.0625 2680 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 22:42:25.0734 2680 NwlnkFlt - ok 22:42:25.0750 2680 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 22:42:25.0859 2680 NwlnkFwd - ok 22:42:25.0890 2680 Parport (2d4cdaebced17743aa9e25d3016dc229) C:\WINDOWS\system32\DRIVERS\parport.sys 22:42:26.0062 2680 Parport - ok 22:42:26.0062 2680 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 22:42:26.0171 2680 PartMgr - ok 22:42:26.0171 2680 ParVdm (453ec2c2a20a1382f564541918520eeb) C:\WINDOWS\system32\drivers\ParVdm.sys 22:42:26.0281 2680 ParVdm - ok 22:42:26.0312 2680 PCI (6862c69168d787b85a7d95ccd33c694e) C:\WINDOWS\system32\DRIVERS\pci.sys 22:42:26.0406 2680 PCI - ok 22:42:26.0421 2680 PCIDump - ok 22:42:26.0437 2680 PCIIde (548cf2d6369eae441a4c6baa75bc4f0a) C:\WINDOWS\system32\DRIVERS\pciide.sys 22:42:26.0531 2680 PCIIde - ok 22:42:26.0562 2680 Pcmcia (8db27f1ae9593c94095485305a583862) C:\WINDOWS\system32\drivers\Pcmcia.sys 22:42:26.0656 2680 Pcmcia - ok 22:42:26.0671 2680 PDCOMP - ok 22:42:26.0671 2680 PDFRAME - ok 22:42:26.0687 2680 PDRELI - ok 22:42:26.0687 2680 PDRFRAME - ok 22:42:26.0703 2680 perc2 - ok 22:42:26.0703 2680 perc2hib - ok 22:42:26.0750 2680 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 22:42:26.0843 2680 PptpMiniport - ok 22:42:26.0859 2680 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 22:42:26.0968 2680 PSched - ok 22:42:27.0000 2680 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 22:42:27.0109 2680 Ptilink - ok 22:42:27.0125 2680 ql1080 - ok 22:42:27.0125 2680 Ql10wnt - ok 22:42:27.0140 2680 ql12160 - ok 22:42:27.0140 2680 ql1240 - ok 22:42:27.0156 2680 ql1280 - ok 22:42:27.0171 2680 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 22:42:27.0281 2680 RasAcd - ok 22:42:27.0312 2680 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 22:42:27.0421 2680 Rasl2tp - ok 22:42:27.0437 2680 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 22:42:27.0531 2680 RasPppoe - ok 22:42:27.0546 2680 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 22:42:27.0656 2680 Raspti - ok 22:42:27.0671 2680 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 22:42:27.0781 2680 Rdbss - ok 22:42:27.0812 2680 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 22:42:27.0906 2680 RDPCDD - ok 22:42:27.0953 2680 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 22:42:28.0015 2680 RDPWD - ok 22:42:28.0015 2680 redbook (e0c7bbd18040b58651bac700c804861d) C:\WINDOWS\system32\DRIVERS\redbook.sys 22:42:28.0140 2680 redbook - ok 22:42:28.0171 2680 RTL8023xp (1e11171c0b9989e1bdaa59e96b2e81c4) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys 22:42:28.0250 2680 RTL8023xp - ok 22:42:28.0265 2680 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 22:42:28.0359 2680 rtl8139 - ok 22:42:28.0390 2680 s1039bus (d259d085f215b57b7170dc2d0b646b2a) C:\WINDOWS\system32\DRIVERS\s1039bus.sys 22:42:28.0421 2680 s1039bus - ok 22:42:28.0453 2680 s1039mdfl (4d2b6621b5913e8b1cbb650a6037b8a2) C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys 22:42:28.0484 2680 s1039mdfl - ok 22:42:28.0500 2680 s1039mdm (8149799844ab2e91ea92e9cad4224254) C:\WINDOWS\system32\DRIVERS\s1039mdm.sys 22:42:28.0546 2680 s1039mdm - ok 22:42:28.0578 2680 s1039mgmt (5e91068b3f5e003b83d8a99dc0c76e2c) C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys 22:42:28.0609 2680 s1039mgmt - ok 22:42:28.0625 2680 s1039nd5 (df54dbf1c4105d2074d07929f6ba91aa) C:\WINDOWS\system32\DRIVERS\s1039nd5.sys 22:42:28.0656 2680 s1039nd5 - ok 22:42:28.0687 2680 s1039obex (1bc084b0708d42e29e2222346149e52f) C:\WINDOWS\system32\DRIVERS\s1039obex.sys 22:42:28.0734 2680 s1039obex - ok 22:42:28.0765 2680 s1039unic (2e8ccb7bf5b1eb34bcf4ebf880b3e11c) C:\WINDOWS\system32\DRIVERS\s1039unic.sys 22:42:28.0796 2680 s1039unic - ok 22:42:28.0812 2680 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 22:42:28.0921 2680 Secdrv - ok 22:42:28.0953 2680 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 22:42:29.0046 2680 serenum - ok 22:42:29.0062 2680 Serial (d07b02f88165e69b9f17162cf592c8a6) C:\WINDOWS\system32\DRIVERS\serial.sys 22:42:29.0171 2680 Serial - ok 22:42:29.0203 2680 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 22:42:29.0296 2680 Sfloppy - ok 22:42:29.0312 2680 Simbad - ok 22:42:29.0328 2680 Sparrow - ok 22:42:29.0359 2680 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 22:42:29.0453 2680 splitter - ok 