Jackaal utworzono 27 listopada 2011 utworzono 27 listopada 2011 Dlatego też proszę o sprawdzenie logów. OTL [log]OTL logfile created on: 2011-11-21 20:02:56 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Marek\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 71,53% Memory free 8,00 Gb Paging File | 6,75 Gb Available in Paging File | 84,42% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 231,29 Gb Total Space | 194,55 Gb Free Space | 84,12% Space Free | Partition Type: NTFS Drive D: | 234,37 Gb Total Space | 187,28 Gb Free Space | 79,90% Space Free | Partition Type: NTFS Computer Name: MAREK-KOMPUTER | User Name: Marek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-11-21 10:58:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Marek\Desktop\OTL.exe PRC - [2011-11-19 01:23:30 | 000,189,248 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe PRC - [2011-11-19 01:23:19 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011-11-05 08:31:55 | 000,924,632 | ---- | M] (Mozilla Corporation) -- D:\Programy\Firefox\firefox.exe PRC - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-10-15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011-06-29 09:29:44 | 000,217,256 | ---- | M] (Panda Security) -- C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe PRC - [2011-06-09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe PRC - [2011-04-28 14:01:20 | 000,439,616 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe PRC - [2011-04-28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch] PRC - [2009-04-30 10:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe PRC - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- D:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-11-21 10:58:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Marek\Desktop\OTL.exe MOD - [2011-11-05 08:31:56 | 015,789,016 | ---- | M] (Mozilla Foundation) -- D:\Programy\Firefox\xul.dll MOD - [2011-11-05 08:31:56 | 001,989,592 | ---- | M] () -- D:\Programy\Firefox\mozjs.dll MOD - [2011-11-05 08:31:56 | 000,801,752 | ---- | M] (sqlite.org) -- D:\Programy\Firefox\mozsqlite3.dll MOD - [2011-11-05 08:31:56 | 000,719,832 | ---- | M] (Mozilla Foundation) -- D:\Programy\Firefox\mozcrt19.dll MOD - [2011-11-05 08:31:56 | 000,719,832 | ---- | M] (Mozilla Foundation) -- D:\Programy\Firefox\mozcpp19.dll MOD - [2011-11-05 08:31:56 | 000,646,104 | ---- | M] (Mozilla Foundation) -- D:\Programy\Firefox\nss3.dll MOD - [2011-11-05 08:31:56 | 000,371,672 | ---- | M] (Mozilla Foundation) -- D:\Programy\Firefox\nssckbi.dll MOD - [2011-11-05 08:31:56 | 000,183,256 | ---- | M] (Mozilla Foundation) -- D:\Programy\Firefox\nspr4.dll MOD - [2011-11-05 08:31:56 | 000,166,872 | ---- | M] (Mozilla Foundation) -- D:\Programy\Firefox\softokn3.dll MOD - [2011-11-05 08:31:56 | 000,142,296 | ---- | M] (Mozilla Foundation) -- D:\Programy\Firefox\ssl3.dll MOD - [2011-11-05 08:31:56 | 000,134,104 | ---- | M] (Mozilla Foundation) -- D:\Programy\Firefox\components\browsercomps.dll MOD - [2011-11-05 08:31:56 | 000,109,528 | ---- | M] (Mozilla Foundation) -- D:\Programy\Firefox\smime3.dll MOD - [2011-11-05 08:31:56 | 000,105,432 | ---- | M] (Mozilla Foundation) -- D:\Programy\Firefox\nssdbm3.dll MOD - [2011-11-05 08:31:56 | 000,089,048 | ---- | M] (Mozilla Foundation) -- D:\Programy\Firefox\nssutil3.dll MOD - [2011-11-05 08:31:56 | 000,021,464 | ---- | M] (Mozilla Foundation) -- D:\Programy\Firefox\plc4.dll MOD - [2011-11-05 08:31:56 | 000,020,440 | ---- | M] (Mozilla Foundation) -- D:\Programy\Firefox\plds4.dll MOD - [2011-11-05 08:31:56 | 000,019,416 | ---- | M] (Mozilla Foundation) -- D:\Programy\Firefox\xpcom.dll MOD - [2011-11-05 08:31:56 | 000,015,832 | ---- | M] (Mozilla Foundation) -- D:\Programy\Firefox\mozalloc.dll MOD - [2011-11-05 08:31:55 | 000,924,632 | ---- | M] (Mozilla Corporation) -- D:\Programy\Firefox\firefox.exe MOD - [2011-11-05 08:31:55 | 000,269,272 | ---- | M] (Mozilla Foundation) -- D:\Programy\Firefox\freebl3.dll MOD - [2011-10-15 09:53:00 | 007,041,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvwgf2um.dll MOD - [2011-10-15 09:53:00 | 002,458,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll MOD - [2011-10-15 00:54:42 | 000,154,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll MOD - [2011-10-15 00:54:36 | 000,576,832 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll MOD - [2011-10-15 00:54:26 | 000,265,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2011-08-27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2011-08-20 05:31:05 | 000,981,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2011-08-20 05:30:51 | 001,231,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2011-08-20 05:26:56 | 002,073,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2011-07-16 05:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2011-07-16 05:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2011-06-29 09:29:46 | 000,310,440 | ---- | M] (Panda Security) -- C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.dll MOD - [2011-06-29 09:29:44 | 000,217,256 | ---- | M] (Panda Security) -- C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe MOD - [2011-06-09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe MOD - [2011-05-24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2011-05-24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2011-05-11 10:37:18 | 000,938,824 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNTrayBar.dll MOD - [2011-05-03 09:24:59 | 000,107,840 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNConfigStore.dll MOD - [2011-04-28 14:01:22 | 001,832,256 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNResources.dll