Problem z przeglądaniem stron,podłączeniem telefonu

**Posty:** 653 · przez **holi12** 12 Paź 2009, 21:16

jak w temacie.Komenda netstat pokazuje mnóstwó połączen
SilentRunners

Kod: Zaznacz wszystko: "Silent Runners.vbs", revision 59, http://www.silentrunners.org/ Operating System: Windows XP Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} "NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS] "avast!" = "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" ["ALWIL Software"] "NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"] "NeroCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"] HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\ >{26923b43-4d38-484f-9b9e-de460746276c}\(Default) = "Internet Explorer" \StubPath = "C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE" [MS] >{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\(Default) = "Outlook Express" \StubPath = "C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE" [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania" -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania" \InProcServer32\(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" \InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."] "{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class" -> {HKLM...CLSID} = "DesktopContext Class" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"] "{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper" -> {HKLM...CLSID} = "NVIDIA CPL Extension" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"] "{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer" -> {HKLM...CLSID} = "Desktop Explorer" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] "{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] "{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu" -> {HKLM...CLSID} = "nView Desktop Context Menu" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}" = "Groove GFS Explorer Bar" -> {HKLM...CLSID} = "Groove Folder Synchronization" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{A449600E-1DC6-4232-B948-9BD794D62056}" = "Groove GFS Stub Icon Handler" -> {HKLM...CLSID} = "Groove GFS Stub Icon Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" = "Groove GFS Stub Execution Hook" -> {HKLM...CLSID} = "Groove GFS Stub Execution Hook" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{6C467336-8281-4E60-8204-430CED96822D}" = "Groove GFS Context Menu Handler" -> {HKLM...CLSID} = "Groove GFS Context Menu Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{387E725D-DC16-4D76-B310-2C93ED4752A0}" = "Groove XML Icon Handler" -> {HKLM...CLSID} = "Groove XML Icon Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{16F3DD56-1AF5-4347-846D-7C10C4192619}" = "Groove Explorer Icon Overlay 3 (GFS Folder)" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 3 (GFS Folder)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}" = "Groove Explorer Icon Overlay 2 (GFS Stub)" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2 (GFS Stub)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}" = "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{99FD978C-D287-4F50-827F-B2C658EDA8E7}" = "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{920E6DB1-9907-4370-B3A0-BAFC03D81399}" = "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler" -> {HKLM...CLSID} = "Outlook File Icon Extension" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL" [MS] "{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler" -> {HKLM...CLSID} = "Microsoft Office Outlook" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL" [MS] "{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C}" = "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" -> {HKLM...CLSID} = "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL" [MS] "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\msohevi.dll" [MS] "{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" = "Microsoft Office Metadata Handler" -> {HKLM...CLSID} = "Microsoft Office Metadata Handler" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll" [MS] "{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" = "Microsoft Office Thumbnail Handler" -> {HKLM...CLSID} = "Microsoft Office Thumbnail Handler" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll" [MS] "{472083B0-C522-11CF-8763-00608CC02F24}" = "avast" -> {HKLM...CLSID} = "avast" \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"] "{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}" = "Nokia Phone Browser" -> {HKLM...CLSID} = "Nokia Phone Browser" \InProcServer32\(Default) = "C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll" ["Nokia"] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\ <<!>> "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" = "Groove GFS Stub Execution Hook" -> {HKLM...CLSID} = "Groove GFS Stub Execution Hook" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\ <<!>> text/xml\CLSID = "{807563E5-5146-11D5-A672-00B0D022E945}" -> {HKLM...CLSID} = "Microsoft Office InfoPath XML Mime Filter" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL" [MS] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info" -> {HKLM...CLSID} = "PDF Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}" -> {HKLM...CLSID} = "avast" \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}" -> {HKLM...CLSID} = "Groove GFS Context Menu Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}" -> {HKLM...CLSID} = "Groove GFS Context Menu Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}" -> {HKLM...CLSID} = "avast" \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}" -> {HKLM...CLSID} = "Groove GFS Context Menu Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}" -> {HKLM...CLSID} = "Groove GFS Context Menu Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] Default executables: -------------------- <<!>> HKLM\SOFTWARE\Classes\.com\(Default) = "ComFile" Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ "NoDrives" = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ "NoDrives" = (REG_DWORD) dword:0x00000000 {unrecognized setting} "HonorAutoRunSetting" = (REG_DWORD) dword:0x00000001 {unrecognized setting} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ "shutdownwithoutlogon" = (REG_DWORD) dword:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} "undockwithoutlogon" = (REG_DWORD) dword:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} "DisableRegistryTools" = (REG_DWORD) dword:0x00000000 {unrecognized setting} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ "Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp" Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ "Wallpaper" = "C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp" Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ MPCPlayCDAudioOnArrival\ "Provider" = "Media Player Classic" "InvokeProgID" = "MediaPlayerClassic.Autorun" "InvokeVerb" = "PlayCDAudio" HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayCDAudio\command\(Default) = ""C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe" %1 /cd" ["mpc-hc@Sourceforge"] MPCPlayDVDMovieOnArrival\ "Provider" = "Media Player Classic" "InvokeProgID" = "MediaPlayerClassic.Autorun" "InvokeVerb" = "PlayDVDMovie" HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayDVDMovie\command\(Default) = ""C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe" %1 /dvd" ["mpc-hc@Sourceforge"] MPCPlayMusicFilesOnArrival\ "Provider" = "Media Player Classic" "InvokeProgID" = "MediaPlayerClassic.Autorun" "InvokeVerb" = "PlayMusicFiles" HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayMusicFiles\command\(Default) = ""C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe" %1" ["mpc-hc@Sourceforge"] MPCPlayVideoFilesOnArrival\ "Provider" = "Media Player Classic" "InvokeProgID" = "MediaPlayerClassic.Autorun" "InvokeVerb" = "PlayVideoFiles" HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayVideoFiles\command\(Default) = ""C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe" %1" ["mpc-hc@Sourceforge"] NeroAutoPlay9LaunchNeroStartSmart\ "Provider" = "Nero StartSmart" "InvokeProgID" = "Nero.AutoPlay8" "InvokeVerb" = "LaunchNeroStartSmart_HandleCDBurningOnArrival" HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\LaunchNeroStartSmart_HandleCDBurningOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe /AutoPlay" ["Nero AG"] NeroAutoPlay9VideoCapture\ "Provider" = "Nero Vision" "ProgID" = "Shell.HWEventHandlerShellExecute" "InitCmdLine" = ""C:\Program Files\Nero\Nero 9\Nero Vision\NeroVision.exe" /New:VideoCapture" HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = "{FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" -> {HKLM...CLSID} = "ShellExecute HW Event Handler" \LocalServer32\(Default) = "rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" [MS] Picasa2ImportPicturesOnArrival\ "Provider" = "Picasa3" "InvokeProgID" = "picasa2.autoplay" "InvokeVerb" = "import" HKLM\SOFTWARE\Classes\picasa2.autoplay\shell\import\command\(Default) = "C:\Program Files\Google\Picasa3\Picasa3.exe "%1"" ["Google Inc."] WinampMTPHandler\ "Provider" = "Winamp" "ProgID" = "Shell.HWEventHandlerShellExecute" "InitCmdLine" = "C:\Program Files\Winamp\winamp.exe" HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = "{FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" -> {HKLM...CLSID} = "ShellExecute HW Event Handler" \LocalServer32\(Default) = "rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" [MS] WinampPlayMediaOnArrival\ "Provider" = "Winamp" "InvokeProgID" = "Winamp.File" "InvokeVerb" = "Play" HKLM\SOFTWARE\Classes\Winamp.File\shell\Play\command\(Default) = ""C:\Program Files\Winamp\winamp.exe" "%1"" ["Nullsoft"] HKLM\SOFTWARE\Classes\Winamp.File\shell\Play\DropTarget\CLSID = "{46986115-84D6-459c-8F95-52DD653E532E}" -> {HKLM...CLSID} = (no title provided) \LocalServer32\(Default) = ""C:\Program Files\Winamp\winamp.exe"" ["Nullsoft"] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 15 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Explorer Bars HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ HKLM\SOFTWARE\Classes\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}\(Default) = "Groove Folder Synchronization" Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Poszukaj" Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL" [MS]