22:42:29.0453 2680 sptd - ok 22:42:29.0484 2680 sr (eb032822be406ef220d546ddffcf0002) C:\WINDOWS\system32\DRIVERS\sr.sys 22:42:29.0578 2680 sr - ok 22:42:29.0625 2680 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 22:42:29.0703 2680 Srv - ok 22:42:29.0734 2680 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 22:42:29.0828 2680 swenum - ok 22:42:29.0843 2680 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 22:42:29.0953 2680 swmidi - ok 22:42:29.0953 2680 symc810 - ok 22:42:29.0968 2680 symc8xx - ok 22:42:29.0968 2680 sym_hi - ok 22:42:29.0984 2680 sym_u3 - ok 22:42:30.0015 2680 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 22:42:30.0109 2680 sysaudio - ok 22:42:30.0140 2680 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 22:42:30.0218 2680 Tcpip - ok 22:42:30.0234 2680 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 22:42:30.0328 2680 TDPIPE - ok 22:42:30.0343 2680 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 22:42:30.0437 2680 TDTCP - ok 22:42:30.0453 2680 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 22:42:30.0562 2680 TermDD - ok 22:42:30.0578 2680 TosIde - ok 22:42:30.0625 2680 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 22:42:30.0734 2680 Udfs - ok 22:42:30.0734 2680 ultra - ok 22:42:30.0750 2680 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 22:42:30.0859 2680 Update - ok 22:42:30.0875 2680 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 22:42:30.0984 2680 usbehci - ok 22:42:31.0015 2680 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 22:42:31.0125 2680 usbhub - ok 22:42:31.0140 2680 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 22:42:31.0234 2680 usbprint - ok 22:42:31.0265 2680 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 22:42:31.0359 2680 USBSTOR - ok 22:42:31.0390 2680 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 22:42:31.0500 2680 usbuhci - ok 22:42:31.0500 2680 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 22:42:31.0609 2680 VgaSave - ok 22:42:31.0609 2680 ViaIde - ok 22:42:31.0625 2680 VolSnap (56b191ac5fc0df219949c95a6c87afe7) C:\WINDOWS\system32\drivers\VolSnap.sys 22:42:31.0718 2680 VolSnap - ok 22:42:31.0734 2680 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 22:42:31.0875 2680 Wanarp - ok 22:42:31.0906 2680 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys 22:42:31.0984 2680 wanatw - ok 22:42:31.0984 2680 WDICA - ok 22:42:32.0000 2680 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 22:42:32.0109 2680 wdmaud - ok 22:42:32.0156 2680 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 22:42:32.0234 2680 WpdUsb - ok 22:42:32.0281 2680 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 22:42:32.0328 2680 WudfPf - ok 22:42:32.0359 2680 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 22:42:32.0750 2680 WudfRd - ok 22:42:32.0812 2680 MBR (0x1B8) (32052574bf9f325ae309abc7bfd04460) \Device\Harddisk0\DR0 22:42:33.0203 2680 \Device\Harddisk0\DR0 - ok 22:42:33.0203 2680 Boot (0x1200) (9f4e84cee814698e3164c768a97ef254) \Device\Harddisk0\DR0\Partition0 22:42:33.0203 2680 \Device\Harddisk0\DR0\Partition0 - ok 22:42:33.0203 2680 Boot (0x1200) (27b0de33bc30eaf5ed54821b14343075) \Device\Harddisk0\DR0\Partition1 22:42:33.0203 2680 \Device\Harddisk0\DR0\Partition1 - ok 22:42:33.0218 2680 Boot (0x1200) (0d9213684a20805600f2701b1d9bcb8d) \Device\Harddisk0\DR0\Partition2 22:42:33.0218 2680 \Device\Harddisk0\DR0\Partition2 - ok 22:42:33.0218 2680 ============================================================ 22:42:33.0218 2680 Scan finished 22:42:33.0218 2680 ============================================================ 22:42:33.0328 2316 Detected object count: 2 22:42:33.0328 2316 Actual detected object count: 2 22:43:09.0406 2316 HKLM\SYSTEM\ControlSet001\services\gdrv - will be deleted on reboot 22:43:09.0406 2316 HKLM\SYSTEM\ControlSet003\services\gdrv - will be deleted on reboot 22:43:09.0406 2316 C:\WINDOWS\gdrv.sys - will be deleted on reboot 22:43:09.0406 2316 gdrv ( UnsignedFile.Multi.Generic ) - User select action: Delete 22:43:09.0406 2316 HKLM\SYSTEM\ControlSet001\services\NPPTNT2 - will be deleted on reboot 22:43:09.0406 2316 HKLM\SYSTEM\ControlSet003\services\NPPTNT2 - will be deleted on reboot 22:43:09.0406 2316 C:\WINDOWS\system32\npptNT2.sys - will be deleted on reboot 22:43:09.0406 2316 NPPTNT2 ( UnsignedFile.Multi.Generic ) - User select action: Delete