MOD - [2011-04-28 14:01:20 | 000,439,616 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe MOD - [2011-04-28 14:00:53 | 000,147,264 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNCtrl.bpl MOD - [2011-04-28 14:00:34 | 000,111,936 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSNCIPC.dll MOD - [2011-04-28 14:00:34 | 000,041,280 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSNCGP.dll MOD - [2011-04-28 13:58:54 | 000,036,672 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANLang.dll MOD - [2011-03-03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll MOD - [2011-01-17 06:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll MOD - [2010-11-20 13:24:35 | 001,292,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2010-11-20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2010-11-20 13:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll MOD - [2010-11-20 13:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2010-11-20 13:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2010-11-20 13:21:36 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2010-11-20 13:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2010-11-20 13:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2010-11-20 13:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2010-11-20 13:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll MOD - [2010-11-20 13:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2010-11-20 13:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2010-11-20 13:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2010-11-20 13:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2010-11-20 13:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2010-11-20 13:21:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2010-11-20 13:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2010-11-20 13:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll MOD - [2010-11-20 13:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll MOD - [2010-11-20 13:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2010-11-20 13:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010-11-20 13:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2010-11-20 13:20:46 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll MOD - [2010-11-20 13:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll MOD - [2010-11-20 13:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2010-11-20 13:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll MOD - [2010-11-20 13:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll MOD - [2010-11-20 13:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2010-11-20 13:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll MOD - [2010-11-20 13:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2010-11-20 13:19:21 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll MOD - [2010-11-20 13:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL MOD - [2010-11-20 13:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll MOD - [2010-11-20 13:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll MOD - [2010-11-20 13:18:35 | 001,076,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll MOD - [2010-11-20 13:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll MOD - [2010-11-20 13:18:25 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll MOD - [2010-11-20 13:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll MOD - [2010-11-20 13:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll MOD - [2010-11-20 13:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2010-11-20 13:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2010-11-20 13:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll MOD - [2010-11-20 13:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2010-11-20 13:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2010-11-20 13:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2010-11-20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2010-11-20 13:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2010-11-20 13:08:57 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2010-11-20 13:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2010-11-20 13:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2010-11-20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-11-20 12:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll MOD - [2010-11-05 02:58:01 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll MOD - [2010-11-05 02:58:00 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll MOD - [2010-11-05 02:53:44 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll MOD - [2009-07-14 02:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2009-07-14 02:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll MOD - [2009-07-14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2008-11-20 11:02:54 | 001,007,104 | ---- | M] (CodeGear) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\CC3290MT.DLL MOD - [2008-11-20 11:02:04 | 000,032,256 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\BORLNDMM.DLL MOD - [2008-11-20 11:00:04 | 000,209,408 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\vclx120.bpl MOD - [2008-11-20 10:10:27 | 001,995,776 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\vcl120.bpl MOD - [2008-11-20 10:09:38 | 001,095,168 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\rtl120.bpl [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011-11-19 01:23:30 | 000,189,248 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB) SRV - [2011-11-19 01:23:19 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011-11-18 08:21:28 