HJT

Kod: Zaznacz wszystko: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:15:58, on 2009-10-12 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\Konnekt\konnekt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Opera\opera.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- End of file - 3117 bytes

DDS

Kod: Zaznacz wszystko: UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-10-12.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 2003-01-01 00:29:11 System Uptime: 2009-10-12 20:24:02 (1 hours ago) Motherboard: ASUSTek Computer INC. | | A8NE-FM Processor: AMD Athlon(tm) 64 Processor 3500+ | Socket 939 | 2211/200mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 37 GiB total, 12,477 GiB free. D: is FIXED (NTFS) - 38 GiB total, 23,835 GiB free. E: is FIXED (NTFS) - 37 GiB total, 11,486 GiB free. F: is FIXED (NTFS) - 38 GiB total, 18,45 GiB free. G: is CDROM () H: is CDROM () I: is CDROM () K: is CDROM () ==== Disabled Device Manager Items ============= Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Karta sieciowa 1394 Device ID: V1394\NIC1394\25B78111D800 Manufacturer: Microsoft Name: Karta sieciowa 1394 PNP Device ID: V1394\NIC1394\25B78111D800 Service: NIC1394 ==== System Restore Points =================== RP167: 2009-07-17 21:33:59 - Removed Nero 9 Trial 4.4.8.1 RP168: 2009-07-19 00:56:11 - Removed Multimedia Card Reader RP169: 2009-07-21 10:30:12 - Punkt kontrolny systemu RP170: 2009-07-22 11:17:38 - Punkt kontrolny systemu RP171: 2009-07-23 21:06:59 - Punkt kontrolny systemu RP172: 2009-07-24 23:14:00 - Punkt kontrolny systemu RP173: 2009-07-25 23:30:45 - Punkt kontrolny systemu RP174: 2009-07-27 12:45:05 - Punkt kontrolny systemu RP175: 2009-07-30 18:57:42 - Punkt kontrolny systemu RP176: 2009-07-31 20:57:50 - Punkt kontrolny systemu RP177: 2009-08-02 18:17:46 - Punkt kontrolny systemu RP178: 2009-08-05 14:11:53 - Punkt kontrolny systemu RP179: 2009-08-06 14:32:04 - Punkt kontrolny systemu RP180: 2009-08-07 15:27:27 - Punkt kontrolny systemu RP181: 2009-08-08 16:09:13 - Punkt kontrolny systemu RP182: 2009-08-10 01:35:23 - Punkt kontrolny systemu RP183: 2009-08-11 18:31:54 - Punkt kontrolny systemu RP184: 2009-08-12 19:27:52 - Punkt kontrolny systemu RP185: 2009-08-13 22:16:30 - Punkt kontrolny systemu RP186: 2009-08-17 14:28:20 - Punkt kontrolny systemu RP187: 2009-08-18 19:50:29 - Punkt kontrolny systemu RP188: 2009-08-20 13:57:40 - Punkt kontrolny systemu RP189: 2009-08-20 18:04:17 - Installed Windows XP Wdf01007. RP190: 2009-08-22 06:23:57 - Punkt kontrolny systemu RP191: 2009-08-24 18:26:03 - Punkt kontrolny systemu RP192: 2009-08-25 07:39:40 - Software Distribution Service 3.0 RP193: 2009-08-25 08:12:39 - Software Distribution Service 3.0 RP194: 2009-08-25 08:30:53 - Zainstalowane sterowniki drukarek: Microsoft XPS Document Write RP195: 2009-08-26 12:42:37 - Removed MSXML 4.0 SP2 (KB954430) RP196: 2009-08-28 21:50:08 - Punkt kontrolny systemu RP197: 2009-08-31 11:17:24 - Punkt kontrolny systemu RP198: 2009-09-02 08:53:21 - Punkt kontrolny systemu RP199: 2009-09-03 20:19:59 - Punkt kontrolny systemu RP200: 2009-09-04 23:18:56 - Usunięto: Opera 9.64 RP201: 2009-09-04 23:19:04 - Installed Opera 10.00. RP202: 2009-09-08 15:44:43 - Punkt kontrolny systemu RP203: 2009-09-13 22:00:38 - Removed Multimedia Card Reader RP204: 2009-09-14 22:52:07 - Punkt kontrolny systemu RP205: 2009-09-15 22:53:39 - Punkt kontrolny systemu RP206: 2009-09-16 23:02:42 - Punkt kontrolny systemu RP207: 2009-09-18 09:57:59 - Punkt kontrolny systemu RP208: 2009-09-18 11:44:47 - Installed Nero 9 Essentials 4.4.9.0 RP209: 2009-09-21 12:15:52 - Punkt kontrolny systemu RP210: 2009-09-22 17:41:59 - Punkt kontrolny systemu RP211: 2009-09-23 17:50:02 - Punkt kontrolny systemu RP212: 2009-09-24 18:10:05 - Punkt kontrolny systemu RP213: 2009-09-25 18:55:12 - Punkt kontrolny systemu RP214: 2009-09-27 13:43:54 - Punkt kontrolny systemu RP215: 2009-09-28 14:24:22 - Punkt kontrolny systemu RP216: 2009-09-29 12:52:11 - Installed FIFA 09 RP217: 2009-09-30 21:17:36 - Punkt kontrolny systemu RP218: 2009-10-02 12:51:06 - Punkt kontrolny systemu RP219: 2009-10-03 13:14:11 - Punkt kontrolny systemu RP220: 2009-10-04 17:05:22 - Punkt kontrolny systemu RP221: 2009-10-06 15:03:30 - Punkt kontrolny systemu RP222: 2009-10-07 20:25:54 - Punkt kontrolny systemu RP223: 2009-10-10 18:47:53 - ComboFix created restore point RP224: 2009-10-12 19:05:09 - Punkt kontrolny systemu RP225: 2009-10-12 20:01:44 - Removed Nokia Connectivity Cable Driver ==== Installed Programs ====================== Adobe Flash Player 10 Plugin Adobe Flash Player ActiveX Adobe Reader 9.1.3 - Polish Adobe Shockwave Player Advertising Center AGEIA PhysX v7.11.13 Archiwizator WinRAR Athlon 64 Processor Driver µTorrent avast! Antivirus CCleaner (remove only) Cool & Quiet CorelDRAW Graphics Suite X3 FIFA 09 FontNav HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows XP (KB954550-v5) ImagXpress Java(TM) 6 Update 13 K-Lite Codec Pack 4.7.5 (Full) Konnekt Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft Office Access MUI (Polish) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Polish) 2007 Microsoft Office Groove MUI (Polish) 2007 Microsoft Office InfoPath MUI (Polish) 2007 Microsoft Office OneNote MUI (Polish) 2007 Microsoft Office Outlook MUI (Polish) 2007 Microsoft Office PowerPoint MUI (Polish) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Polish) 2007 Microsoft Office Proofing (Polish) 2007 Microsoft Office Publisher MUI (Polish) 2007 Microsoft Office Shared MUI (Polish) 2007 Microsoft Office Word MUI (Polish) 2007 Microsoft Software Update for Web Folders (Polish) 12 Microsoft Visual C++ 2005 Redistributable MPPL 09 MSVC80_x86 Multimedia Card Reader Nero 9 Essentials Nero ControlCenter Nero Installer Nero Online Upgrade Nero StartSmart Nero StartSmart OEM neroxml NHL® 08 Nokia Connectivity Cable Driver Nokia PC Suite NVIDIA Drivers Opera 10.00 Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 4.1) Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.3) PC Connectivity Solution Picasa 3 PL Realtek AC'97 Audio SAMSUNG CDMA Modem Driver Set SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Samsung PC Studio 3 USB Driver Installer Skype™ 4.0 Update Manager VBA WebFldrs XP Winamp Windows Media Format Runtime Windows XP Service Pack 3 XML Paper Specification Shared Components Language Pack 1.0 XML Paper Specification Shared Components Pack 1.0 ==== End Of File ===========================

