Continue sweetim installation

**Posty:** 8 · przez **Mordrago** 04 Lis 2012, 12:12

Otóż mój brat ściągnął grę ,i dzień po jej zainstalowaniu na pulpicie tworzył się skrót do Continue SweetIM Installation. Może mi ktoś powiedzieć co to jest ,i jak to usunąć?
2 min i wstawiam logi.

Kod: Zaznacz wszystko: OTL logfile created on: 2012-11-04 11:20:30 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wiktor\Downloads Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,20 Gb Available Physical Memory | 60,25% Memory free 4,00 Gb Paging File | 2,87 Gb Available in Paging File | 71,84% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 29,90 Gb Total Space | 2,63 Gb Free Space | 8,78% Space Free | Partition Type: NTFS Drive D: | 58,59 Gb Total Space | 38,38 Gb Free Space | 65,49% Space Free | Partition Type: NTFS Drive E: | 136,71 Gb Total Space | 135,90 Gb Free Space | 99,41% Space Free | Partition Type: NTFS Drive F: | 147,29 Gb Total Space | 52,33 Gb Free Space | 35,53% Space Free | Partition Type: NTFS Computer Name: WIKTOR1 | User Name: Wiktor | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-11-04 11:19:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Wiktor\Downloads\OTL.exe PRC - [2012-10-27 22:20:57 | 000,917,984 | ---- | M] (Mozilla Corporation) -- D:\Firefox\firefox.exe PRC - [2012-10-27 22:20:57 | 000,016,864 | ---- | M] (Mozilla Corporation) -- D:\Firefox\plugin-container.exe PRC - [2012-08-26 11:14:37 | 000,036,640 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe PRC - [2012-08-26 11:14:04 | 000,037,152 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe PRC - [2012-08-26 10:41:30 | 000,140,064 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe PRC - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-10-15 09:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2011-10-15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2011-10-14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-10-27 22:20:57 | 002,295,264 | ---- | M] () -- D:\Firefox\mozjs.dll MOD - [2012-01-11 20:17:35 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll MOD - [2011-10-14 23:54:26 | 000,265,536 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2012-10-27 22:20:57 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-08-26 11:14:37 | 000,036,640 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe -- (PSUAService) SRV - [2012-08-26 10:41:30 | 000,140,064 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain) SRV - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Users\Wiktor\Desktop\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-10-14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011-03-16 09:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2012-08-26 10:46:12 | 000,121,384 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINProt.sys -- (PSINProt) DRV - [2012-08-26 10:46:11 | 000,114,728 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINProc.sys -- (PSINProc) DRV - [2012-08-26 10:45:33 | 000,175,144 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\PSINKNC.sys -- (PSINKNC) DRV - [2012-08-26 10:45:33 | 000,149,032 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINAflt.sys -- (PSINAflt) DRV - [2012-08-26 10:45:33 | 000,104,488 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINFile.sys -- (PSINFile) DRV - [2012-07-12 11:18:32 | 000,206,632 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSStrm.sys -- (NNSSTRM) DRV - [2012-06-27 15:51:07 | 000,092,840 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNStlsc.sys -- (NNSTLSC) DRV - [2012-06-27 15:51:06 | 000,286,376 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSProt.sys -- (NNSPROT) DRV - [2012-06-27 15:51:06 | 000,153,000 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSPrv.sys -- (NNSPRV) DRV - [2012-06-27 15:51:06 | 000,106,536 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSSmtp.sys -- (NNSSMTP) DRV - [2012-06-27 15:51:05 | 000,104,104 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSPop3.sys -- (NNSPOP3) DRV - [2012-06-27 15:51:05 | 000,060,968 | ---- | M] (Panda Security, S.L.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\NNSPihsw.sys -- (NNSPIHSW) DRV - [2012-06-27 15:51:04 | 000,122,664 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSIds.sys -- (NNSIDS) DRV - [2012-06-27 15:51:04 | 000,093,992 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSpicc.sys -- (NNSPICC) DRV - [2012-06-27 15:51:04 | 000,028,712 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\NNSNAHSL.sys -- (NNSNAHSL) DRV - [2012-06-27 15:51:03 | 000,120,744 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSHttp.sys -- (NNSHTTP) DRV - [2012-06-27 15:51:03 | 000,082,472 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSAlpc.sys -- (NNSALPC) DRV - [2012-01-06 17:56:06 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2012-01-06 17:56:05 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2011-10-31 19:29:43 | 000,014,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2011-10-15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011-03-10 18:04:57 | 000,046,280 | ---- | M] (Panda Security) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PSKMAD.sys -- (PSKMAD) DRV - [2009-07-13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD400LD_S0AXJ1CPB41005&ts=1351003638 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD400LD_S0AXJ1CPB41005&ts=1351003638 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{C785D81D-DDD5-4FF6-B039-5800B46098C4}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD400LD_S0AXJ1CPB41005&ts=1351003638 IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD400LD_S0AXJ1CPB41005&ts=1351003638 IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms} IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?q={searchTerms} IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\..\SearchScopes\{C785D81D-DDD5-4FF6-B039-5800B46098C4}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-654460940-462179173-1475701004-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-654460940-462179173-1475701004-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-654460940-462179173-1475701004-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "v9" FF - prefs.js..browser.search.order.1: "v9" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&src=sp&cf=3c200bec-421d-11e1-a5a9-001a4d9e2380&q=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: F:\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Wiktor\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Wiktor\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: D:\Firefox\components [2012-10-27 22:20:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: D:\Firefox\plugins [2012-01-18 22:42:02 | 000,000,000 | ---D | M] [2011-10-26 17:42:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wiktor\AppData\Roaming\mozilla\Extensions [2012-10-23 17:32:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wiktor\AppData\Roaming\mozilla\Firefox\Profiles\mhtladdn.default\extensions [2012-09-21 17:10:19 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Wiktor\AppData\Roaming\mozilla\firefox\profiles\mhtladdn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-18 22:42:03 | 000,000,792 | ---- | M] () -- C:\Users\Wiktor\AppData\Roaming\mozilla\firefox\profiles\mhtladdn.default\searchplugins\startsear.xml [color=#E56717]========== Chrome ==========[/color] CHR - Extension: No name found = C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: No name found = C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: No name found = C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\ CHR - Extension: No name found = C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Users\Wiktor\Desktop\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKU\S-1-5-21-654460940-462179173-1475701004-1001\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe () O4 - HKLM..\Run: [PSUAMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.) O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found O4 - HKU\S-1-5-21-654460940-462179173-1475701004-1001..\Run: [GG] C:\Users\Wiktor\AppData\Local\GG\Application\gghub.exe (GG Network S.A.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-654460940-462179173-1475701004-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Users\Wiktor\Desktop\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Users\Wiktor\Desktop\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.9.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2A7CE1A-05EB-4F3E-BDFB-BF0CCA5FDCF4}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Users\Wiktor\Desktop\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2012-05-31 13:30:51 | 000,069,414 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-11-04 11:03:24 | 000,046,280 | ---- | C] (Panda Security) -- C:\Windows\System32\drivers\PSKMAD.sys [2012-11-02 12:07:57 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Original War [2012-11-02 12:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Original War [2012-11-02 12:01:30 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-11-02 12:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-11-02 12:01:23 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\WinRAR [2012-11-02 11:58:44 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\Desktop\OW [2012-11-02 00:10:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus [2012-11-02 00:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security [2012-10-25 15:54:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-10-25 15:54:23 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012-10-25 15:54:12 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012-10-23 15:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Phonics, Inc [2012-10-23 15:59:16 | 000,000,000 | ---D | C] -- C:\Program Files\Audio Phonics, Inc [2012-10-23 15:58:49 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Windows\uninst.exe [2012-10-23 15:50:57 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\Desktop\AP Tuner 3.06 [2012-10-23 15:49:38 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.06 [2012-10-23 15:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.06 [2012-10-23 15:47:34 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.08 [2012-10-23 15:47:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.08 [2012-10-23 15:47:33 | 000,000,000 | ---D | C] -- C:\Program Files\AP Tuner [2012-10-23 15:43:45 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\lingot [2012-10-21 17:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-11-04 11:12:01 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-654460940-462179173-1475701004-1001UA.job [2012-11-04 11:10:58 | 000,019,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-11-04 11:10:58 | 000,019,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-11-04 11:03:12 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-11-04 11:02:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-11-04 11:02:54 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys [2012-11-04 00:35:01 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-11-03 20:12:03 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-654460940-462179173-1475701004-1001Core.job [2012-11-02 19:06:53 | 000,001,060 | ---- | M] () -- C:\Users\Wiktor\Desktop\Owar — skrót.lnk [2012-11-02 18:36:12 | 000,737,242 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-11-02 18:36:12 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-11-02 18:36:12 | 000,153,930 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-11-02 18:36:12 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-11-02 10:56:29 | 000,447,880 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-11-02 01:44:57 | 000,000,000 | ---- | M] () -- C:\ProgramData\0x0304A000.sfl [2012-10-29 16:14:43 | 000,001,530 | ---- | M] () -- C:\Users\Wiktor\Desktop\WVWZZZ3BZ4E287454 — skrót.lnk [2012-10-29 16:09:50 | 000,138,369 | ---- | M] () -- C:\Users\Wiktor\Documents\WVWZZZ3BZ4E287454.PDF [2012-10-26 15:10:16 | 000,063,730 | ---- | M] () -- C:\Users\Wiktor\Desktop\wydruk.pdf [2012-10-25 15:54:04 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012-10-25 15:54:04 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2012-10-25 15:54:04 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012-10-25 15:54:04 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012-10-25 15:54:04 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012-10-25 15:54:04 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012-10-23 15:58:11 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012-10-23 15:58:11 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-10-23 15:47:27 | 001,359,867 | ---- | M] () -- C:\Users\Wiktor\Desktop\APTunerInstall308.exe [2012-10-18 20:22:26 | 000,001,687 | ---- | M] () -- C:\Users\Wiktor\Desktop\VW Passat B5 Instrukcja Obslugi PL — skrót.lnk [2012-10-18 20:22:15 | 001,649,829 | ---- | M] () -- C:\Users\Wiktor\Desktop\img274.jpg [2012-10-12 22:08:34 | 000,001,620 | ---- | M] () -- C:\Users\Wiktor\Desktop\GG dysk.