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_d768ebc.dll -- (Akamai) SRV - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-10-15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011-04-28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-04-30 10:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service) SRV - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- D:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011-11-17 06:41:09 | 000,530,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2011-08-01 12:23:26 | 000,160,520 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINAflt.sys -- (PSINAflt) DRV:[b]64bit:[/b] - [2011-07-08 00:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2011-04-28 13:57:43 | 000,128,072 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProt.sys -- (PSINProt) DRV:[b]64bit:[/b] - [2011-04-28 13:57:43 | 000,121,928 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProc.sys -- (PSINProc) DRV:[b]64bit:[/b] - [2011-04-28 13:57:42 | 000,149,576 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PSINKNC.sys -- (PSINKNC) DRV:[b]64bit:[/b] - [2011-04-28 13:57:42 | 000,114,760 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINFile.sys -- (PSINFile) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2010-03-04 11:26:58 | 000,349,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET) DRV:[b]64bit:[/b] - [2009-11-19 14:06:43 | 000,158,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM) DRV:[b]64bit:[/b] - [2009-11-19 14:06:43 | 000,137,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039obex.sys -- (s1039obex) DRV:[b]64bit:[/b] - [2009-11-19 14:06:43 | 000,034,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS) DRV:[b]64bit:[/b] - [2009-11-19 14:06:41 | 000,141,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM) DRV:[b]64bit:[/b] - [2009-11-19 14:06:40 | 000,161,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mdm.sys -- (s1039mdm) DRV:[b]64bit:[/b] - [2009-11-19 14:06:39 | 000,019,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mdfl.sys -- (s1039mdfl) DRV:[b]64bit:[/b] - [2009-11-19 14:06:38 | 000,127,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-04-29 15:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2051360708-1362032112-474736384-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-2051360708-1362032112-474736384-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "Wyszukiwanie filmĂłw wideo w YouTube" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: C:\Program Files (x86)\Ad Muncher\FirefoxExtension_2.0 [2011-07-29 18:05:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\Programy\Firefox\components [2011-11-14 14:38:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: D:\Programy\Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: C:\Program Files (x86)\Ad Muncher\FirefoxExtension_2.0 [2011-07-29 18:05:08 | 000,000,000 | ---D | M] [2011-11-14 14:39:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marek\AppData\Roaming\mozilla\Extensions [2011-11-21 12:09:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\tza5haq8.default\extensions [2011-11-14 15:02:18 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\tza5haq8.default\extensions\battlefieldheroespatcher@ea.com [2011-11-14 19:38:21 | 000,001,597 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\tza5haq8.default\searchplugins\the-pirate-bay.xml [2011-11-17 06:49:05 | 000,002,075 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\tza5haq8.default\searchplugins\wyszukiwanie-filmw-wideo-w-youtube.xml O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll File not found O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll File not found O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security) O4 - HKLM..\Run: [PSUNMain] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2051360708-1362032112-474736384-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-2051360708-1362032112-474736384-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-2051360708-1362032112-474736384-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:[b]64bit:[/b] - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_frame File not found O8:[b]64bit:[/b] - Extra context menu item: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_image File not found O8:[b]64bit:[/b] - Extra context menu item: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_link File not found O8:[b]64bit:[/b] - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_exclude File not found O8:[b]64bit:[/b] - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_report File not found O8 - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_frame File not found O8 - Extra context menu item: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_image File not found O8 - Extra context menu item: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_link File not found O8 - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_exclude File not found O8 - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_report File not found O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.53.2.cab (Battlefield Play4Free Updater) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97341622-6F0B-4537-A64C-A77C4A2F5054}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (c:\windows\syswow64\userinit.exe) -c:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{27cf2389-db83-11e0-b094-1c6f65b0936e}\Shell - "" = AutoRun O33 - MountPoints2\{27cf2389-db83-11e0-b094-1c6f65b0936e}\Shell\AutoRun\command - "" = F:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpReg: [b]Ad Muncher[/b] - hkey= - key= - C:\Program Files (x86)\Ad Muncher\AdMunch.exe (Murray Hurps Corp