DDS

Kod: Zaznacz wszystko: DDS (Ver_09-10-12.01) - NTFSx86 Run by Dawid at 21:18:33,98 on 2009-10-12 Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_13 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.767.398 [GMT 2:00] AV: avast! antivirus 4.8.1351 [VPS 091011-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\Konnekt\konnekt.exe C:\Program Files\Opera\opera.exe C:\Documents and Settings\Dawid\Pulpit\dds.pif ============== Pseudo HJT Report =============== uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [NeroCheck] c:\windows\system32\NeroCheck.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-9-4 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-9-4 20560] R3 FStarForce;FStarForce;c:\windows\system32\drivers\FStarForce.sys [2009-5-27 9216] S3 qcusbmdm;Qualcomm Proprietary USB Driver (PID 3197);c:\windows\system32\drivers\qcusbmdm.sys [2009-4-30 59632] S3 qcusbser;Qualcomm Diagnostic Port 3197;c:\windows\system32\drivers\qcusbser.sys [2009-4-11 59632] S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\program files\common files\nero\nero backitup 4\NBService.exe [2009-7-20 935208] =============== Created Last 30 ================ 2009-10-12 20:21 <DIR> --d----- c:\program files\common files\PCSuite 2009-10-12 20:21 <DIR> --d----- c:\program files\common files\Nokia 2009-10-12 20:21 7,808 a------- c:\windows\system32\drivers\usbser_lowerfltj.sys 2009-10-12 20:21 7,808 a------- c:\windows\system32\drivers\usbser_lowerflt.sys 2009-10-12 20:21 22,016 a------- c:\windows\system32\drivers\ccdcmbo.sys 2009-10-12 20:21 1,112,288 a------- c:\windows\system32\wdfcoinstaller01007.dll 2009-10-12 20:21 659,968 a------- c:\windows\system32\nmwcdcocls.dll 2009-10-12 20:21 17,664 a------- c:\windows\system32\drivers\ccdcmb.sys 2009-09-29 13:23 107,888 a------- c:\windows\system32\CmdLineExt.dll 2009-09-18 11:45 <DIR> --d----- c:\program files\Nero ==================== Find3M ==================== 2009-10-11 08:10 236,544 a------- c:\windows\PEV.exe 2009-08-26 16:24 493,632 a------- c:\windows\system32\perfh015.dat 2009-08-26 16:24 84,916 a------- c:\windows\system32\perfc015.dat 2009-08-20 18:04 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf 2009-08-20 18:04 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf 2009-08-05 11:01 205,312 a------- c:\windows\system32\mswebdvd.dll 2009-07-18 23:23 98,304 a------- c:\windows\DUMP4565.tmp 2009-07-18 23:22 98,304 a------- c:\windows\DUMP4b80.tmp 2009-07-17 21:04 58,880 a------- c:\windows\system32\atl.dll 2009-05-15 20:47 23 a--sh--- c:\windows\system32\edacded0_x.dat ============= FINISH: 21:18:55,03 ===============