I dwa z OTL:

Kod: Zaznacz wszystko: OTL logfile created on: 2012-01-02 22:50:40 - Run 4 OTL by OldTimer - Version 3.2.31.0 Folder = D:\Jdownloader Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 87,79% Memory free 3,85 Gb Paging File | 3,79 Gb Available in Paging File | 98,37% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 53,79 Gb Free Space | 55,08% Space Free | Partition Type: NTFS Drive D: | 649,42 Gb Total Space | 526,24 Gb Free Space | 81,03% Space Free | Partition Type: NTFS Drive E: | 650,19 Gb Total Space | 599,67 Gb Free Space | 92,23% Space Free | Partition Type: NTFS Computer Name: KOMP | User Name: User | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-01-01 18:27:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Jdownloader\OTL.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2011-12-24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011-09-13 13:10:32 | 001,499,656 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2011-07-10 23:47:00 | 004,792,624 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2011-06-29 14:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion) SRV - [2011-06-17 16:43:56 | 000,409,608 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Program Files\G Data\AntiVirus\AVK\AVKService.exe -- (AVKService) SRV - [2011-06-17 16:43:54 | 000,360,768 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\G Data\GDScan\GDScan.exe -- (GDScan) SRV - [2011-05-26 02:10:36 | 001,371,904 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Program Files\G Data\AntiVirus\AVK\AVKWCtl.exe -- (AVKWCtl) SRV - [2009-07-26 05:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- E:\GRY\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc) SRV - [2006-10-23 13:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-12-10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011-11-13 20:12:45 | 000,052,216 | ---- | M] (G Data Software AG) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys -- (GDTdiInterceptor) DRV - [2011-11-13 20:12:43 | 000,039,544 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\HookCentre.sys -- (HookCentre) DRV - [2011-11-13 20:12:42 | 000,079,608 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV - [2011-11-13 20:12:42 | 000,040,440 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\GDBehave.sys -- (GDBehave) DRV - [2011-11-05 16:30:10 | 000,069,112 | ---- | M] (G Data Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\GRD.sys -- (GRD) DRV - [2010-03-01 10:43:16 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM) DRV - [2010-03-01 10:43:12 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm) DRV - [2010-03-01 10:43:12 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM) DRV - [2010-03-01 10:43:12 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex) DRV - [2010-03-01 10:43:12 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl) DRV - [2010-03-01 10:43:10 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM) DRV - [2010-03-01 10:43:10 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS) DRV - [2010-01-28 15:25:05 | 000,058,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA) DRV - [2006-12-14 09:44:06 | 000,085,120 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2006-11-15 07:34:00 | 004,225,920 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2003-01-10 22:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1645522239-1177238915-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl./ IE - HKU\S-1-5-21-1645522239-1177238915-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1645522239-1177238915-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-21-1645522239-1177238915-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "about:home" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Documents and Settings\All Users\Dane aplikacji\NexonUS\NGM\npNxGameUS.dll File not found FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll File not found FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-12-04 12:02:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\User\Dane aplikacji\IDM\idmmzcc5 [2011-07-11 22:17:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Extensions [2011-12-27 19:38:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\7x1rmprq.default\extensions [2011-10-17 22:10:11 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\7x1rmprq.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2011-11-13 15:31:55 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\7x1rmprq.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011-12-04 12:02:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-11-13 20:12:39 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad} [2011-11-05 16:18:22 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2011-09-17 23:43:03 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru () (No name found) -- C:\DOCUMENTS AND SETTINGS\USER\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\7X1RMPRQ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011-11-21 05:42:37 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-11-21 02:31:40 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-11-21 02:31:40 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-11-21 02:31:40 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-11-21 02:31:40 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-11-21 02:31:40 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-11-21 02:31:40 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2012-01-02 21:12:37 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\WebFilter\AvkWebIE.dll (G Data Software AG) O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG) O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\WebFilter\AvkWebIE.dll (G Data Software AG) O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-1645522239-1177238915-839522115-1004..