Pty Ltd) MsConfig:64bit - StartUpReg: [b]Akamai NetSession Interface[/b] - hkey= - key= - C:\Users\Marek\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) MsConfig:64bit - StartUpReg: [b]avast[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]Gadu-Gadu 10[/b] - hkey= - key= - C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) MsConfig:64bit - StartUpReg: [b]RtHDVCpl[/b] - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) MsConfig:64bit - StartUpReg: [b]Sony Ericsson PC Companion[/b] - hkey= - key= - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-11-21 16:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2011-11-21 15:50:41 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Local\PMB Files [2011-11-21 15:50:40 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2011-11-21 15:50:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2011-11-21 10:58:10 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Marek\Desktop\OTL.exe [2011-11-19 11:36:05 | 000,000,000 | ---D | C] -- C:\Users\Marek\riotsGamesLogs [2011-11-19 11:35:43 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\LolClient [2011-11-19 01:43:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2011-11-19 01:41:20 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011-11-19 01:41:20 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011-11-19 01:33:59 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2011-11-19 01:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011-11-19 01:33:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011-11-19 01:33:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2011-11-19 01:28:21 | 000,000,000 | ---D | C] -- C:\Users\Marek\Documents\Battlefield 3 [2011-11-19 00:46:26 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller [2011-11-17 17:19:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft [2011-11-17 16:26:36 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\PunkBuster [2011-11-17 16:25:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft [2011-11-17 16:13:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120% [2011-11-17 16:13:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Franzis [2011-11-17 14:36:18 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro [2011-11-17 06:48:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2011-11-15 12:12:43 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\Real [2011-11-15 10:22:01 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\BESTplayer [2011-11-15 09:08:03 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\uTorrent [2011-11-15 09:08:03 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Local\uTorrent [2011-11-14 18:24:12 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Local\Akamai [2011-11-14 18:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai [2011-11-14 15:20:11 | 000,000,000 | ---D | C] -- C:\Users\Marek\Documents\Battlefield Heroes [2011-11-14 14:52:30 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\Panda Security [2011-11-14 14:52:10 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Local\panda2_0dn [2011-11-14 14:52:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security URL Filtering [2011-11-14 14:51:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus [2011-11-14 14:51:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security [2011-11-14 14:51:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security [2011-11-14 14:51:41 | 000,000,000 | ---D | C] -- C:\temp [2011-11-14 14:39:11 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\Mozilla [2011-11-14 14:39:11 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Local\Mozilla [2011-09-10 10:39:29 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe5487.dll [2 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Marek\*.tmp files -> C:\Users\Marek\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-11-21 16:46:38 | 000,000,963 | ---- | M] () -- C:\Users\Public\Desktop\Graj w League of Legends.lnk [2011-11-21 12:26:33 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-11-21 12:26:33 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-11-21 12:25:21 | 001,663,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011-11-21 12:25:21 | 000,737,942 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2011-11-21 12:25:21 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011-11-21 12:25:21 | 000,154,630 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2011-11-21 12:25:21 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011-11-21 12:19:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-11-21 12:19:01 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys [2011-11-21 10:58:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Marek\Desktop\OTL.exe [2011-11-19 01:28:10 | 000,000,961 | ---- | M] () -- C:\Users\Marek\Desktop\Battlefield 3.lnk [2011-11-19 01:23:30 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011-11-19 01:23:20 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2011-11-19 01:23:19 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011-11-17 17:19:32 | 000,000,737 | ---- | M] () -- C:\Users\Marek\Desktop\Assassin's Creed Brotherhood.lnk [2011-11-17 16:38:35 | 000,000,000 | ---- | M] () -- C:\0x0304A000.sfl [2011-11-17 16:13:46 | 000,000,667 | ---- | M] () -- C:\Users\Public\Desktop\Alcohol 120%.lnk [2011-11-17 06:46:40 | 000,000,124 | ---- | M] () -- C:\Users\Marek\Documents\ax_files.xml [2011-11-17 06:41:09 | 000,530,488 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys [2011-11-16 19:45:34 | 000,270,240 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011-11-14 14:52:04 | 000,000,276 | ---- | M] () -- C:\Windows\SysNative\PSUNCpl.dat [2011-10-31 23:34:49 | 000,292,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011-10-15 09:53:00 | 000,068,928 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011-10-15 09:53:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011-10-15 09:53:00 | 000,007,384 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2011-10-15 00:54:52 | 000,321,856 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe [2011-10-10 16:42:55 | 002,580,552 | R--- | M] () -- C:\Windows\SysWow64\pbsvc.exe [2011-10-05 16:59:18 | 001,638,614 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Marek\*.tmp files -> C:\Users\Marek\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-11-21 16:46:38 | 000,000,963 | ---- | C] () -- C:\Users\Public\Desktop\Graj w League of Legends.lnk [2011-11-19 00:49:36 | 000,000,961 | ---- | C] () -- C:\Users\Marek\Desktop\Battlefield 3.lnk [2011-11-19 00:24:35 | 002,580,552 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011-11-17 17:19:32 | 000,000,737 | ---- | C] () -- C:\Users\Marek\Desktop\Assassin's Creed Brotherhood.lnk [2011-11-17 16:38:35 | 000,000,000 | ---- | C] () -- C:\0x0304A000.sfl [2011-11-17 16:13:46 | 000,000,667 | ---- | C] () -- C:\Users\Public\Desktop\Alcohol 120%.lnk [2011-11-17 06:46:40 | 000,000,124 | ---- | C] () -- C:\Users\Marek\Documents\ax_files.xml [2011-11-17 06:41:09 | 000,530,488 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys [2011-11-14 14:52:04 | 000,000,276 | ---- | C] () -- C:\Windows\SysNative\PSUNCpl.dat [2011-10-15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011-07-29 20:39:58 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011-07-29 20:39:53 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011-07-28 22:42:43 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys [2011-07-28 22:23:46 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011-07-28 22:23:46 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011-07-28 22:23:46 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011-07-28 22:19:29 | 001,638,614 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-07-28 21:56:27 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2009-08-27 08:04:12 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe [2009-07-14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009-07-14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009-07-14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009-06-10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [color=#E56717]========== LOP Check ==========[/color] [2011-07-29 17:18:06 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Ashampoo [2011-11-15 10:22:18 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\BESTplayer [2011-07-29 16:32:09 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Foxit Software [2011-07-28 22:09:46 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\FTWeak [2011-11-18 17:14:37 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Gadu-Gadu 10 [2011-11-19 11:35:43 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\LolClient [2011-08-02 11:19:05 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Need for Speed World [2011-08-22 21:17:27 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\OpenFM [2011-07-28 22:11:19 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\OpenOffice.ux.pl [2011-11-14 14:52:30 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Panda Security [2011-11-17 16:26:36 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\PunkBuster [2011-09-10 10:38:59 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Sony [2011-09-10 10:38:59 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Sony Setup [2011-11-21 11:07:36 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\uTorrent [2011-09-27 15:21:31 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-11-17 16:38:35 | 000,000,000 | ---- | M] () -- C:\0x0304A000.sfl [2011-11-21 12:19:01 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys [2011-11-21 12:19:03 | 4293,386,240 | -HS- | M] () -- C:\pagefile.sys [2 C:\*.tmp files -> C:\*.tmp -> ] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys [2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2010-11-20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys [2010-11-20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010-11-20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010-11-20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009-10-28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < End of report > [/log] RSIT log [log]Logfile of random's system information tool 1.09 (written by random/random) Run by Marek at 2011-11-21 20:08:54 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 199 GB (84%) free of 237 GB Total RAM: 4094 MB (66% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:08:59, on 2011-11-21 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe D:\Programy\Firefox\firefox.exe D:\Programy\Firefox\plugin-container.exe C:\Users\Marek\Desktop\RSIT.exe C:\Program Files (x86)\trend micro\Marek.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=c:\windows\syswow64\userinit.exe, O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar O4 - HKLM\..\Run: [Panda Security URL Filtering] "C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-21-2051360708-1362032112-474736384-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2051360708-1362032112-474736384-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_frame O8 - Extra context menu item: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_image O8 - Extra context menu item: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_link O8 - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_exclude O8 - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_report O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.53.2.cab O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7566 bytes =========Mozilla firefox========= ProfilePath - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\tza5haq8.