Dodano 12.10.2009 20:42:25:
RSIT

Kod: Zaznacz wszystko: Logfile of random's system information tool 1.06 (written by random/random) Run by Dawid at 2009-10-12 21:41:55 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 13 GB (33%) free of 38 GB Total RAM: 767 MB (49% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:41:56, on 2009-10-12 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\Konnekt\konnekt.exe C:\Program Files\Opera\opera.exe C:\Documents and Settings\Dawid\Pulpit\RSIT.exe C:\Program Files\Trend Micro\HijackThis\Dawid.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- End of file - 3128 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-06-28 8466432] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] C:\WINDOWS\system32\NvCpl.dll [2007-06-28 8466432] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe [2005-02-22 131072] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] C:\Program Files\uTorrent\uTorrent.exe [2009-09-27 289072] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Dawid^Menu Start^Programy^Autostart^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk] C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove" "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======List of files/folders created in the last 1 months====== 2009-10-12 21:41:55 ----D---- C:\rsit 2009-10-12 20:58:33 ----SHD---- C:\RECYCLER 2009-10-12 20:22:12 ----D---- C:\Program Files\DIFX 2009-10-12 20:21:54 ----D---- C:\Program Files\Common Files\PCSuite 2009-10-12 20:21:46 ----D---- C:\Program Files\Common Files\Nokia 2009-10-12 20:21:35 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll 2009-10-12 20:21:35 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll 2009-10-12 20:02:29 ----SHD---- C:\Config.Msi 2009-10-12 19:53:07 ----A---- C:\ComboFix.txt 2009-10-10 18:47:07 ----D---- C:\Qoobox 2009-09-29 13:23:33 ----A---- C:\WINDOWS\system32\CmdLineExt.dll 2009-09-29 13:01:33 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Leadertech 2009-09-18 11:49:16 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Nero 2009-09-18 11:45:36 ----D---- C:\Program Files\Nero 2009-09-18 11:34:00 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Ahead ======List of files/folders modified in the last 1 months====== 2009-10-12 21:18:34 ----D---- C:\WINDOWS\Prefetch 2009-10-12 20:58:34 ----D---- C:\WINDOWS 2009-10-12 20:30:28 ----D---- C:\WINDOWS\system32\drivers 2009-10-12 20:30:11 ----D---- C:\WINDOWS\system32 2009-10-12 20:30:10 ----HD---- C:\WINDOWS\inf 2009-10-12 20:29:47 ----D---- C:\WINDOWS\system32\CatRoot2 2009-10-12 20:24:58 ----D---- C:\WINDOWS\temp 2009-10-12 20:22:12 ----RD---- C:\Program Files 2009-10-12 20:22:10 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-10-12 20:22:09 ----SHD---- C:\WINDOWS\Installer 2009-10-12 20:21:54 ----D---- C:\Program Files\Common Files 2009-10-12 20:21:47 ----D---- C:\Program Files\Nokia 2009-10-12 19:51:38 ----D---- C:\WINDOWS\ERDNT 2009-10-12 19:50:39 ----A---- C:\WINDOWS\system.ini 2009-10-12 19:49:09 ----D---- C:\WINDOWS\AppPatch 2009-10-12 19:44:58 ----N---- C:\WINDOWS\SchedLgU.Txt 2009-10-11 08:10:09 ----A---- C:\WINDOWS\PEV.exe 2009-09-29 13:22:31 ----A---- C:\WINDOWS\NeroDigital.ini 2009-09-29 12:53:17 ----D---- C:\WINDOWS\system32\DirectX 2009-09-29 12:52:53 ----RSD---- C:\WINDOWS\assembly 2009-09-29 12:50:41 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\uTorrent 2009-09-27 01:05:56 ----D---- C:\Program Files\uTorrent 2009-09-18 11:47:11 ----D---- C:\Program Files\Common Files\Nero 2009-09-18 11:45:23 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Nero 2009-09-18 11:40:39 ----D---- C:\Program Files\Ahead 2009-09-13 21:59:59 ----D---- C:\Program Files\Mozilla Firefox 2009-09-13 21:59:55 ----D---- C:\Documents and Settings\Dawid\Dane aplikacji\Mozilla ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-08-17 26944] R1 AmdK8;Sterownik procesora AMD Athlon64; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-05-08 38400] R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2004-10-14 4962] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-08-17 114768] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-08-17 51376] R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632] R2 ASInsHelp;ASInsHelp; \??\C:\WINDOWS\system32\drivers\AsInsHelp32.sys [] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-08-17 94160] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-11-17 2297664] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-08-17 23152] R3 FStarForce;FStarForce; C:\WINDOWS\system32\DRIVERS\FStarForce.sys [2009-05-27 9216] R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-06-28 6807328] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-06 33536] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-06 12928] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208] R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 usbohci;Sterownik Miniport otwartego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152] S3 acf4u56m;acf4u56m; C:\WINDOWS\system32\drivers\acf4u56m.sys [] S3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800] S3 avpvz5ms;avpvz5ms; C:\WINDOWS\system32\drivers\avpvz5ms.sys [] S3 catchme;catchme; \??\C:\DOCUME~1\Dawid\USTAWI~1\Temp\catchme.sys [] S3 ctljystk;Port gier dla karty Creative SB Live!; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712] S3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904] S3 emu10k1;Sterownik Creative Interface Manager (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912] S3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664] S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 qcusbmdm;Qualcomm Proprietary USB Driver (PID 3197); C:\WINDOWS\system32\DRIVERS\qcusbmdm.sys [2003-03-11 59632] S3 qcusbser;Qualcomm Diagnostic Port 3197; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [2003-03-11 59632] S3 rtl8139;Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992] S3 sfman;Sterownik Creative SoundFont Manager (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-22 80272] S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-22 10864] S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-22 137884] S3 SunkFilt;Alcor Micro Corp Reader; \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys [] S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112] S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-10 152984] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-06-28 155716] R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920] S3 aspnet_state;Usuga stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952] -----------------EOF-----------------

**Posty:** 18165 · przez **wojtas** 12 Paź 2009, 23:11

daj loga z OTL (przyklejony)