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-11-02 19:06:53 | 000,001,060 | ---- | C] () -- C:\Users\Wiktor\Desktop\Owar — skrót.lnk [2012-11-02 01:44:57 | 000,000,000 | ---- | C] () -- C:\ProgramData\0x0304A000.sfl [2012-10-29 16:14:43 | 000,001,530 | ---- | C] () -- C:\Users\Wiktor\Desktop\WVWZZZ3BZ4E287454 — skrót.lnk [2012-10-29 16:14:33 | 000,138,369 | ---- | C] () -- C:\Users\Wiktor\Documents\WVWZZZ3BZ4E287454.PDF [2012-10-26 15:10:16 | 000,063,730 | ---- | C] () -- C:\Users\Wiktor\Desktop\wydruk.pdf [2012-10-23 15:58:11 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2012-10-23 15:58:11 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2012-10-23 15:47:24 | 001,359,867 | ---- | C] () -- C:\Users\Wiktor\Desktop\APTunerInstall308.exe [2012-10-18 20:22:15 | 001,649,829 | ---- | C] () -- C:\Users\Wiktor\Desktop\img274.jpg [2012-10-13 21:46:08 | 000,001,687 | ---- | C] () -- C:\Users\Wiktor\Desktop\VW Passat B5 Instrukcja Obslugi PL — skrót.lnk [2012-10-12 22:08:34 | 000,001,620 | ---- | C] () -- C:\Users\Wiktor\Desktop\GG dysk.lnk [2012-09-14 19:03:09 | 000,000,843 | ---- | C] () -- C:\Users\Wiktor\.recently-used.xbel [2012-01-23 11:34:41 | 000,000,000 | ---- | C] () -- C:\Users\Wiktor\AppData\Local\{67A54834-A65F-4D66-8988-769D4CC57BD3} [2012-01-12 14:12:42 | 000,000,000 | ---- | C] () -- C:\Users\Wiktor\AppData\Local\{66ECD9CF-F838-4B7E-AE0B-C44DC8F1C887} [2012-01-06 17:56:06 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2012-01-06 17:56:05 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2011-11-03 21:37:46 | 000,000,026 | ---- | C] () -- C:\Windows\CDEDX8400EXPORT.ini [2011-10-14 23:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2011-11-14 14:36:07 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\.minecraft [2012-02-29 19:16:17 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\e-pity [2012-06-21 22:16:04 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\Gadu-Gadu 10 [2011-11-04 21:41:52 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\GanymedeNet [2012-11-04 11:16:00 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\GG [2012-09-14 19:03:09 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\gtk-2.0 [2012-10-23 15:43:45 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\lingot [2011-10-28 14:15:30 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\LolClient [2012-05-25 13:51:03 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\LolClient2 [2012-03-04 11:48:37 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\LOVE [2012-01-21 19:06:50 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\OpenFM [2012-06-25 19:46:38 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\Panda Security [2012-02-29 18:17:54 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\Podatnik.info [2012-07-11 18:47:05 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\SPORE [2012-08-31 16:03:52 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\Sports Interactive [2012-08-31 11:32:09 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\Stellarium [color=#E56717]========== Purity Check ==========[/color] < End of report >[/spoiler] [spoiler]DDS (Ver_2012-10-19.01) - NTFS_x86 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 10.9.2 Run by Wiktor at 11:28:13 on 2012-11-04 Microsoft Windows 7 Home Premium 6.1.7600.0.1250.48.1045.18.2048.1057 [GMT 1:00] . SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\WUDFHost.exe D:\Firefox\firefox.exe C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files\Windows Media Player\wmpnetwk.exe D:\Firefox\plugin-container.exe C:\Users\Wiktor\Downloads\OTL.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD400LD_S0AXJ1CPB41005&ts=1351003638 uDefault_Page_URL = hxxp://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD400LD_S0AXJ1CPB41005&ts=1351003638 mStart Page = hxxp://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD400LD_S0AXJ1CPB41005&ts=1351003638 mDefault_Page_URL = hxxp://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD400LD_S0AXJ1CPB41005&ts=1351003638 BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: IE5BarLauncherBHO Class: {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - c:\program files\vshare.tv plugin\BarLcher.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\users\wiktor\desktop\toolbars\internet explorer\skypeieplugin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: VShareToolBar: {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - c:\program files\vshare.tv plugin\BarLcher.dll TB: VShareToolBar: {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - c:\program files\vshare.tv plugin\BarLcher.dll uRun: [Google Update] "c:\users\wiktor\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [GG] "c:\users\wiktor\appdata\local\gg\application\gghub.exe" mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [amd_dc_opt] "c:\program files\amd\amd_dc_opt\amd_dc_opt.exe" mRun: [ROC_roc_ssl_v12] "c:\program files\avg secure search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [PSUAMain] "c:\program files\panda security\panda cloud antivirus\PSUAMain.exe" /LaunchSysTray StartupFolder: c:\users\wiktor\appdata\roaming\micros~1\windows\startm~1\programs\startup\tworze~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\mif5ba~1\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\users\wiktor\desktop\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{A2A7CE1A-05EB-4F3E-BDFB-BF0CCA5FDCF4} : DHCPNameServer = 192.168.1.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\users\wiktor\desktop\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll . ============= SERVICES / DRIVERS =============== . R1 NNSALPC;NNSALPC;c:\windows\system32\drivers\NNSAlpc.sys [2012-6-27 82472] R1 NNSHTTP;NNSHTTP;c:\windows\system32\drivers\NNSHttp.sys [2012-6-27 120744] R1 NNSIDS;NNSIDS;c:\windows\system32\drivers\NNSIds.sys [2012-6-27 122664] R1 NNSPICC;NNSPICC;c:\windows\system32\drivers\NNSpicc.sys [2012-6-27 93992] R1 NNSPOP3;NNSPOP3;c:\windows\system32\drivers\NNSPop3.sys [2012-6-27 104104] R1 NNSPROT;NNSPROT;c:\windows\system32\drivers\NNSProt.sys [2012-6-27 286376] R1 NNSPRV;NNSPRV;c:\windows\system32\drivers\NNSPrv.sys [2012-6-27 153000] R1 NNSSMTP;NNSSMTP;c:\windows\system32\drivers\NNSSmtp.sys [2012-6-27 106536] R1 NNSSTRM;NNSSTRM;c:\windows\system32\drivers\NNSStrm.sys [2012-7-12 206632] R1 NNSTLSC;NNSTLSC;c:\windows\system32\drivers\NNStlsc.sys [2012-6-27 92840] R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [2012-8-26 175144] R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\panda security\panda cloud antivirus\PSANHost.exe [2012-8-26 140064] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-10-26 2253120] R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [2012-8-26 149032] R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [2012-8-26 104488] R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [2012-8-26 114728] R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [2012-8-26 121384] R2 PSUAService;Panda Product Service;c:\program files\panda security\panda cloud antivirus\PSUAService.exe [2012-8-26 36640] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-10-14 381248] R3 PSKMAD;PSKMAD;c:\windows\system32\drivers\PSKMAD.sys [2012-11-4 46280] S1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;c:\windows\system32\drivers\NNSNAHSL.sys [2012-6-27 28712] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Usługa Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-1-8 136176] S2 SkypeUpdate;Skype Updater;c:\users\wiktor\desktop\updater\Updater.exe [2012-7-13 160944] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 gupdatem;Usługa Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-1-8 136176] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-24 115168] S4 NNSPIHSW;NNSPIHSW;c:\windows\system32\drivers\NNSPihsw.sys [2012-6-27 60968] . =============== Created Last 30 ================ . 2012-11-04 10:03:24 46280 ----a-w- c:\windows\system32\drivers\PSKMAD.sys 2012-11-01 23:10:35 -------- d-----w- c:\program files\Panda Security 2012-10-25 14:54:12 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-10-23 14:59:16 -------- d-----w- c:\program files\Audio Phonics, Inc 2012-10-23 14:58:49 299520 ----a-w- c:\windows\uninst.exe 2012-10-23 14:47:33 -------- d-----w- c:\program files\AP Tuner 2012-10-23 14:43:45 -------- d-----w- c:\users\wiktor\appdata\roaming\lingot 2012-10-21 16:15:04 -------- d-----w- c:\program files\common files\AVG Secure Search . ==================== Find3M ==================== . 2012-10-25 14:54:04 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-10-25 14:54:04 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-09-11 13:50:53 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2012-08-26 09:46:12 121384 ----a-w- c:\windows\system32\drivers\PSINProt.sys 2012-08-26 09:46:11 114728 ----a-w- c:\windows\system32\drivers\PSINProc.sys 2012-08-26 09:45:33 175144 ----a-w- c:\windows\system32\drivers\PSINKNC.sys 2012-08-26 09:45:33 149032 ----a-w- c:\windows\system32\drivers\PSINAflt.sys 2012-08-26 09:45:33 104488 ----a-w- c:\windows\system32\drivers\PSINFile.sys . ============= FINISH: 11:28:33,94 ===============[/spoiler] [spoiler]. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-10-19.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 2011-10-26 16:32:35 System Uptime: 2012-11-04 11:02:33 (0 hours ago) . Motherboard: Gigabyte Technology Co., Ltd. | | M52S-S3P Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ | Socket M2 | 2600/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 30 GiB total, 2,626 GiB free. D: is FIXED (NTFS) - 59 GiB total, 38,375 GiB free. E: is FIXED (NTFS) - 137 GiB total, 135,902 GiB free. F: is FIXED (NTFS) - 147 GiB total, 52,333 GiB free. G: is CDROM () H: is Removable I: is Removable J: is Removable K: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: Description: Device ID: ROOT\SYSTEM\0001 Manufacturer: Name: PNP Device ID: ROOT\SYSTEM\0001 Service: . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Adobe Flash Player 11 Plugin Age of Wonders - Magia Cienia Age of Wonders - Tron Czarnoksiężnika Aktualizacje NVIDIA 1.5.20 AMD Dual-Core Optimizer AP Guitar Tuner 1.02 AP Tuner 3.06 AP Tuner 3.08 Bastion - Demo Detektor Winampa e-pity 2011 wersja 3.0 EPSON Scan Football Manager 2009 Gadu-Gadu 10 GameDesire-Pool & Snooker GameSpy Arcade GG GIMP 2.6.12-2 Google Chrome Google Earth Plug-in Google Update Helper Java 7 Update 9 Java Auto Updater Java(TM) 6 Update 29 JavaFX 2.1.0 League of Legends Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Office Access MUI (Polish) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Polish) 2007 Microsoft Office Groove MUI (Polish) 2007 Microsoft Office InfoPath MUI (Polish) 2007 Microsoft Office OneNote MUI (Polish) 2007 Microsoft Office Outlook MUI (Polish) 2007 Microsoft Office PowerPoint MUI (Polish) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Polish) 2007 Microsoft Office Proofing (Polish) 2007 Microsoft Office Publisher MUI (Polish) 2007 Microsoft Office Shared MUI (Polish) 2007 Microsoft Office Word MUI (Polish) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft XNA Framework Redistributable 3.1 Mozilla Firefox 16.0.2 (x86 pl) Mozilla Maintenance Service NVIDIA Install Application NVIDIA Oprogramowanie systemu PhysX 9.11.0621 NVIDIA PhysX NVIDIA Stereoscopic 3D Driver NVIDIA Sterownik 3D Vision 285.62 NVIDIA Sterownik graficzny 285.62 NVIDIA Sterownik kontrolera 3D Vision 285.62 NVIDIA Update Components Oprogramowanie drukarki EPSON Original War Panda Cloud Antivirus Panel sterowania NVIDIA 285.62 PIT-OPP 2011 PIT Format 2011 Pit Pro 2011 Program Pit 2011 - wersja 5.0.0.19 Realtek High Definition Audio Driver Risen Skype Click to Call Skype™ 5.10 StarCraft II Stellarium 0.11.4 System Requirements Lab CYRI vShare.tv plugin 1.3 Wiedźmin 2 Winamp . ==== End Of File ===========================