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1645522239-1177238915-839522115-1004..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1645522239-1177238915-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1645522239-1177238915-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1645522239-1177238915-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1645522239-1177238915-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O15 - HKU\S-1-5-21-1645522239-1177238915-839522115-1004\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A186B269-B46C-40DF-B5AC-2C3ACFA68282}: NameServer = 194.204.159.1,213.199.255.10 O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-07-11 17:07:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-07-19 11:20:15 | 000,000,000 | ---D | M] - E:\AUTODATA.3.24 -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-01-02 21:38:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2012-01-02 21:32:11 | 000,000,000 | RHSD | C] -- C:\cmdcons [2012-01-02 20:58:24 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2012-01-02 20:58:24 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2012-01-02 20:58:24 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2012-01-02 20:58:24 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2012-01-02 20:57:54 | 000,000,000 | ---D | C] -- C:\Qoobox [2012-01-02 20:51:52 | 004,360,898 | R--- | C] (Swearware) -- C:\Documents and Settings\User\Pulpit\ComboFix.exe [2012-01-02 20:48:18 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\User\Pulpit\tdsskiller.exe [2011-12-31 23:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\Blood and Bone.2009.DVDRip.DZ.Napisy.PL [2011-12-31 23:15:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\Elita zabójców Killer Elite (2011) PL.SUBBED.READNFO.HDRip.XviD-MORS NAPISY PL [2011-12-16 19:56:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Ubisoft Game Launcher [2011-12-16 19:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2011-12-16 19:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Moje dokumenty\Assassin's Creed Revelations [2011-12-16 14:03:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dane aplikacji\PunkBuster [2011-12-16 14:03:14 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft [2011-12-16 14:02:24 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll [2011-12-16 14:02:24 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll [2011-12-16 14:02:23 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll [2011-12-16 14:02:23 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll [2011-12-16 14:02:22 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll [2011-12-16 14:02:22 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll [2011-12-16 14:02:21 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll [2011-12-16 14:02:21 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll [2011-12-16 14:00:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ubisoft [2011-12-15 22:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\Steam [2011-12-15 19:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Dragon UnPACKer 5 [2011-12-15 19:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\Dragon UnPACKer 5 [2011-07-11 18:23:19 | 003,509,760 | ---- | C] (Karol Winnicki) -- C:\Program Files\BESTplayer.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-01-02 22:49:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-01-02 22:45:46 | 000,134,144 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-01-02 22:44:44 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2012-01-02 22:44:42 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1645522239-1177238915-839522115-1004.job [2012-01-02 21:32:22 | 000,000,331 | RHS- | M] () -- C:\boot.ini [2012-01-02 21:12:37 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2012-01-02 20:52:03 | 004,360,898 | R--- | M] (Swearware) -- C:\Documents and Settings\User\Pulpit\ComboFix.exe [2012-01-02 20:48:23 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\User\Pulpit\tdsskiller.exe [2012-01-01 21:48:42 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\User\Dane aplikacji\winscp.rnd [2012-01-01 15:48:11 | 000,556,160 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-01-01 15:48:11 | 000,493,888 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-01-01 15:48:11 | 000,105,192 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-01-01 15:48:11 | 000,084,432 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-01-01 15:45:30 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-12-31 00:06:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1645522239-1177238915-839522115-1004.job [2011-12-25 18:26:19 | 000,717,254 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\topbanda.bmp [2011-12-25 18:25:33 | 001,239,446 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\top20.bmp [2011-12-16 14:00:54 | 000,000,809 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Assassin's Creed Revelations.lnk [2011-12-14 15:58:29 | 000,176,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-12-14 09:21:12 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011-12-13 22:39:17 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\PUTTY.RND [2011-12-10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011-12-04 19:08:43 | 000,476,427 | ---- | M] () -- C:\WINDOWS\System32\sig.bin [2011-12-04 19:08:43 | 000,034,700 | ---- | M] () -- C:\WINDOWS\System32\nmp.map [2011-12-04 12:02:41 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-01-02 21:32:22 | 000,000,215 | ---- | C] () -- C:\Boot.bak [2012-01-02 21:32:14 | 000,262,400 | RHS- | C] () -- C:\cmldr [2012-01-02 20:58:24 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2012-01-02 20:58:24 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2012-01-02 20:58:24 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2012-01-02 20:58:24 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2012-01-02 20:58:24 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011-12-31 23:16:23 | 1466,703,872 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\The.Expendables.2010.R5.XviD.AC3-DW.avi [2011-12-25 18:26:18 | 000,717,254 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\topbanda.bmp [2011-12-25 18:25:32 | 001,239,446 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\top20.bmp [2011-12-16 14:03:54 | 000,189,248 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2011-12-16 14:03:52 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2011-12-16 14:00:54 | 000,000,809 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Assassin's Creed Revelations.lnk [2011-12-04 14:38:36 | 000,005,174 | ---- | C] () -- C:\WINDOWS\System32\nppt9x.vxd [2011-11-05 22:24:17 | 000,476,427 | ---- | C] () -- C:\WINDOWS\System32\sig.bin [2011-10-09 02:10:05 | 000,241,632 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2011-09-10 00:19:09 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat [2011-08-21 11:19:32 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll [2011-08-21 11:19:32 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll [2011-08-21 11:19:32 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll [2011-08-21 11:19:31 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll [2011-08-17 22:31:42 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\User\Dane aplikacji\winscp.rnd [2011-08-17 17:57:58 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\PUTTY.RND [2011-07-11 22:17:16 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011-07-11 18:55:25 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2011-07-11 18:42:33 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-07-11 18:39:29 | 000,176,264 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-07-11 18:21:58 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011-07-11 18:20:10 | 000,134,144 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-07-11 17:26:51 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2011-07-11 17:08:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-07-11 17:03:37 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011-05-31 07:39:50 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll [2011-05-31 07:38:18 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll [2010-04-03 23:55:31 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2010-04-02 16:17:34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2006-03-02 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2006-03-02 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2006-03-02 13:00:00 | 000,556,160 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2006-03-02 13:00:00 | 000,493,888 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2006-03-02 13:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2006-03-02 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2006-03-02 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2006-03-02 13:00:00 | 000,105,192 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2006-03-02 13:00:00 | 000,084,432 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2006-03-02 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2006-03-02 13:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2006-03-02 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2006-03-02 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2006-03-02 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2006-03-02 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2006-03-02 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [color=#E56717]========== LOP Check ==========[/color] [2011-10-09 14:38:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BioWare [2011-07-15 20:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-11-05 16:23:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\G DATA [2011-07-11 22:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2011-09-05 16:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Native Instruments [2011-10-03 20:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nexon [2011-10-09 12:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU [2011-10-09 13:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonUS [2011-10-03 17:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2011-12-16 19:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2011-08-15 15:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Viewpoint [2011-07-12 09:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\.minecraft [2011-07-11 18:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\BESTplayer [2011-08-12 22:25:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\BitCometLite [2011-12-15 14:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\DAEMON Tools Lite [2011-10-06 09:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\DMCache [2011-10-08 21:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\FOG Downloader [2011-07-12 01:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Gadu-Gadu 10 [2011-09-05 20:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\IVONA ControlCenter [2011-07-11 18:10:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Opera [2011-12-16 14:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\PunkBuster [2011-12-30 18:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\X-Chat 2 [color=#E56717]========== Purity Check ==========[/color] < End of report >