**Posty:** 653 · przez **holi12** 12 Paź 2009, 23:36

Kod: Zaznacz wszystko: OTL logfile created on: 2009-10-12 23:31:51 - Run 1 OTL by OldTimer - Version 3.0.20.0 Folder = C:\Documents and Settings\Dawid\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 767,48 Mb Total Physical Memory | 243,02 Mb Available Physical Memory | 31,66% Memory free 1,46 Gb Paging File | 0,84 Gb Available in Paging File | 57,93% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37,26 Gb Total Space | 12,42 Gb Free Space | 33,33% Space Free | Partition Type: NTFS Drive D: | 38,34 Gb Total Space | 23,83 Gb Free Space | 62,17% Space Free | Partition Type: NTFS Drive E: | 37,26 Gb Total Space | 11,49 Gb Free Space | 30,83% Space Free | Partition Type: NTFS Drive F: | 38,34 Gb Total Space | 18,45 Gb Free Space | 48,12% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOM-9662BB46C9A Current User Name: Dawid Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-10-12 23:31:46 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dawid\Pulpit\OTL.exe PRC - [2009-08-28 13:13:02 | 00,832,808 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2009-08-17 18:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009-08-17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009-08-17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009-08-17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2009-08-17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009-06-25 15:12:42 | 01,414,144 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe PRC - [2009-04-10 13:12:20 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2008-09-12 19:21:22 | 01,345,376 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe PRC - [2008-04-14 23:51:52 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe PRC - [2008-04-14 23:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2007-06-28 18:43:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe PRC - [2007-05-28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe PRC - [2005-05-24 23:41:09 | 00,503,808 | ---- | M] (Stamina) -- C:\Program Files\Konnekt\konnekt.exe PRC - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-08-17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running]) SRV - [2009-08-17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running]) SRV - [2009-08-17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running]) SRV - [2009-08-17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running]) SRV - [2009-07-20 11:51:52 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0 [Disabled | Stopped]) SRV - [2009-06-02 10:10:08 | 00,637,952 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [Disabled | Stopped]) SRV - [2009-04-10 13:12:20 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running]) SRV - [2008-11-20 21:18:52 | 00,136,120 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped]) SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped]) SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2008-04-14 23:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2007-06-28 18:43:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running]) SRV - [2007-05-28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE [Auto | Running]) SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped]) SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped]) SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-08-17 18:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running]) DRV - [2009-08-17 18:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running]) DRV - [2009-08-17 18:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running]) DRV - [2009-08-17 18:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running]) DRV - [2009-08-17 18:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running]) DRV - [2009-08-17 18:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running]) DRV - [2009-06-03 21:26:29 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running]) DRV - [2009-05-27 21:04:19 | 00,009,216 | ---- | M] (SNEG) -- C:\WINDOWS\System32\DRIVERS\FStarForce.sys -- (FStarForce [On_Demand | Running]) DRV - [2009-02-09 08:37:56 | 00,007,808 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt [On_Demand | Stopped]) DRV - [2009-02-09 08:37:48 | 00,007,808 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev [On_Demand | Stopped]) DRV - [2009-02-09 08:37:46 | 00,022,016 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys -- (nmwcdc [On_Demand | Stopped]) DRV - [2009-02-09 08:37:46 | 00,017,664 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys -- (nmwcd [On_Demand | Stopped]) DRV - [2008-08-26 10:26:12 | 00,018,816 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped]) DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2008-04-14 01:15:30 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Stopped]) DRV - [2008-04-14 00:15:38 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbser.sys -- (usbser [On_Demand | Stopped]) DRV - [2008-04-13 23:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2008-04-13 22:05:40 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Stopped]) DRV - [2007-06-28 18:43:00 | 06,807,328 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running]) DRV - [2006-07-24 16:05:00 | 00,005,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen [System | Running]) DRV - [2005-12-22 12:24:52 | 00,137,884 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\sscdmdm.sys -- (sscdmdm [On_Demand | Stopped]) DRV - [2005-12-22 12:24:52 | 00,010,864 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\sscdmdfl.sys -- (sscdmdfl [On_Demand | Stopped]) DRV - [2005-12-22 12:24:50 | 00,080,272 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\sscdbus.sys -- (sscdbus [On_Demand | Stopped]) DRV - [2005-05-17 17:45:08 | 00,092,800 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus [Boot | Running]) DRV - [2005-04-06 03:22:30 | 00,012,928 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running]) DRV - [2005-04-06 03:22:28 | 00,033,536 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running]) DRV - [2004-12-08 19:16:30 | 00,038,468 | ---- | M] (Alcor Micro Corp.) -- C:\WINDOWS\System32\Drivers\sunkfilt.sys -- (SunkFilt [On_Demand | Stopped]) DRV - [2004-11-17 19:05:38 | 02,297,664 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running]) DRV - [2004-10-14 11:52:28 | 00,004,962 | R--- | M] () -- C:\WINDOWS\System32\drivers\AsIO.sys -- (AsIO [System | Running]) DRV - [2004-03-10 14:31:18 | 00,003,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys -- (ASInsHelp [Auto | Running]) DRV - [2003-03-11 00:12:06 | 00,059,632 | R--- | M] (QUALCOMM Incorporated) -- C:\WINDOWS\System32\DRIVERS\qcusbser.sys -- (qcusbser [On_Demand | Stopped]) DRV - [2003-03-11 00:12:06 | 00,059,632 | R--- | M] (QUALCOMM Incorporated) -- C:\WINDOWS\System32\DRIVERS\qcusbmdm.sys -- (qcusbmdm [On_Demand | Stopped]) DRV - [2001-08-17 22:19:34 | 00,036,480 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\sfmanm.sys -- (sfman [On_Demand | Stopped]) DRV - [2001-08-17 22:19:28 | 00,006,912 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\ctlfacem.sys -- (emu10k1 [On_Demand | Stopped]) DRV - [2001-08-17 22:19:26 | 00,283,904 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\emu10k1m.sys -- (emu10k [On_Demand | Stopped]) DRV - [2001-08-17 22:19:20 | 00,003,712 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\DRIVERS\ctljystk.sys -- (ctljystk [On_Demand | Stopped]) DRV - [2001-08-17 21:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-04-10 13:12:22 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-08-25 08:21:35 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-10-12 20:21:52 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-09-13 21:59:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-04-10 13:12:36 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2007-04-30 16:29:22 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll [2009-04-10 13:12:21 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2009-02-27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2009-07-15 17:36:52 | 00,000,747 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.12.7 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2003-01-01 01:25:54 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-09-18 11:34:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Ahead [2009-09-29 13:01:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Leadertech [2009-09-18 11:49:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Dane aplikacji\Nero [2009-10-12 20:21:46 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia [2009-10-12 20:21:54 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite [2009-10-12 20:22:12 | 00,000,000 | ---D | C] -- C:\Program Files\DIFX [2009-09-18 11:45:36 | 00,000,000 | ---D | C] -- C:\Program Files\Nero [2009-10-12 23:31:39 | 00,520,704 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dawid\Pulpit\OTL.exe [2009-10-12 21:41:55 | 00,000,000 | ---D | C] -- C:\rsit [2009-10-12 20:58:33 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2009-10-12 20:21:37 | 00,007,808 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys [2009-10-12 20:21:37 | 00,007,808 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys [2009-10-12 20:21:36 | 00,022,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys [2009-10-12 20:21:35 | 01,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01007.dll [2009-10-12 20:21:35 | 00,659,968 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll [2009-10-12 20:21:35 | 00,017,664 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys [2009-10-12 20:02:29 | 00,000,000 | -HSD | C] -- C:\Config.Msi [2009-10-10 18:47:07 | 00,000,000 | ---D | C] -- C:\Qoobox [2009-09-29 13:23:33 | 00,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2009-09-29 13:23:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dawid\Moje dokumenty\FIFA 09 [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [1 C:\WINDOWS\System32\*.tmp files] [2 C:\WINDOWS\*.tmp files] [2009-10-12 23:31:46 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dawid\Pulpit\OTL.exe [2009-10-12 22:10:47 | 00,052,681 | ---- | M] () -- C:\Documents and Settings\Dawid\Moje dokumenty\thumb.jpeg [2009-10-12 21:41:47 | 00,781,909 | ---- | M] () -- C:\Documents and Settings\Dawid\Moje dokumenty\RSIT.exe [2009-10-12 21:18:30 | 00,331,264 | ---- | M] () -- C:\Documents and Settings\Dawid\Moje dokumenty\dds.pif [2009-10-12 21:13:08 | 00,400,192 | ---- | M] () -- C:\Documents and Settings\Dawid\Pulpit\Silent Runners.vbs [2009-10-12 20:24:29 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-10-12 20:24:24 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-10-12 20:24:23 | 80,483,5328 | -HS- | M] () -- C:\hiberfil.sys [2009-10-12 20:23:41 | 03,203,708 | -H-- | M] () -- C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-10-12 20:21:56 | 00,001,763 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia PC Suite.lnk [2009-10-12 19:50:39 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2009-10-11 08:10:09 | 00,236,544 | ---- | M] () -- C:\WINDOWS\PEV.exe [2009-10-09 20:48:16 | 00,044,990 | ---- | M] () -- C:\Documents and Settings\Dawid\Moje dokumenty\1255113282_by_Balloo_500.jpg [2009-10-09 19:32:14 | 05,945,344 | ---- | M] () -- C:\Documents and Settings\Dawid\Moje dokumenty\Bezimienni - ilu Bezimiennych.mp3 [2009-10-09 16:27:47 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-10-05 09:30:24 | 00,034,571 | ---- | M] () -- C:\Documents and Settings\Dawid\Moje dokumenty\7d31e8cf55.jpeg [2009-10-05 09:27:30 | 00,062,722 | ---- | M] () -- C:\Documents and Settings\Dawid\Moje dokumenty\05d30c2b69.jpeg [2009-10-04 13:12:59 | 00,053,760 | ---- | M] () -- C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-09-29 13:23:33 | 00,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2009-09-29 13:22:31 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-09-29 13:01:17 | 00,001,591 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\FIFA 09.lnk [2009-09-27 20:19:14 | 00,049,077 | ---- | M] () -- C:\Documents and Settings\Dawid\Moje dokumenty\DSC00779.JPG [2009-09-27 20:19:02 | 00,046,876 | ---- | M] () -- C:\Documents and Settings\Dawid\Moje dokumenty\DSC00778.JPG [2009-09-27 20:18:53 | 00,049,800 | ---- | M] () -- C:\Documents and Settings\Dawid\Moje dokumenty\DSC00780.JPG [2009-09-27 20:18:03 | 00,045,396 | ---- | M] () -- C:\Documents and Settings\Dawid\Moje dokumenty\DSC00773.JPG [2009-09-27 20:17:45 | 00,064,721 | ---- | M] () -- C:\Documents and Settings\Dawid\Moje dokumenty\DSC00776.JPG [2009-09-27 20:17:36 | 00,047,516 | ---- | M] () -- C:\Documents and Settings\Dawid\Moje dokumenty\DSC00777.JPG [2009-09-27 01:05:56 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk [color=#E56717]========== Files - No Company Name ==========[/color] [2009-10-12 22:10:47 | 00,052,681 | ---- | C] () -- C:\Documents and Settings\Dawid\Moje dokumenty\thumb.jpeg [2009-10-12 21:41:34 | 00,781,909 | ---- | C] () -- C:\Documents and Settings\Dawid\Moje dokumenty\RSIT.exe [2009-10-12 21:18:24 | 00,331,264 | ---- | C] () -- C:\Documents and Settings\Dawid\Moje dokumenty\dds.pif [2009-10-12 21:12:53 | 00,400,192 | ---- | C] () -- C:\Documents and Settings\Dawid\Pulpit\Silent Runners.vbs [2009-10-12 20:21:56 | 00,001,763 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia PC Suite.lnk [2009-10-09 20:48:16 | 00,044,990 | ---- | C] () -- C:\Documents and Settings\Dawid\Moje dokumenty\1255113282_by_Balloo_500.jpg [2009-10-09 19:32:14 | 05,945,344 | ---- | C] () -- C:\Documents and Settings\Dawid\Moje dokumenty\Bezimienni - ilu Bezimiennych.mp3 [2009-10-05 09:30:24 | 00,034,571 | ---- | C] () -- C:\Documents and Settings\Dawid\Moje dokumenty\7d31e8cf55.jpeg [2009-10-05 09:27:30 | 00,062,722 | ---- | C] () -- C:\Documents and Settings\Dawid\Moje dokumenty\05d30c2b69.jpeg [2009-09-29 13:01:17 | 00,001,591 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\FIFA 09.lnk [2009-09-27 19:50:34 | 00,049,800 | ---- | C] () -- C:\Documents and Settings\Dawid\Moje dokumenty\DSC00780.JPG [2009-09-27 19:50:24 | 00,049,077 | ---- | C] () -- C:\Documents and Settings\Dawid\Moje dokumenty\DSC00779.JPG [2009-09-27 19:50:12 | 00,046,876 | ---- | C] () -- C:\Documents and Settings\Dawid\Moje dokumenty\DSC00778.JPG [2009-09-27 19:49:46 | 00,047,516 | ---- | C] () -- C:\Documents and Settings\Dawid\Moje dokumenty\DSC00777.JPG [2009-09-27 19:48:44 | 00,064,721 | ---- | C] () -- C:\Documents and Settings\Dawid\Moje dokumenty\DSC00776.JPG [2009-09-27 19:47:18 | 00,045,396 | ---- | C] () -- C:\Documents and Settings\Dawid\Moje dokumenty\DSC00773.JPG [2009-09-27 01:05:56 | 00,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk [2009-07-16 18:34:59 | 00,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2009-07-15 17:25:17 | 00,021,248 | ---- | C] () -- C:\WINDOWS\System32\solidlocalmon.dll [2009-07-15 17:25:17 | 00,013,568 | ---- | C] () -- C:\WINDOWS\System32\solidlocalui.dll [2009-07-11 18:39:41 | 03,203,708 | -H-- | C] () -- C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-05-23 01:09:48 | 00,000,952 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2009-05-04 13:31:50 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2009-04-25 00:54:56 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009-04-24 13:38:57 | 00,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini [2009-04-18 21:28:25 | 00,000,020 | ---- | C] () -- C:\WINDOWS\naglos.INI [2009-04-11 14:00:32 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-04-11 14:00:30 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-04-11 14:00:30 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-04-11 14:00:29 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-04-11 14:00:27 | 00,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-04-11 14:00:27 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-04-10 09:42:27 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2009-04-10 09:42:20 | 00,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2009-04-05 17:04:59 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2009-04-05 17:04:06 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009-03-29 21:22:50 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-03-29 21:22:49 | 00,053,760 | ---- | C] () -- C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-03-29 21:09:14 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-03-29 20:59:08 | 00,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll [2009-03-29 20:59:08 | 00,004,962 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys [2009-03-29 20:59:04 | 00,005,120 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys [2009-03-29 20:59:04 | 00,003,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys [2009-03-29 20:56:17 | 00,003,911 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009-03-29 20:56:15 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009-03-29 19:07:07 | 00,075,928 | ---- | C] () -- C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2007-07-23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2007-07-23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2007-07-23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2007-06-28 18:43:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2007-06-28 18:43:00 | 01,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2007-06-28 18:43:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2007-06-28 18:43:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2007-06-28 18:43:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2003-01-01 02:13:42 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2003-01-01 01:44:49 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Dawid\Dane aplikacji\desktop.ini [2001-07-21 22:16:20 | 00,000,811 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-21 22:15:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:242231A9 @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:0B9D8E22 < End of report >