**Posty:** 18165 · przez **wojtas** 04 Lis 2012, 12:53

Uruchom OTL i w sekcji własne opcje skanowania / skrypt wklej:

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD400LD_S0AXJ1CPB41005&ts=1351003638
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Mai
IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD400LD_S0AXJ1CPB41005&ts=1351003638
IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD400LD_S0AXJ1CPB41005&ts=1351003638
IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?q={searchTerms}
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "v9"
FF - prefs.js..browser.search.order.1: "v9"
FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&src=sp&cf=3c200bec-421d-11e1-a5a9-001a4d9e2380&q="
FF - user.js - File not found
[2012-01-18 22:42:03 | 000,000,792 | ---- | M] () -- C:\Users\Wiktor\AppData\Roaming\mozilla\firefox\profiles\mhtladdn.default\searchplugins\startsear.xml

:Commands
[emptytemp]

Kliknij wykonaj skrypt. I potwierdź reset komputera .

Użyj AdwCleaner i kliknij w nim Delete (w przypadku Visty/Windows7 uruchom z prawokliku jako Administrator)
Pokaż raport z niego

Następnie uruchamiasz OTL z opcją skanuj. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia (zawartość notatnika, która otworzyła się po restarcie).

**Posty:** 8 · przez **Mordrago** 04 Lis 2012, 15:34

Mam pytanie , wyświetli mi się ,ze mam zresetować komputer czy mam to sam zrobić?

**Posty:** 18165 · przez **wojtas** 04 Lis 2012, 15:55

jeśli program nie zrobił tego sam to tak, potem od razu uruchom przy starcie OTL ( wyskoczy okienko)

**Posty:** 8 · przez **Mordrago** 04 Lis 2012, 16:52

Spoiler:

Kod: Zaznacz wszystko: # AdwCleaner v2.005 - Logfile created 11/04/2012 at 15:40:27 # Updated 14/10/2012 by Xplode # Operating system : Windows 7 Home Premium (32 bits) # User : Wiktor - WIKTOR1 # Boot Mode : Normal # Running from : C:\Users\Wiktor\Downloads\AdwCleaner_www.INSTALKI.pl.exe # Option [Delete] ***** [Services] ***** ***** [Files / Folders] ***** File Deleted : C:\Users\Wiktor\AppData\Local\Temp\Uninstall.exe File Deleted : C:\Users\Wiktor\AppData\Roaming\Mozilla\Firefox\Profiles\mhtladdn.default\searchplugins\Startsear.xml Folder Deleted : C:\Program Files\Common Files\AVG Secure Search Folder Deleted : C:\Program Files\vShare.tv plugin Folder Deleted : C:\ProgramData\Trymedia ***** [Registry] ***** Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31} Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\StartSearch Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher.1 Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO.1 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}] ***** [Internet Browsers] ***** -\\ Internet Explorer v8.0.7600.16385 [OK] Registry is clean. -\\ Mozilla Firefox v16.0.2 (pl) Profile name : default File : C:\Users\Wiktor\AppData\Roaming\Mozilla\Firefox\Profiles\mhtladdn.default\prefs.js Deleted : user_pref("browser.search.defaultengine", "Web Search"); Deleted : user_pref("keyword.URL", "hxxp://startsear.ch/?aff=1&src=sp&cf=3c200bec-421d-11e1-a5a9-001a4d9e2380&[...] -\\ Google Chrome v22.0.1229.94 File : C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[S1].txt - [4568 octets] - [04/11/2012 15:40:27] ########## EOF - C:\AdwCleaner[S1].txt - [4628 octets] ##########

Spoiler:

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2012-11-04 15:43:05 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wiktor\Downloads Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 60,72% Memory free 4,00 Gb Paging File | 3,06 Gb Available in Paging File | 76,61% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 29,90 Gb Total Space | 2,80 Gb Free Space | 9,36% Space Free | Partition Type: NTFS Drive D: | 58,59 Gb Total Space | 38,38 Gb Free Space | 65,49% Space Free | Partition Type: NTFS Drive E: | 136,71 Gb Total Space | 135,90 Gb Free Space | 99,41% Space Free | Partition Type: NTFS Drive F: | 147,29 Gb Total Space | 52,33 Gb Free Space | 35,53% Space Free | Partition Type: NTFS Computer Name: WIKTOR1 | User Name: Wiktor | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-654460940-462179173-1475701004-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- D:\Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "D:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "D:\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "D:\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04105286-1A63-4043-A563-9ABCC375CBEF}" = lport=10243 | protocol=6 | dir=in | app=system | "{0767D757-DF01-428F-A33E-671C318F0502}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1AE5239A-AD13-43C5-8005-6E6C8421403B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1B456917-A5FB-439D-A68C-748B4419C869}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1CE1033B-9734-43EC-8C04-224DA4316CFB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3952B527-1C16-49DC-B1C4-4E37F3DF3F7C}" = lport=137 | protocol=17 | dir=in | app=system | "{702EF616-723E-46B5-BFB1-4B7EF3A0A8B6}" = rport=139 | protocol=6 | dir=out | app=system | "{72903DDD-B3E6-4C4A-B21D-CF0B327FC931}" = rport=138 | protocol=17 | dir=out | app=system | "{78B367E2-FB5F-4509-B7D2-39ED8404B0A8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{7FB7E300-0F92-422F-B978-5BF13BEBBA20}" = lport=138 | protocol=17 | dir=in | app=system | "{82CBF990-E2E3-47C3-9860-839471ED886D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{9BCEC5D3-2D14-4EE4-A9DD-9A88659B25BA}" = rport=137 | protocol=17 | dir=out | app=system | "{AF3F74B6-67F9-4728-AA47-49AB8728D1B3}" = lport=139 | protocol=6 | dir=in | app=system | "{B6D86744-4C44-4AD8-AF49-D432DF6A58D9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{BC04EFC1-0E22-4573-9476-037CC99A86C2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C92A22D8-A93D-4295-B401-F1D68D7078B5}" = lport=2869 | protocol=6 | dir=in | app=system | "{DA1AF9F0-F536-4269-96DB-990D820998AF}" = rport=445 | protocol=6 | dir=out | app=system | "{EA994B26-FA46-4BD9-BD3D-DCC7EEB0328C}" = rport=10243 | protocol=6 | dir=out | app=system | "{EF1CCCEA-852C-4140-83CC-D30A8E8BC0BB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F22FC3F8-4877-465C-B7C6-A84F2FC3FAFB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F98D4B8B-F962-4CE2-A825-290D6F62735D}" = lport=445 | protocol=6 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02BFE5DE-1D9D-491F-8CA9-F48225DBDC81}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{111338DD-D51D-405F-B2E0-BD8D72D35140}" = protocol=6 | dir=out | app=system | "{14C6AAC4-FD02-4818-838B-2738A091C156}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{167874B7-CA3D-4162-AF61-86C4A2D1C499}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2F76EC2E-BE16-4BC9-B4EA-AC291E69C83B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{45B564AC-9542-4A42-BCFE-7B16F6141CDA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{69C5186C-1277-4071-8850-E0259C799945}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{86103342-801F-4DF0-BC72-34F836AD649B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{971B3C36-3216-4E53-8A55-34201C2C9B70}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{9A0CD79E-86E5-4FB9-8D72-B908018F5543}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{A3E71384-CC9C-41B9-B8D1-02394B734BCB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B0045250-5315-417E-AFDF-8468D063C750}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{BD542379-73CE-49C6-82A1-96EEEE2DAF3D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F4398248-AD80-4F1E-9393-BF8DA8D15C9D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{F7C679C4-365F-4E18-934C-558E8A22437D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{FE11914F-C73C-4EBF-85E3-50A3C4F55929}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0 "{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29 "{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9 "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{561ECD12-526E-4BD2-9194-5BA6A10E9986}" = Pit Pro 2011 "{670A2206-F20A-490C-8C13-25EA88BF8E54}_is1" = e-pity 2011 wersja 3.0 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{886C92E6-4AF1-4290-BB86-4B5064A1BB7D}" = AMD Dual-Core Optimizer "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C4EF133-F213-4DBD-B1C7-9466FFA1CB98}" = Panda Cloud Antivirus "{8C9DDCAA-91E1-4DAA-BC65-68BD80546B98}}_is1" = PIT-OPP 2011 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.11.0621 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.5.20 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = Wiedźmin 2 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Age of Wonders - Magia Cienia" = Age of Wonders - Magia Cienia "Age of Wonders - Tron Czarnoksiężnika" = Age of Wonders - Tron Czarnoksiężnika "AP Guitar Tuner 1.02" = AP Guitar Tuner 1.02 "AP Tuner 3.06" = AP Tuner 3.06 "AP Tuner 3.08" = AP Tuner 3.08 "ENTERPRISE" = Microsoft Office Enterprise 2007 "EPSON Printer and Utilities" = Oprogramowanie drukarki EPSON "EPSON Scanner" = EPSON Scan "Gadu-Gadu 10" = Gadu-Gadu 10 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "GameSpy Arcade" = GameSpy Arcade "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Mozilla Firefox 16.0.2 (x86 pl)" = Mozilla Firefox 16.0.2 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Original War" = Original War "Panda Universal Agent Endpoint" = Panda Cloud Antivirus "PIT Format 2011_is1" = PIT Format 2011 "Roczne rozliczenie podatku dochodowego - PIT 2011_is1" = Program Pit 2011 - wersja 5.0.0.19 "StarCraft II" = StarCraft II "Steam App 10540" = Football Manager 2009 "Steam App 107110" = Bastion - Demo "Stellarium_is1" = Stellarium 0.11.4 "vShare.tv plugin" = vShare.tv plugin 1.3 "Winamp" = Winamp "WinGimp-2.0_is1" = GIMP 2.6.12-2 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-654460940-462179173-1475701004-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG "Google Chrome" = Google Chrome "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-11-02 12:17:46 | Computer Name = Wiktor1 | Source = Application Hang | ID = 1002 Description = Program PSUNMain.exe w wersji 4.0.0.560 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 17b4 Godzina rozpoczęcia: 01cdb9153fb32040 Godzina zakończenia: 259 Ścieżka aplikacji: C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe Identyfikator raportu: 9d44efb9-2508-11e2-a748-001a4d9e2380 [ System Events ] Error - 2012-05-30 08:14:55 | Computer Name = Wiktor1 | Source = Service Control Manager | ID = 7023 Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie; wystąpił następujący błąd: %%-2147014847 Error - 2012-05-30 09:34:29 | Computer Name = Wiktor1 | Source = Service Control Manager | ID = 7023 Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie; wystąpił następujący błąd: %%-2147014847 Error - 2012-05-31 05:46:23 | Computer Name = Wiktor1 | Source = Service Control Manager | ID = 7023 Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie; wystąpił następujący błąd: %%-2147014847 Error - 2012-05-31 06:13:48 | Computer Name = Wiktor1 | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 12:11:25 na ?2012-?05-?31 było nieoczekiwane. Error - 2012-05-31 11:07:47 | Computer Name = Wiktor1 | Source = Service Control Manager | ID = 7023 Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie; wystąpił następujący błąd: %%-2147014847 Error - 2012-05-31 11:32:07 | Computer Name = Wiktor1 | Source = Service Control Manager | ID = 7023 Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie; wystąpił następujący błąd: %%-2147014847 Error - 2012-06-01 15:55:33 | Computer Name = Wiktor1 | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 21:54:03 na ?2012-?06-?01 było nieoczekiwane. Error - 2012-06-02 04:50:38 | Computer Name = Wiktor1 | Source = volsnap | ID = 393252 Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error - 2012-06-02 16:12:16 | Computer Name = Wiktor1 | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk5\DR5. Error - 2012-06-02 16:12:19 | Computer Name = Wiktor1 | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk6\DR6. < End of report >

Spoiler:

Kod: Zaznacz wszystko: OTL logfile created on: 2012-11-04 15:43:05 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wiktor\Downloads Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 60,72% Memory free 4,00 Gb Paging File | 3,06 Gb Available in Paging File | 76,61% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 29,90 Gb Total Space | 2,80 Gb Free Space | 9,36% Space Free | Partition Type: NTFS Drive D: | 58,59 Gb Total Space | 38,38 Gb Free Space | 65,49% Space Free | Partition Type: NTFS Drive E: | 136,71 Gb Total Space | 135,90 Gb Free Space | 99,41% Space Free | Partition Type: NTFS Drive F: | 147,29 Gb Total Space | 52,33 Gb Free Space | 35,53% Space Free | Partition Type: NTFS Computer Name: WIKTOR1 | User Name: Wiktor | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-11-04 11:19:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Wiktor\Downloads\OTL.exe PRC - [2012-11-03 00:09:47 | 003,377,288 | ---- | M] (GG Network S.A.) -- C:\Users\Wiktor\AppData\Local\GG\Application\gghub.exe PRC - [2012-10-27 22:20:57 | 000,917,984 | ---- | M] (Mozilla Corporation) -- D:\Firefox\firefox.exe PRC - [2012-10-17 19:12:37 | 000,153,736 | ---- | M] (GG Network S.A.) -- C:\Users\Wiktor\AppData\Local\GG\Application\ggapp.exe PRC - [2012-08-26 11:14:37 | 000,036,640 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe PRC - [2012-08-26 11:14:04 | 000,037,152 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe PRC - [2012-08-26 10:41:30 | 000,140,064 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe PRC - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) -- C:\Users\Wiktor\Desktop\Updater\Updater.exe PRC - [2011-10-15 09:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2011-10-15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2011-10-14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-10-27 22:20:57 | 002,295,264 | ---- | M] () -- D:\Firefox\mozjs.dll MOD - [2012-10-17 19:12:38 | 001,945,600 | ---- | M] () -- C:\Users\Wiktor\AppData\Local\GG\Application\xulrunner\mozjs.dll MOD - [2011-10-14 23:54:26 | 000,265,536 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2012-10-27 22:20:57 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-08-26 11:14:37 | 000,036,640 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe -- (PSUAService) SRV - [2012-08-26 10:41:30 | 000,140,064 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain) SRV - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Users\Wiktor\Desktop\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-10-14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011-03-16 09:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2012-08-26 10:46:12 | 000,121,384 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINProt.sys -- (PSINProt) DRV - [2012-08-26 10:46:11 | 000,114,728 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINProc.sys -- (PSINProc) DRV - [2012-08-26 10:45:33 | 000,175,144 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\PSINKNC.sys -- (PSINKNC) DRV - [2012-08-26 10:45:33 | 000,149,032 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINAflt.sys -- (PSINAflt) DRV - [2012-08-26 10:45:33 | 000,104,488 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINFile.sys -- (PSINFile) DRV - [2012-07-12 11:18:32 | 000,206,632 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSStrm.sys -- (NNSSTRM) DRV - [2012-06-27 15:51:07 | 000,092,840 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNStlsc.sys -- (NNSTLSC) DRV - [2012-06-27 15:51:06 | 000,286,376 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSProt.sys -- (NNSPROT) DRV - [2012-06-27 15:51:06 | 000,153,000 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSPrv.sys -- (NNSPRV) DRV - [2012-06-27 15:51:06 | 000,106,536 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSSmtp.sys -- (NNSSMTP) DRV - [2012-06-27 15:51:05 | 000,104,104 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSPop3.sys -- (NNSPOP3) DRV - [2012-06-27 15:51:05 | 000,060,968 | ---- | M] (Panda Security, S.L.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\NNSPihsw.sys -- (NNSPIHSW) DRV - [2012-06-27 15:51:04 | 000,122,664 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSIds.sys -- (NNSIDS) DRV - [2012-06-27 15:51:04 | 000,093,992 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSpicc.sys -- (NNSPICC) DRV - [2012-06-27 15:51:04 | 000,028,712 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\NNSNAHSL.sys -- (NNSNAHSL) DRV - [2012-06-27 15:51:03 | 000,120,744 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSHttp.sys -- (NNSHTTP) DRV - [2012-06-27 15:51:03 | 000,082,472 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSAlpc.sys -- (NNSALPC) DRV - [2012-01-06 17:56:06 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2012-01-06 17:56:05 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2011-10-31 19:29:43 | 000,014,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2011-10-15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011-03-10 18:04:57 | 000,046,280 | ---- | M] (Panda Security) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\PSKMAD.sys -- (PSKMAD) DRV - [2009-07-13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD400LD_S0AXJ1CPB41005&ts=1351003638 IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{C785D81D-DDD5-4FF6-B039-5800B46098C4}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD400LD_S0AXJ1CPB41005&ts=1351003638 IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD400LD_S0AXJ1CPB41005&ts=1351003638 IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?q={searchTerms} IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\..\SearchScopes\{C785D81D-DDD5-4FF6-B039-5800B46098C4}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "v9" FF - prefs.js..browser.search.order.1: "v9" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: F:\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Wiktor\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Wiktor\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: D:\Firefox\components [2012-10-27 22:20:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: D:\Firefox\plugins [2012-01-18 22:42:02 | 000,000,000 | ---D | M] [2011-10-26 17:42:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wiktor\AppData\Roaming\mozilla\Extensions [2012-10-23 17:32:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wiktor\AppData\Roaming\mozilla\Firefox\Profiles\mhtladdn.default\extensions [2012-09-21 17:10:19 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Wiktor\AppData\Roaming\mozilla\firefox\profiles\mhtladdn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [color=#E56717]========== Chrome ==========[/color] CHR - Extension: No name found = C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: No name found = C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: No name found = C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\ CHR - Extension: No name found = C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Users\Wiktor\Desktop\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe () O4 - HKLM..\Run: [PSUAMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.) O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found O4 - HKU\S-1-5-21-654460940-462179173-1475701004-1001..\Run: [GG] C:\Users\Wiktor\AppData\Local\GG\Application\gghub.exe (GG Network S.A.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Users\Wiktor\Desktop\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Users\Wiktor\Desktop\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.9.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2A7CE1A-05EB-4F3E-BDFB-BF0CCA5FDCF4}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Users\Wiktor\Desktop\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2012-05-31 13:30:51 | 000,069,414 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-11-04 15:41:52 | 000,046,280 | ---- | C] (Panda Security) -- C:\Windows\System32\drivers\PSKMAD.sys [2012-11-04 12:28:05 | 000,000,000 | ---D | C] -- C:\_OTL [2012-11-02 12:07:57 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Original War [2012-11-02 12:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Original War [2012-11-02 12:01:30 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-11-02 12:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-11-02 12:01:23 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\WinRAR [2012-11-02 11:58:44 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\Desktop\OW [2012-11-02 00:10:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus [2012-11-02 00:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security [2012-10-25 15:54:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-10-25 15:54:23 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012-10-25 15:54:12 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012-10-23 15:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Phonics, Inc [2012-10-23 15:59:16 | 000,000,000 | ---D | C] -- C:\Program Files\Audio Phonics, Inc [2012-10-23 15:58:49 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Windows\uninst.exe [2012-10-23 15:50:57 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\Desktop\AP Tuner 3.06 [2012-10-23 15:49:38 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.06 [2012-10-23 15:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.06 [2012-10-23 15:47:34 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.08 [2012-10-23 15:47:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.08 [2012-10-23 15:47:33 | 000,000,000 | ---D | C] -- C:\Program Files\AP Tuner [2012-10-23 15:43:45 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\lingot [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-11-04 15:41:43 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-11-04 15:41:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-11-04 15:41:26 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys [2012-11-04 15:35:01 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-11-04 15:12:06 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-654460940-462179173-1475701004-1001UA.job [2012-11-04 12:38:44 | 000,019,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-11-04 12:38:44 | 000,019,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-11-03 20:12:03 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-654460940-462179173-1475701004-1001Core.job [2012-11-02 19:06:53 | 000,001,060 | ---- | M] () -- C:\Users\Wiktor\Desktop\Owar — skrót.lnk [2012-11-02 18:36:12 | 000,737,242 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-11-02 18:36:12 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-11-02 18:36:12 | 000,153,930 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-11-02 18:36:12 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-11-02 10:56:29 | 000,447,880 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-11-02 01:44:57 | 000,000,000 | ---- | M] () -- C:\ProgramData\0x0304A000.sfl [2012-10-29 16:14:43 | 000,001,530 | ---- | M] () -- C:\Users\Wiktor\Desktop\WVWZZZ3BZ4E287454 — skrót.lnk [2012-10-29 16:09:50 | 000,138,369 | ---- | M] () -- C:\Users\Wiktor\Documents\WVWZZZ3BZ4E287454.PDF [2012-10-26 15:10:16 | 000,063,730 | ---- | M] () -- C:\Users\Wiktor\Desktop\wydruk.pdf [2012-10-25 15:54:04 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012-10-25 15:54:04 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2012-10-25 15:54:04 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012-10-25 15:54:04 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012-10-25 15:54:04 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012-10-25 15:54:04 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012-10-23 15:58:11 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012-10-23 15:58:11 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-10-23 15:47:27 | 001,359,867 | ---- | M] () -- C:\Users\Wiktor\Desktop\APTunerInstall308.exe [2012-10-18 20:22:26 | 000,001,687 | ---- | M] () -- C:\Users\Wiktor\Desktop\VW Passat B5 Instrukcja Obslugi PL — skrót.lnk [2012-10-18 20:22:15 | 001,649,829 | ---- | M] () -- C:\Users\Wiktor\Desktop\img274.jpg [2012-10-12 22:08:34 | 000,001,620 | ---- | M] () -- C:\Users\Wiktor\Desktop\GG dysk.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-11-02 19:06:53 | 000,001,060 | ---- | C] () -- C:\Users\Wiktor\Desktop\Owar — skrót.lnk [2012-11-02 01:44:57 | 000,000,000 | ---- | C] () -- C:\ProgramData\0x0304A000.sfl [2012-10-29 16:14:43 | 000,001,530 | ---- | C] () -- C:\Users\Wiktor\Desktop\WVWZZZ3BZ4E287454 — skrót.lnk [2012-10-29 16:14:33 | 000,138,369 | ---- | C] () -- C:\Users\Wiktor\Documents\WVWZZZ3BZ4E287454.PDF [2012-10-26 15:10:16 | 000,063,730 | ---- | C] () -- C:\Users\Wiktor\Desktop\wydruk.pdf [2012-10-23 15:58:11 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2012-10-23 15:58:11 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2012-10-23 15:47:24 | 001,359,867 | ---- | C] () -- C:\Users\Wiktor\Desktop\APTunerInstall308.exe [2012-10-18 20:22:15 | 001,649,829 | ---- | C] () -- C:\Users\Wiktor\Desktop\img274.jpg [2012-10-13 21:46:08 | 000,001,687 | ---- | C] () -- C:\Users\Wiktor\Desktop\VW Passat B5 Instrukcja Obslugi PL — skrót.lnk [2012-10-12 22:08:34 | 000,001,620 | ---- | C] () -- C:\Users\Wiktor\Desktop\GG dysk.lnk [2012-09-14 19:03:09 | 000,000,843 | ---- | C] () -- C:\Users\Wiktor\.recently-used.xbel [2012-01-23 11:34:41 | 000,000,000 | ---- | C] () -- C:\Users\Wiktor\AppData\Local\{67A54834-A65F-4D66-8988-769D4CC57BD3} [2012-01-12 14:12:42 | 000,000,000 | ---- | C] () -- C:\Users\Wiktor\AppData\Local\{66ECD9CF-F838-4B7E-AE0B-C44DC8F1C887} [2012-01-06 17:56:06 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2012-01-06 17:56:05 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2011-11-03 21:37:46 | 000,000,026 | ---- | C] () -- C:\Windows\CDEDX8400EXPORT.ini [2011-10-14 23:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2011-11-14 14:36:07 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\.minecraft [2012-02-29 19:16:17 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\e-pity [2012-06-21 22:16:04 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\Gadu-Gadu 10 [2011-11-04 21:41:52 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\GanymedeNet [2012-11-04 15:39:28 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\GG [2012-09-14 19:03:09 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\gtk-2.0 [2012-10-23 15:43:45 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\lingot [2011-10-28 14:15:30 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\LolClient [2012-05-25 13:51:03 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\LolClient2 [2012-03-04 11:48:37 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\LOVE [2012-01-21 19:06:50 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\OpenFM [2012-06-25 19:46:38 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\Panda Security [2012-02-29 18:17:54 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\Podatnik.info [2012-07-11 18:47:05 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\SPORE [2012-08-31 16:03:52 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\Sports Interactive [2012-08-31 11:32:09 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\Stellarium [color=#E56717]========== Purity Check ==========[/color] < End of report >