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2012-01-02 22:50:40 - Run 4 OTL by OldTimer - Version 3.2.31.0 Folder = D:\Jdownloader Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 87,79% Memory free 3,85 Gb Paging File | 3,79 Gb Available in Paging File | 98,37% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 53,79 Gb Free Space | 55,08% Space Free | Partition Type: NTFS Drive D: | 649,42 Gb Total Space | 526,24 Gb Free Space | 81,03% Space Free | Partition Type: NTFS Drive E: | 650,19 Gb Total Space | 599,67 Gb Free Space | 92,23% Space Free | Partition Type: NTFS Computer Name: KOMP | User Name: User | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-1645522239-1177238915-839522115-1004\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [[ Odkurz tutaj ]] -- C:\Program Files\Odkurzacz\odkurzacz.exe %1 (Franmo Software) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 1 "DisableThumbnailCache" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "58883:TCP" = 58883:TCP:*:Enabled:Pando Media Booster "58883:UDP" = 58883:UDP:*:Enabled:Pando Media Booster [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "58883:TCP" = 58883:TCP:*:Enabled:Pando Media Booster "58883:UDP" = 58883:UDP:*:Enabled:Pando Media Booster "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.) "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\X-Chat 2\xchat.exe" = C:\Program Files\X-Chat 2\xchat.exe:*:Enabled:X-Chat IRC Client -- () "C:\Program Files\Common Files\aol\acs\AOLDial.exe" = C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (AOL LLC) "C:\Program Files\Common Files\aol\acs\AOLacsd.exe" = C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC) "C:\Program Files\Common Files\aol\1313417367\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1313417367\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL LLC) "C:\Program Files\AOL 9.5\waol.exe" = C:\Program Files\AOL 9.5\waol.exe:*:Enabled:AOL -- (AOL, LLC.) "C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL LLC) "C:\Program Files\Common Files\aol\Loader\aolload.exe" = C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC) "C:\Program Files\Common Files\aol\System Information\sinf.exe" = C:\Program Files\Common Files\aol\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC) "D:\GRY\Left 4 Dead 2\left4dead2.exe" = D:\GRY\Left 4 Dead 2\left4dead2.exe:*:Enabled:left4dead2 -- () "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () "C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine.exe -- () "E:\GRY\Dragon Age\bin_ship\daorigins.exe" = E:\GRY\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Początek Gra -- (BioWare) "E:\GRY\Dragon Age\DAOriginsLauncher.exe" = E:\GRY\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Początek Program startowy -- (BioWare) "E:\GRY\Dragon Age\bin_ship\daupdatersvc.service.exe" = E:\GRY\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Początek Aktualizator -- (BioWare) "E:\GRY\Metin2\metin2.exe" = E:\GRY\Metin2\metin2.exe:*:Enabled:metin2 -- () "E:\GRY\Metin2\metin2.bin" = E:\GRY\Metin2\metin2.bin:*:Enabled:metin2 -- () "E:\GRY\Metin2\metin2client.bin" = E:\GRY\Metin2\metin2client.bin:*:Enabled:metin2client -- () "E:\GRY\Metin2\metin2mod_2011sf.exe" = E:\GRY\Metin2\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf -- () "E:\GRY\Kopia Metin2\metin2.exe" = E:\GRY\Kopia Metin2\metin2.exe:*:Enabled:metin2 -- () "E:\GRY\Kopia Metin2\metin2client.bin" = E:\GRY\Kopia Metin2\metin2client.bin:*:Disabled:metin2client -- () "E:\GRY\Kopia Metin2\metin2mod_2011sf.exe" = E:\GRY\Kopia Metin2\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf -- () "E:\GRY\Metin2_PL\metin2.bin" = E:\GRY\Metin2_PL\metin2.bin:*:Enabled:metin2 -- () "E:\GRY\Metin2_PL\metin2.exe" = E:\GRY\Metin2_PL\metin2.exe:*:Enabled:metin2 -- () "E:\GRY\Metin2_PL\metin2client.bin" = E:\GRY\Metin2_PL\metin2client.bin:*:Enabled:metin2client -- () "E:\GRY\Metin2_PL\metin2client.exe" = E:\GRY\Metin2_PL\metin2client.exe:*:Enabled:metin2client -- () "E:\GRY\Kopia Metin2_PL\metin2.exe" = E:\GRY\Kopia