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2009-10-12 23:31:51 - Run 1 OTL by OldTimer - Version 3.0.20.0 Folder = C:\Documents and Settings\Dawid\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 767,48 Mb Total Physical Memory | 243,02 Mb Available Physical Memory | 31,66% Memory free 1,46 Gb Paging File | 0,84 Gb Available in Paging File | 57,93% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37,26 Gb Total Space | 12,42 Gb Free Space | 33,33% Space Free | Partition Type: NTFS Drive D: | 38,34 Gb Total Space | 23,83 Gb Free Space | 62,17% Space Free | Partition Type: NTFS Drive E: | 37,26 Gb Total Space | 11,49 Gb Free Space | 30,83% Space Free | Partition Type: NTFS Drive F: | 38,34 Gb Total Space | 18,45 Gb Free Space | 48,12% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOM-9662BB46C9A Current User Name: Dawid Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK "{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution "{108FAA6F-DEEE-48EA-B3A9-1C5EB2605A6B}" = PL "{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet "{2085F05D-24C5-4E27-B7B4-A51DE890FFC9}" = Opera 10.00 "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09 "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0 "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite "{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM "{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav "{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart "{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3 "{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}" = NHL® 08 "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{AC76BA86-7AD7-1045-7B44-A91000000001}" = Adobe Reader 9.1.3 - Polish "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver "{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA "{CA529363-D0F2-41EA-B44B-D7515A254645}" = Multimedia Card Reader "{cd63dfe8-978a-4891-8681-d4ced9b66d92}" = Nero 9 Essentials "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer "{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "avast!" = avast! Antivirus "CCleaner" = CCleaner (remove only) "E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 4.1) "ENTERPRISE" = Microsoft Office Enterprise 2007 "F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.3) "HijackThis" = HijackThis 2.0.2 "InstallShield_{CA529363-D0F2-41EA-B44B-D7515A254645}" = Multimedia Card Reader "KLiteCodecPack_is1" = K-Lite Codec Pack 4.7.5 (Full) "Konnekt" = Konnekt "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MPPL 09" = MPPL 09 "Nokia PC Suite" = Nokia PC Suite "NVIDIA Drivers" = NVIDIA Drivers "Picasa 3" = Picasa 3 "SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "uTorrent" = µTorrent "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format Runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Antivirus Events ] Error - 2009-05-06 12:08:40 | Computer Name = DOM-9662BB46C9A | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\M@teusz\Dane aplikacji\Mozilla\Firefox\Profiles\oeonim8x.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\snipit.js failed, 00000005. Error - 2009-05-09 13:35:52 | Computer Name = DOM-9662BB46C9A | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\DAWID\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\BGDY9NKR.DEFAULT\PREFS.JS failed, 00000005. Error - 2009-05-12 15:16:16 | Computer Name = DOM-9662BB46C9A | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\DAWID\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\BGDY9NKR.DEFAULT\PREFS.JS failed, 00000005. Error - 2009-05-14 14:28:39 | Computer Name = DOM-9662BB46C9A | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\DAWID\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\BGDY9NKR.DEFAULT\PREFS.JS failed, 00000005. Error - 2009-05-15 15:04:45 | Computer Name = DOM-9662BB46C9A | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\DAWID\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\BGDY9NKR.DEFAULT\PREFS.JS failed, 00000005. Error - 2009-05-17 06:11:58 | Computer Name = DOM-9662BB46C9A | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\DAWID\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\BGDY9NKR.DEFAULT\PREFS.JS failed, 00000005. Error - 2009-07-13 07:03:52 | Computer Name = DOM-9662BB46C9A | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of N:\DCIM\101MSDCF\DSC00203.JPG failed, 00000005. Error - 2009-07-15 11:28:05 | Computer Name = DOM-9662BB46C9A | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\M@teusz\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll failed, 00000005. Error - 2009-07-15 11:28:47 | Computer Name = DOM-9662BB46C9A | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\M@teusz\Dane aplikacji\Mozilla\Firefox\Profiles\oeonim8x.