W tworzeniu skrypta OTL się zaciął ,poczekałem 20min ,ale nic i reset zrobiłem.

**Posty:** 18165 · przez **wojtas** 04 Lis 2012, 18:18

Uruchom OTL i w sekcji własne opcje skanowania / skrypt wklej:

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD400LD_S0AXJ1CPB41005&ts=1351003638
IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD400LD_S0AXJ1CPB41005&ts=1351003638
IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD400LD_S0AXJ1CPB41005&ts=1351003638
IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "v9"
FF - prefs.js..browser.search.order.1: "v9"

:Commands
[emptytemp]

Kliknij wykonaj skrypt. I potwierdź reset komputera .

Następnie uruchamiasz OTL z opcją skanuj. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia (zawartość notatnika, która otworzyła się po restarcie).

**Posty:** 8 · przez **Mordrago** 04 Lis 2012, 20:15

Czyszczenie

Spoiler:

Nowy log

Spoiler:

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2012-11-04 19:07:31 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wiktor\Downloads Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 65,54% Memory free 4,00 Gb Paging File | 3,17 Gb Available in Paging File | 79,33% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 29,90 Gb Total Space | 10,07 Gb Free Space | 33,68% Space Free | Partition Type: NTFS Drive D: | 58,59 Gb Total Space | 40,37 Gb Free Space | 68,91% Space Free | Partition Type: NTFS Drive E: | 136,71 Gb Total Space | 135,90 Gb Free Space | 99,41% Space Free | Partition Type: NTFS Drive F: | 147,29 Gb Total Space | 53,65 Gb Free Space | 36,43% Space Free | Partition Type: NTFS Computer Name: WIKTOR1 | User Name: Wiktor | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-654460940-462179173-1475701004-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- D:\Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "D:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "D:\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "D:\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04105286-1A63-4043-A563-9ABCC375CBEF}" = lport=10243 | protocol=6 | dir=in | app=system | "{0767D757-DF01-428F-A33E-671C318F0502}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1AE5239A-AD13-43C5-8005-6E6C8421403B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1B456917-A5FB-439D-A68C-748B4419C869}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1CE1033B-9734-43EC-8C04-224DA4316CFB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3952B527-1C16-49DC-B1C4-4E37F3DF3F7C}" = lport=137 | protocol=17 | dir=in | app=system | "{702EF616-723E-46B5-BFB1-4B7EF3A0A8B6}" = rport=139 | protocol=6 | dir=out | app=system | "{72903DDD-B3E6-4C4A-B21D-CF0B327FC931}" = rport=138 | protocol=17 | dir=out | app=system | "{78B367E2-FB5F-4509-B7D2-39ED8404B0A8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{7FB7E300-0F92-422F-B978-5BF13BEBBA20}" = lport=138 | protocol=17 | dir=in | app=system | "{82CBF990-E2E3-47C3-9860-839471ED886D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{9BCEC5D3-2D14-4EE4-A9DD-9A88659B25BA}" = rport=137 | protocol=17 | dir=out | app=system | "{AF3F74B6-67F9-4728-AA47-49AB8728D1B3}" = lport=139 | protocol=6 | dir=in | app=system | "{B6D86744-4C44-4AD8-AF49-D432DF6A58D9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{BC04EFC1-0E22-4573-9476-037CC99A86C2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C92A22D8-A93D-4295-B401-F1D68D7078B5}" = lport=2869 | protocol=6 | dir=in | app=system | "{DA1AF9F0-F536-4269-96DB-990D820998AF}" = rport=445 | protocol=6 | dir=out | app=system | "{EA994B26-FA46-4BD9-BD3D-DCC7EEB0328C}" = rport=10243 | protocol=6 | dir=out | app=system | "{EF1CCCEA-852C-4140-83CC-D30A8E8BC0BB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F22FC3F8-4877-465C-B7C6-A84F2FC3FAFB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F98D4B8B-F962-4CE2-A825-290D6F62735D}" = lport=445 | protocol=6 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02BFE5DE-1D9D-491F-8CA9-F48225DBDC81}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{111338DD-D51D-405F-B2E0-BD8D72D35140}" = protocol=6 | dir=out | app=system | "{14C6AAC4-FD02-4818-838B-2738A091C156}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{167874B7-CA3D-4162-AF61-86C4A2D1C499}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2F76EC2E-BE16-4BC9-B4EA-AC291E69C83B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{45B564AC-9542-4A42-BCFE-7B16F6141CDA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{69C5186C-1277-4071-8850-E0259C799945}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{86103342-801F-4DF0-BC72-34F836AD649B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{971B3C36-3216-4E53-8A55-34201C2C9B70}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{9A0CD79E-86E5-4FB9-8D72-B908018F5543}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{A3E71384-CC9C-41B9-B8D1-02394B734BCB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B0045250-5315-417E-AFDF-8468D063C750}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{BD542379-73CE-49C6-82A1-96EEEE2DAF3D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F4398248-AD80-4F1E-9393-BF8DA8D15C9D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{F7C679C4-365F-4E18-934C-558E8A22437D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{FE11914F-C73C-4EBF-85E3-50A3C4F55929}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0 "{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29 "{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9 "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{561ECD12-526E-4BD2-9194-5BA6A10E9986}" = Pit Pro 2011 "{670A2206-F20A-490C-8C13-25EA88BF8E54}_is1" = e-pity 2011 wersja 3.0 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{886C92E6-4AF1-4290-BB86-4B5064A1BB7D}" = AMD Dual-Core Optimizer "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C4EF133-F213-4DBD-B1C7-9466FFA1CB98}" = Panda Cloud Antivirus "{8C9DDCAA-91E1-4DAA-BC65-68BD80546B98}}_is1" = PIT-OPP 2011 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.11.0621 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.5.20 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = Wiedźmin 2 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Age of Wonders - Magia Cienia" = Age of Wonders - Magia Cienia "Age of Wonders - Tron Czarnoksiężnika" = Age of Wonders - Tron Czarnoksiężnika "AP Guitar Tuner 1.02" = AP Guitar Tuner 1.02 "AP Tuner 3.06" = AP Tuner 3.06 "AP Tuner 3.08" = AP Tuner 3.08 "ENTERPRISE" = Microsoft Office Enterprise 2007 "EPSON Printer and Utilities" = Oprogramowanie drukarki EPSON "EPSON Scanner" = EPSON Scan "Gadu-Gadu 10" = Gadu-Gadu 10 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "GameSpy Arcade" = GameSpy Arcade "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Mozilla Firefox 16.0.2 (x86 pl)" = Mozilla Firefox 16.0.2 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Original War" = Original War "Panda Universal Agent Endpoint" = Panda Cloud Antivirus "PIT Format 2011_is1" = PIT Format 2011 "Roczne rozliczenie podatku dochodowego - PIT 2011_is1" = Program Pit 2011 - wersja 5.0.0.19 "StarCraft II" = StarCraft II "Steam App 10540" = Football Manager 2009 "Steam App 107110" = Bastion - Demo "Stellarium_is1" = Stellarium 0.11.4 "vShare.tv plugin" = vShare.tv plugin 1.3 "Winamp" = Winamp "WinGimp-2.0_is1" = GIMP 2.6.12-2 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-654460940-462179173-1475701004-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG "Google Chrome" = Google Chrome "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-11-02 12:17:46 | Computer Name = Wiktor1 | Source = Application Hang | ID = 1002 Description = Program PSUNMain.exe w wersji 4.0.0.560 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 17b4 Godzina rozpoczęcia: 01cdb9153fb32040 Godzina zakończenia: 259 Ścieżka aplikacji: C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe Identyfikator raportu: 9d44efb9-2508-11e2-a748-001a4d9e2380 [ System Events ] Error - 2012-05-31 06:13:48 | Computer Name = Wiktor1 | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 12:11:25 na ?2012-?05-?31 było nieoczekiwane. Error - 2012-05-31 11:07:47 | Computer Name = Wiktor1 | Source = Service Control Manager | ID = 7023 Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie; wystąpił następujący błąd: %%-2147014847 Error - 2012-05-31 11:32:07 | Computer Name = Wiktor1 | Source = Service Control Manager | ID = 7023 Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie; wystąpił następujący błąd: %%-2147014847 Error - 2012-06-01 15:55:33 | Computer Name = Wiktor1 | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 21:54:03 na ?2012-?06-?01 było nieoczekiwane. < End of report >