Metin2_PL\metin2.exe:*:Enabled:metin2 -- () "E:\GRY\Kopia Metin2_PL\metin2client.bin" = E:\GRY\Kopia Metin2_PL\metin2client.bin:*:Enabled:metin2client -- () "E:\GRY\Kopia Metin2_PL\metin2client.exe" = E:\GRY\Kopia Metin2_PL\metin2client.exe:*:Enabled:metin2client -- () "E:\GRY\Kopia (2) Metin2_PL\metin2client.exe" = E:\GRY\Kopia (2) Metin2_PL\metin2client.exe:*:Enabled:metin2client -- () "E:\GRY\Kopia (2) Metin2_PL\metin2client2.exe" = E:\GRY\Kopia (2) Metin2_PL\metin2client2.exe:*:Enabled:metin2client2 -- () "C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- () "E:\GRY\Assassin's Creed Revelations\ACRSP.exe" = E:\GRY\Assassin's Creed Revelations\ACRSP.exe:*:Enabled:Assassin's Creed Revelations -- () "E:\GRY\Assassin's Creed Revelations\ACRMP.exe" = E:\GRY\Assassin's Creed Revelations\ACRMP.exe:*:Enabled:Assassin's Creed Revelations Multiplayer -- () "E:\GRY\Assassin's Creed Revelations\AssassinsCreedRevelations.exe" = E:\GRY\Assassin's Creed Revelations\AssassinsCreedRevelations.exe:*:Enabled:Assassin's Creed Revelations Update -- (Ubisoft) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0E892FBB-0060-44C9-9E8C-017855956193}" = DBO_CT_TW "{1AD8819A-70E8-4380-92DA-F5B2421DAE35}" = G Data AntiVirus 2012 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm "{45410935-B52C-468A-A836-0D1000018202}" = BulletStorm "{45410935-B52C-468A-A836-0D1000018203}" = BulletStorm "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones "{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5 "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher "{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX "{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1) "{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver "{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Początek "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.217 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE "{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl "1489-3350-5074-6281" = JDownloader 0.9 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0 "AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove) "Audacity_is1" = Audacity 1.2.3 "BandiMPEG1" = Bandisoft MPEG-1 Decoder "DragonUnPACKer5_is1" = Dragon UnPACKer 5 "Gadu-Gadu 10" = Gadu-Gadu 10 "GenoPro" = GenoPro "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie8" = Windows Internet Explorer 8 "KLiteCodecPack_is1" = K-Lite Codec Pack 7.2.0 (Standard) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.60.0.1800 "Metin2_is1" = Metin2 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Mozilla Firefox 8.0.1 (x86 pl)" = Mozilla Firefox 8.0.1 (x86 pl) "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "Odkurzacz 12.6_is1" = Odkurzacz 12.6 "Opera 11.60.1185" = Opera 11.60 "PunkBusterSvc" = PunkBuster Services "RealAlt_is1" = Real Alternative 2.0.2 "ViewpointMediaPlayer" = Viewpoint Media Player "WIC" = Windows Imaging Component "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR 4.01 (32-bitowy) "winscp3_is1" = WinSCP 4.3.4 "WMFDist11" = Windows Media Format 11 runtime "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "X-Chat 2_is1" = X-Chat 2.8.6-2 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1645522239-1177238915-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "NCsoft-Lineage2" = Lineage II "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-11-27 16:41:18 | Computer Name = KOMP | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca OTL.exe, wersja 3.2.31.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-11-27 17:06:39 | Computer Name = KOMP | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd AVKProxy.exe, wersja 1.5.11250.801, moduł powodujący błąd BehaviourService.dll, wersja 22.0.11250.178, adres błędu 0x0006f6ce. Error - 2011-11-27 18:49:28 | Computer Name = KOMP | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca OTL.exe, wersja 3.2.31.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-11-28 02:09:38 | Computer Name = KOMP | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca OTL.exe, wersja 3.2.31.