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\snipit.js failed, 00000005. Error - 2009-07-31 12:20:51 | Computer Name = DOM-9662BB46C9A | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\DAWID\DANE APLIKACJI\OPERA\OPERA\PROFILE\BROWSER.JS failed, 00000005. [ Application Events ] Error - 2009-06-02 07:51:01 | Computer Name = DOM-9662BB46C9A | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd wru.exe, wersja 1.1.1.147, moduł powodujący błąd wru.exe, wersja 1.1.1.147, adres błędu 0x00003a3e. Error - 2009-06-03 15:18:04 | Computer Name = DOM-9662BB46C9A | Source = MsiInstaller | ID = 10005 Description = Produkt: ESET NOD32 Antivirus -- Błąd 5001. Komputer nie został ponownie uruchomiony po odinstalowaniu programu. Należy uruchomić ponownie komputer i uruchomić program instalacyjny. Error - 2009-06-03 18:58:20 | Computer Name = DOM-9662BB46C9A | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca iexplore.exe, wersja 6.0.2900.5512, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2009-06-07 08:04:14 | Computer Name = DOM-9662BB46C9A | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd fifa09.exe, wersja 0.0.0.0, moduł powodujący błąd fifa09.exe, wersja 0.0.0.0, adres błędu 0x001e862f. Error - 2009-06-12 07:25:29 | Computer Name = DOM-9662BB46C9A | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd explorer.exe, wersja 6.0.2900.5512, moduł powodujący błąd ffdshow.ax, wersja 1.0.5.2811, adres błędu 0x001fd724. Error - 2009-06-14 07:44:33 | Computer Name = DOM-9662BB46C9A | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd egui.exe, wersja 4.0.314.0, moduł powodujący błąd eguiupdate.dll, wersja 4.0.314.0, adres błędu 0x00008632. Error - 2009-06-18 17:15:00 | Computer Name = DOM-9662BB46C9A | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd fifa09.exe, wersja 0.0.0.0, moduł powodujący błąd fifa09.exe, wersja 0.0.0.0, adres błędu 0x001e862f. Error - 2009-06-18 17:17:49 | Computer Name = DOM-9662BB46C9A | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd fifa09.exe, wersja 0.0.0.0, moduł powodujący błąd fifa09.exe, wersja 0.0.0.0, adres błędu 0x001e862f. Error - 2009-06-18 17:18:41 | Computer Name = DOM-9662BB46C9A | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd fifa09.exe, wersja 0.0.0.0, moduł powodujący błąd fifa09.exe, wersja 0.0.0.0, adres błędu 0x001e862f. Error - 2009-06-23 16:32:35 | Computer Name = DOM-9662BB46C9A | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd fifa09.exe, wersja 0.0.0.0, moduł powodujący błąd fifa09.exe, wersja 0.0.0.0, adres błędu 0x003011ec. [ System Events ] Error - 2009-10-12 14:37:46 | Computer Name = DOM-9662BB46C9A | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi ServiceLayer z argumentami „” w celu uruchomienia serwera: {ACF50018-41F8-476D-85FD-CD953DAE4A49} Error - 2009-10-12 14:37:49 | Computer Name = DOM-9662BB46C9A | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi ServiceLayer z argumentami „” w celu uruchomienia serwera: {ACF50018-41F8-476D-85FD-CD953DAE4A49} Error - 2009-10-12 14:37:49 | Computer Name = DOM-9662BB46C9A | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi ServiceLayer z argumentami „” w celu uruchomienia serwera: {D05D5AC0-CBDC-43B7-AADB-E3AC4E98CCE9} Error - 2009-10-12 14:37:49 | Computer Name = DOM-9662BB46C9A | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi ServiceLayer z argumentami „” w celu uruchomienia serwera: {D05D5AC0-CBDC-43B7-AADB-E3AC4E98CCE9} Error - 2009-10-12 14:41:09 | Computer Name = DOM-9662BB46C9A | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi ServiceLayer z argumentami „” w celu uruchomienia serwera: {ACF50018-41F8-476D-85FD-CD953DAE4A49} Error - 2009-10-12 14:41:12 | Computer Name = DOM-9662BB46C9A | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi ServiceLayer z argumentami „” w celu uruchomienia serwera: {ACF50018-41F8-476D-85FD-CD953DAE4A49} Error - 2009-10-12 14:41:15 | Computer Name = DOM-9662BB46C9A | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi ServiceLayer z argumentami „” w celu uruchomienia serwera: {ACF50018-41F8-476D-85FD-CD953DAE4A49} Error - 2009-10-12 14:41:15 | Computer Name = DOM-9662BB46C9A | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi ServiceLayer z argumentami „” w celu uruchomienia serwera: {ACF50018-41F8-476D-85FD-CD953DAE4A49} Error - 2009-10-12 14:41:18 | Computer Name = DOM-9662BB46C9A | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi ServiceLayer z argumentami „” w celu uruchomienia serwera: {ACF50018-41F8-476D-85FD-CD953DAE4A49} Error - 2009-10-12 14:41:21 | Computer Name = DOM-9662BB46C9A | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi ServiceLayer z argumentami „” w celu uruchomienia serwera: {ACF50018-41F8-476D-85FD-CD953DAE4A49} < End of report >

**Posty:** 18165 · przez **wojtas** 13 Paź 2009, 18:51

1.Uruchom OTL z opcji CleanUp
2. wykonaj optymalizację windowsa
3.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem]
4. zrób skan Malwarebytes Anti-Malware (usuń co znajdzie )

Problem z przeglądaniem stron,podłączeniem telefonu

Problem z przeglądaniem stron,podłączeniem telefonu

Problem z przeglądaniem stron,podłączeniem telefonu

Problem z przeglądaniem stron,podłączeniem telefonu

Problem z przeglądaniem stron,podłączeniem telefonu

Kto jest na forum