Spoiler:

Kod: Zaznacz wszystko: OTL logfile created on: 2012-11-04 19:07:31 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wiktor\Downloads Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 65,54% Memory free 4,00 Gb Paging File | 3,17 Gb Available in Paging File | 79,33% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 29,90 Gb Total Space | 10,07 Gb Free Space | 33,68% Space Free | Partition Type: NTFS Drive D: | 58,59 Gb Total Space | 40,37 Gb Free Space | 68,91% Space Free | Partition Type: NTFS Drive E: | 136,71 Gb Total Space | 135,90 Gb Free Space | 99,41% Space Free | Partition Type: NTFS Drive F: | 147,29 Gb Total Space | 53,65 Gb Free Space | 36,43% Space Free | Partition Type: NTFS Computer Name: WIKTOR1 | User Name: Wiktor | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-11-04 11:19:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Wiktor\Downloads\OTL.exe PRC - [2012-10-27 22:20:57 | 000,917,984 | ---- | M] (Mozilla Corporation) -- D:\Firefox\firefox.exe PRC - [2012-08-26 11:14:37 | 000,036,640 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe PRC - [2012-08-26 11:14:04 | 000,037,152 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe PRC - [2012-08-26 10:41:30 | 000,140,064 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe PRC - [2011-10-15 09:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2011-10-15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2011-10-14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-10-27 22:20:57 | 002,295,264 | ---- | M] () -- D:\Firefox\mozjs.dll MOD - [2011-10-14 23:54:26 | 000,265,536 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2012-10-27 22:20:57 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-08-26 11:14:37 | 000,036,640 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe -- (PSUAService) SRV - [2012-08-26 10:41:30 | 000,140,064 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain) SRV - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Users\Wiktor\Desktop\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-10-14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011-03-16 09:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2012-08-26 10:46:12 | 000,121,384 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINProt.sys -- (PSINProt) DRV - [2012-08-26 10:46:11 | 000,114,728 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINProc.sys -- (PSINProc) DRV - [2012-08-26 10:45:33 | 000,175,144 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\PSINKNC.sys -- (PSINKNC) DRV - [2012-08-26 10:45:33 | 000,149,032 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINAflt.sys -- (PSINAflt) DRV - [2012-08-26 10:45:33 | 000,104,488 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINFile.sys -- (PSINFile) DRV - [2012-07-12 11:18:32 | 000,206,632 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSStrm.sys -- (NNSSTRM) DRV - [2012-06-27 15:51:07 | 000,092,840 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNStlsc.sys -- (NNSTLSC) DRV - [2012-06-27 15:51:06 | 000,286,376 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSProt.sys -- (NNSPROT) DRV - [2012-06-27 15:51:06 | 000,153,000 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSPrv.sys -- (NNSPRV) DRV - [2012-06-27 15:51:06 | 000,106,536 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSSmtp.sys -- (NNSSMTP) DRV - [2012-06-27 15:51:05 | 000,104,104 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSPop3.sys -- (NNSPOP3) DRV - [2012-06-27 15:51:05 | 000,060,968 | ---- | M] (Panda Security, S.L.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\NNSPihsw.sys -- (NNSPIHSW) DRV - [2012-06-27 15:51:04 | 000,122,664 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSIds.sys -- (NNSIDS) DRV - [2012-06-27 15:51:04 | 000,093,992 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSpicc.sys -- (NNSPICC) DRV - [2012-06-27 15:51:04 | 000,028,712 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\NNSNAHSL.sys -- (NNSNAHSL) DRV - [2012-06-27 15:51:03 | 000,120,744 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSHttp.sys -- (NNSHTTP) DRV - [2012-06-27 15:51:03 | 000,082,472 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSAlpc.sys -- (NNSALPC) DRV - [2012-01-06 17:56:06 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2012-01-06 17:56:05 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2011-10-31 19:29:43 | 000,014,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2011-10-15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011-03-10 18:04:57 | 000,046,280 | ---- | M] (Panda Security) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PSKMAD.sys -- (PSKMAD) DRV - [2009-07-13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{C785D81D-DDD5-4FF6-B039-5800B46098C4}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\..\SearchScopes\{C785D81D-DDD5-4FF6-B039-5800B46098C4}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-654460940-462179173-1475701004-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-654460940-462179173-1475701004-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-654460940-462179173-1475701004-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-654460940-462179173-1475701004-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: F:\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Wiktor\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Wiktor\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: D:\Firefox\components [2012-10-27 22:20:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: D:\Firefox\plugins [2012-01-18 22:42:02 | 000,000,000 | ---D | M] [2011-10-26 17:42:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wiktor\AppData\Roaming\mozilla\Extensions [2012-10-23 17:32:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wiktor\AppData\Roaming\mozilla\Firefox\Profiles\mhtladdn.default\extensions [2012-09-21 17:10:19 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Wiktor\AppData\Roaming\mozilla\firefox\profiles\mhtladdn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [color=#E56717]========== Chrome ==========[/color] CHR - Extension: No name found = C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: No name found = C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: No name found = C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\ CHR - Extension: No name found = C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Users\Wiktor\Desktop\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe () O4 - HKLM..\Run: [PSUAMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.) O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found O4 - HKU\S-1-5-21-654460940-462179173-1475701004-1001..\Run: [GG] C:\Users\Wiktor\AppData\Local\GG\Application\gghub.exe (GG Network S.A.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-654460940-462179173-1475701004-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Users\Wiktor\Desktop\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Users\Wiktor\Desktop\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.9.