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "http://www.google.pl/" "{3ED591BC-7CC7-495B-A526-B2431356EDC1}"=C:\Program Files (x86)\Ad Muncher\FirefoxExtension_2.0 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 10.1 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf] "Description"= "Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin] "Description"=This plugin detects and launches Pando Media Booster "Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448] "Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In "Path"=C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448] "Description"=6.0.12.448 "Path"=C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=] "Description"= "Path"= D:\Programy\Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} D:\Programy\Firefox\components\ binary.manifest browsercomps.dll D:\Programy\Firefox\searchplugins\ allegro-pl.xml fbc-pl.xml google.xml merlin-pl.xml pwn-pl.xml wikipedia-pl.xml wp-pl.xml yahoo.xml C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\tza5haq8.default\extensions\ battlefieldheroespatcher@ea.com C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\tza5haq8.default\searchplugins\ the-pirate-bay.xml wyszukiwanie-filmw-wideo-w-youtube.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-19 42272] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "PSUNMain"=C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe [2011-04-28 439616] "Panda Security URL Filtering"=C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe [2011-06-29 217256] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "msacm.l3fhg"=mp3fhg.acm "VIDC.XVID"=xvidvfw.dll "VIDC.YV12"=yv12vfw.dll "msacm.ac3acm"=ac3acm.acm "VIDC.FFDS"=ff_vfw.dll "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2011-11-21 20:08:54 ----D---- C:\rsit 2011-11-21 20:08:54 ----D---- C:\Program Files (x86)\trend micro 2011-11-21 15:50:40 ----D---- C:\ProgramData\PMB Files 2011-11-21 15:50:28 ----D---- C:\Program Files (x86)\Pando Networks 2011-11-19 11:35:43 ----D---- C:\Users\Marek\AppData\Roaming\LolClient 2011-11-19 01:41:20 ----A---- C:\Windows\SysWOW64\OpenCL.dll 2011-11-19 01:41:20 ----A---- C:\Windows\SysWOW64\nvoglv32.dll 2011-11-19 01:41:20 ----A---- C:\Windows\SysWOW64\nvcuvid.dll 2011-11-19 01:41:20 ----A---- C:\Windows\SysWOW64\nvcuvenc.dll 2011-11-19 01:41:20 ----A---- C:\Windows\SysWOW64\nvcuda.dll 2011-11-19 01:41:20 ----A---- C:\Windows\SysWOW64\nvcompiler.dll 2011-11-19 01:41:20 ----A---- C:\Windows\SysWOW64\nvapi.dll 2011-11-19 01:33:59 ----D---- C:\Windows\Sun 2011-11-19 01:33:32 ----D---- C:\ProgramData\Sun 2011-11-19 01:33:32 ----D---- C:\Program Files (x86)\Common Files\Java 2011-11-19 01:33:23 ----A---- C:\Windows\SysWOW64\javaws.exe 2011-11-19 01:33:23 ----A---- C:\Windows\SysWOW64\javaw.exe 2011-11-19 01:33:23 ----A---- C:\Windows\SysWOW64\java.exe 2011-11-19 01:33:23 ----A---- C:\Windows\SysWOW64\deployJava1.dll 2011-11-19 01:33:14 ----D---- C:\Program Files (x86)\Java 2011-11-19 00:46:26 ----HD---- C:\Program Files (x86)\Common Files\EAInstaller 2011-11-19 00:46:24 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll 2011-11-19 00:46:24 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll 2011-11-19 00:46:23 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll 2011-11-19 00:46:23 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll 2011-11-19 00:46:22 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll 2011-11-19 00:46:22 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll 2011-11-19 00:46:21 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll 2011-11-19 00:46:20 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll 2011-11-19 00:46:20 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll 2011-11-19 00:46:20 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll 2011-11-19 00:46:19 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll 2011-11-19 00:46:19 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll 2011-11-19 00:24:35 ----RA---- C:\Windows\SysWOW64\pbsvc.exe 2011-11-18 17:57:26 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll 2011-11-18 17:57:26 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll 2011-11-18 17:57:25 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll 2011-11-17 17:19:39 ----D---- C:\ProgramData\Ubisoft 2011-11-17 16:26:36 ----D---- C:\Users\Marek\AppData\Roaming\PunkBuster 2011-11-17 16:25:59 ----D---- C:\Program Files (x86)\Ubisoft 2011-11-17 16:25:11 ----A---- C:\Windows\SysWOW64\XAudio2_5.dll 2011-11-17 16:25:10 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll 2011-11-17 16:25:09 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll 2011-11-17 16:25:08 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll 2011-11-17 16:25:07 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll 2011-11-17 16:25:07 ----A---- C:\Windows\SysWOW64\d3dx10_42.dll 2011-11-17 16:25:06 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll 2011-11-17 16:25:05 ----A---- C:\Windows\SysWOW64\d3dx10_41.dll 2011-11-17 16:25:05 ----A---- C:\Windows\SysWOW64\D3DCompiler_41.dll 2011-11-17 16:25:03 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll 2011-11-17 16:25:03 ----A---- C:\Windows\SysWOW64\XAPOFX1_3.dll 2011-11-17 16:25:03 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll 2011-11-17 16:25:02 