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-11-28 04:08:59 | Computer Name = KOMP | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd acrord32.exe, wersja 10.1.1.33, moduł powodujący błąd acrord32.dll, wersja 10.1.1.33, adres błędu 0x000218f8. Error - 2011-11-28 15:17:51 | Computer Name = KOMP | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd AVKProxy.exe, wersja 1.5.11250.801, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x00018ee4. Error - 2011-11-30 11:40:52 | Computer Name = KOMP | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca OTL.exe, wersja 3.2.31.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-12-03 07:54:00 | Computer Name = KOMP | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 8.0.0.4325, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-12-03 08:28:47 | Computer Name = KOMP | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd AVKProxy.exe, wersja 1.5.11250.801, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x000192f9. Error - 2011-12-03 09:40:35 | Computer Name = KOMP | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd AVKProxy.exe, wersja 1.5.11250.801, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x00010a19. [ System Events ] Error - 2012-01-02 16:51:27 | Computer Name = KOMP | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 2012-01-02 16:52:55 | Computer Name = KOMP | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: avgio Error - 2012-01-02 17:44:55 | Computer Name = KOMP | Source = sr | ID = 1 Description = Filtr Przywracania systemu napotkał nieoczekiwany błąd '0xC0000001' podczas przetwarzania pliku '' w woluminie 'HarddiskVolume1'. W rezultacie zostało zatrzymane monitorowanie woluminu. Error - 2012-01-02 17:45:08 | Computer Name = KOMP | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: avgio Error - 2012-01-02 17:50:04 | Computer Name = KOMP | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 2012-01-02 17:50:05 | Computer Name = KOMP | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi netman z argumentami „” w celu uruchomienia serwera: {BA126AE5-2166-11D1-B1D0-00805FC1270E} Error - 2012-01-02 17:50:56 | Computer Name = KOMP | Source = Service Control Manager | ID = 7001 Description = Usługa Klient DHCP zależy od usługi NetBios przez TCP/IP, której nie można uruchomić z powodu następującego błędu: %%31 Error - 2012-01-02 17:50:56 | Computer Name = KOMP | Source = Service Control Manager | ID = 7001 Description = Usługa Klient DNS zależy od usługi Sterownik protokołu TCP/IP, której nie można uruchomić z powodu następującego błędu: %%31 Error - 2012-01-02 17:50:56 | Computer Name = KOMP | Source = Service Control Manager | ID = 7001 Description = Usługa Pomoc TCP/IP NetBIOS zależy od usługi AFD, której nie można uruchomić z powodu następującego błędu: %%31 Error - 2012-01-02 17:50:56 | Computer Name = KOMP | Source = Service Control Manager | ID = 7001 Description = Usługa Usługi IPSEC zależy od usługi Sterownik IPSEC, której nie można uruchomić z powodu następującego błędu: %%31 < End of report >

PS. Zauważyłem już znaczną poprawę - komputer uruchamia się za każdym razem

**Posty:** 18165 · przez **wojtas** 03 Sty 2012, 11:23

miałeś dać opcję Cure a nie delete

Gdrv.sys te jest od Gigabyte, masz od tego producenta płyte główną ? w takim razie przeinstaluj stery

NpptNT2.sys jest plikiem związanym z Internetem według tego : http://www.runscanner.net/lib/npptNT2.sys.html

Na klawiaturze znajdź przycisk z flagą Windows oraz R ( naciśnij oba) wyskoczy okienko, w którym wklej:

"C:\Documents and Settings\User\Pulpit\ComboFix.exe" /uninstall

i zatwierdź

*Uruchom OTL z opcji sprzątanie.
* wykonaj optymalizację Windowsa ( instrukcja dla Windowsa XP, lecz w innych systemach jest podobnie )
* zrób pełny skan Malwarebytes Anti-Malware (zaktualizuj, usuń co znajdzie )
* Skasuj stan przywracania systemu

Zaktualizuj zabezpieczenia:

>>> Java™ 6
>>> Mozilla Firefox
>>> Adobe Flash Player

napisz jak sytuacja z komputerem