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2A7CE1A-05EB-4F3E-BDFB-BF0CCA5FDCF4}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Users\Wiktor\Desktop\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2012-05-31 13:30:51 | 000,069,414 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-11-04 15:41:52 | 000,046,280 | ---- | C] (Panda Security) -- C:\Windows\System32\drivers\PSKMAD.sys [2012-11-04 12:28:05 | 000,000,000 | ---D | C] -- C:\_OTL [2012-11-02 12:07:57 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Original War [2012-11-02 12:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Original War [2012-11-02 12:01:30 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-11-02 12:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-11-02 12:01:23 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\WinRAR [2012-11-02 11:58:44 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\Desktop\OW [2012-11-02 00:10:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus [2012-11-02 00:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security [2012-10-25 15:54:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-10-25 15:54:23 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012-10-25 15:54:12 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012-10-23 15:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Phonics, Inc [2012-10-23 15:59:16 | 000,000,000 | ---D | C] -- C:\Program Files\Audio Phonics, Inc [2012-10-23 15:58:49 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Windows\uninst.exe [2012-10-23 15:50:57 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\Desktop\AP Tuner 3.06 [2012-10-23 15:49:38 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.06 [2012-10-23 15:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.06 [2012-10-23 15:47:34 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.08 [2012-10-23 15:47:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.08 [2012-10-23 15:47:33 | 000,000,000 | ---D | C] -- C:\Program Files\AP Tuner [2012-10-23 15:43:45 | 000,000,000 | ---D | C] -- C:\Users\Wiktor\AppData\Roaming\lingot [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-11-04 19:05:21 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-11-04 19:05:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-11-04 19:05:02 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys [2012-11-04 18:35:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-11-04 18:12:01 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-654460940-462179173-1475701004-1001UA.job [2012-11-04 15:50:18 | 000,019,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-11-04 15:50:18 | 000,019,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-11-03 20:12:03 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-654460940-462179173-1475701004-1001Core.job [2012-11-02 19:06:53 | 000,001,060 | ---- | M] () -- C:\Users\Wiktor\Desktop\Owar — skrót.lnk [2012-11-02 18:36:12 | 000,737,242 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-11-02 18:36:12 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-11-02 18:36:12 | 000,153,930 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-11-02 18:36:12 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-11-02 10:56:29 | 000,447,880 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-11-02 01:44:57 | 000,000,000 | ---- | M] () -- C:\ProgramData\0x0304A000.sfl [2012-10-29 16:14:43 | 000,001,530 | ---- | M] () -- C:\Users\Wiktor\Desktop\WVWZZZ3BZ4E287454 — skrót.lnk [2012-10-29 16:09:50 | 000,138,369 | ---- | M] () -- C:\Users\Wiktor\Documents\WVWZZZ3BZ4E287454.PDF [2012-10-26 15:10:16 | 000,063,730 | ---- | M] () -- C:\Users\Wiktor\Desktop\wydruk.pdf [2012-10-25 15:54:04 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012-10-25 15:54:04 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2012-10-25 15:54:04 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012-10-25 15:54:04 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012-10-25 15:54:04 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012-10-25 15:54:04 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012-10-23 15:58:11 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012-10-23 15:58:11 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-10-23 15:47:27 | 001,359,867 | ---- | M] () -- C:\Users\Wiktor\Desktop\APTunerInstall308.exe [2012-10-18 20:22:26 | 000,001,687 | ---- | M] () -- C:\Users\Wiktor\Desktop\VW Passat B5 Instrukcja Obslugi PL — skrót.lnk [2012-10-18 20:22:15 | 001,649,829 | ---- | M] () -- C:\Users\Wiktor\Desktop\img274.jpg [2012-10-12 22:08:34 | 000,001,620 | ---- | M] () -- C:\Users\Wiktor\Desktop\GG dysk.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-11-02 19:06:53 | 000,001,060 | ---- | C] () -- C:\Users\Wiktor\Desktop\Owar — skrót.lnk [2012-11-02 01:44:57 | 000,000,000 | ---- | C] () -- C:\ProgramData\0x0304A000.sfl [2012-10-29 16:14:43 | 000,001,530 | ---- | C] () -- C:\Users\Wiktor\Desktop\WVWZZZ3BZ4E287454 — skrót.lnk [2012-10-29 16:14:33 | 000,138,369 | ---- | C] () -- C:\Users\Wiktor\Documents\WVWZZZ3BZ4E287454.PDF [2012-10-26 15:10:16 | 000,063,730 | ---- | C] () -- C:\Users\Wiktor\Desktop\wydruk.pdf [2012-10-23 15:58:11 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2012-10-23 15:58:11 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2012-10-23 15:47:24 | 001,359,867 | ---- | C] () -- C:\Users\Wiktor\Desktop\APTunerInstall308.exe [2012-10-18 20:22:15 | 001,649,829 | ---- | C] () -- C:\Users\Wiktor\Desktop\img274.jpg [2012-10-13 21:46:08 | 000,001,687 | ---- | C] () -- C:\Users\Wiktor\Desktop\VW Passat B5 Instrukcja Obslugi PL — skrót.lnk [2012-10-12 22:08:34 | 000,001,620 | ---- | C] () -- C:\Users\Wiktor\Desktop\GG dysk.lnk [2012-09-14 19:03:09 | 000,000,843 | ---- | C] () -- C:\Users\Wiktor\.recently-used.xbel [2012-01-23 11:34:41 | 000,000,000 | ---- | C] () -- C:\Users\Wiktor\AppData\Local\{67A54834-A65F-4D66-8988-769D4CC57BD3} [2012-01-12 14:12:42 | 000,000,000 | ---- | C] () -- C:\Users\Wiktor\AppData\Local\{66ECD9CF-F838-4B7E-AE0B-C44DC8F1C887} [2012-01-06 17:56:06 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2012-01-06 17:56:05 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2011-11-03 21:37:46 | 000,000,026 | ---- | C] () -- C:\Windows\CDEDX8400EXPORT.ini [2011-10-14 23:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2011-11-14 14:36:07 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\.minecraft [2012-02-29 19:16:17 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\e-pity [2012-06-21 22:16:04 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\Gadu-Gadu 10 [2011-11-04 21:41:52 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\GanymedeNet [2012-11-04 19:06:14 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\GG [2012-09-14 19:03:09 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\gtk-2.0 [2012-10-23 15:43:45 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\lingot [2011-10-28 14:15:30 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\LolClient [2012-05-25 13:51:03 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\LolClient2 [2012-03-04 11:48:37 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\LOVE [2012-01-21 19:06:50 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\OpenFM [2012-06-25 19:46:38 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\Panda Security [2012-02-29 18:17:54 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\Podatnik.info [2012-07-11 18:47:05 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\SPORE [2012-08-31 16:03:52 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\Sports Interactive [2012-08-31 11:32:09 | 000,000,000 | ---D | M] -- C:\Users\Wiktor\AppData\Roaming\Stellarium [color=#E56717]========== Purity Check ==========[/color]

Podczas skanowania jakiś błąd mi się wyświetla.

**Posty:** 18165 · przez **wojtas** 04 Lis 2012, 20:22

*Uruchom OTL z opcji sprzątanie.
* wykonaj optymalizację Windowsa ( instrukcja dla Windowsa XP, lecz w innych systemach jest podobnie )
* zrób pełny skan Malwarebytes Anti-Malware (zaktualizuj, gdy coś znajdzie pokaż raport, i usuń wszystko to czego nie znasz za pomocą tego programu )
* wykonaj kroki finalizujące temat

napisz jak sytuacja

**Posty:** 8 · przez **Mordrago** 04 Lis 2012, 22:18

Optymalizacja była dość prosta bo często to robię ,gdy coś nowego instaluje ,ale nie wiem co to jest(więc nie odhaczyłem) :
-sync_tsc Application
-ROC_roc_ssl_v12

**Posty:** 18165 · przez **wojtas** 04 Lis 2012, 22:38

to drugie na pewno możesz odznaczyć, tego pierwszego nie znam

**Posty:** 8 · przez **Mordrago** 04 Lis 2012, 22:44

Po optymalizacji coś mi komputer zamula.

Dodano Dzisiaj, 21:55:
Do tego dysk F jest NTFS, nieudostępniony . O co chodzi? Jest napisane ,ze nie mam uprawnień. Dodam ,zę przerwałem sprawdzanie błędów bo nie miałem czasu.

**Posty:** 18165 · przez **wojtas** 04 Lis 2012, 23:05

jak nie udostępniony ? jakiś screen z błędu ?
robiłeś reset kompa?

**Posty:** 8 · przez **Mordrago** 04 Lis 2012, 23:10

Reste komputera pomógł. Jutro dokończę wszystko robić ,bo teraz musiałem skanowanie przerwać aby kompa zresetować.

Dodano Dzisiaj, 23:08:

Spoiler:

Dodano Dzisiaj, 15:47:
Wszystko zrobione

**Posty:** 18165 · przez **wojtas** 05 Lis 2012, 21:48

jak sytuacja

**Posty:** 8 · przez **Mordrago** 06 Lis 2012, 15:24

Jakoś nie wodze ,aby coś się działo(chodzi normalnie nie zamula) chociaż wczoraj około 23 coś ze sterownikiem monitora się stało.

Kto jest na forum