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll 2011-11-17 16:25:02 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll 2011-11-17 16:25:01 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll 2011-11-17 16:25:01 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll 2011-11-17 16:24:59 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll 2011-11-17 16:24:59 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll 2011-11-17 16:24:59 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll 2011-11-17 16:24:58 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll 2011-11-17 16:24:58 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll 2011-11-17 16:24:57 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll 2011-11-17 16:24:57 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll 2011-11-17 16:24:57 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll 2011-11-17 16:24:54 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll 2011-11-17 16:24:54 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll 2011-11-17 16:24:54 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll 2011-11-17 16:24:53 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll 2011-11-17 16:24:52 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll 2011-11-17 16:24:52 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll 2011-11-17 16:24:51 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll 2011-11-17 16:24:50 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll 2011-11-17 16:24:50 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll 2011-11-17 16:24:50 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll 2011-11-17 16:24:49 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll 2011-11-17 16:24:49 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll 2011-11-17 16:24:47 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll 2011-11-17 16:24:47 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll 2011-11-17 16:24:46 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll 2011-11-17 16:24:46 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll 2011-11-17 16:24:44 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll 2011-11-17 16:24:44 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll 2011-11-17 16:24:43 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll 2011-11-17 16:24:43 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll 2011-11-17 16:24:41 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll 2011-11-17 16:24:41 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll 2011-11-17 16:24:41 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll 2011-11-17 16:24:40 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll 2011-11-17 16:24:40 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll 2011-11-17 16:24:38 ----A---- C:\Windows\SysWOW64\xinput1_3.dll 2011-11-17 16:24:38 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll 2011-11-17 16:24:37 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll 2011-11-17 16:24:36 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll 2011-11-17 16:24:36 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll 2011-11-17 16:24:34 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll 2011-11-17 16:24:34 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll 2011-11-17 16:24:33 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll 2011-11-17 16:24:33 ----A---- C:\Windows\SysWOW64\d3dx10.dll 2011-11-17 16:24:31 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll 2011-11-17 16:24:31 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll 2011-11-17 16:24:31 ----A---- C:\Windows\SysWOW64\d3dx9_32.dll 2011-11-17 16:24:29 ----A---- C:\Windows\SysWOW64\xinput1_2.dll 2011-11-17 16:24:29 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll 2011-11-17 16:24:29 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll 2011-11-17 16:24:28 ----A---- C:\Windows\SysWOW64\xinput1_1.dll 2011-11-17 16:24:28 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll 2011-11-17 16:24:27 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll 2011-11-17 16:24:19 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll 2011-11-17 16:24:18 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll 2011-11-17 16:24:18 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll 2011-11-17 16:24:17 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll 2011-11-17 16:24:16 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll 2011-11-17 16:24:14 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll 2011-11-17 16:24:13 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll 2011-11-17 16:24:12 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll 2011-11-17 16:24:11 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll 2011-11-17 16:13:00 ----D---- C:\Program Files (x86)\Franzis 2011-11-17 14:36:18 ----D---- C:\ProgramData\DAEMON Tools Pro 2011-11-17 06:48:07 ----HD---- C:\ProgramData\CanonBJ 2011-11-15 12:12:43 ----D---- C:\Users\Marek\AppData\Roaming\Real 2011-11-15 10:22:01 ----D---- C:\Users\Marek\AppData\Roaming\BESTplayer 2011-11-15 09:08:03 ----D---- C:\Users\Marek\AppData\Roaming\uTorrent 2011-11-14 18:23:50 ----D---- C:\Program Files (x86)\Common Files\Akamai 2011-11-14 14:52:30 ----D---- C:\Users\Marek\AppData\Roaming\Panda Security 2011-11-14 14:52:10 ----A---- C:\Windows\SysWOW64\temp.txt 2011-11-14 14:52:09 ----D---- C:\ProgramData\Panda Security URL Filtering 2011-11-14 14:51:56 ----D---- C:\ProgramData\Panda Security 2011-11-14 14:51:56 ----D---- C:\Program Files (x86)\Panda Security 2011-11-14 14:51:41 ----D---- C:\temp 2011-11-14 14:39:11 ----D---- C:\Users\Marek\AppData\Roaming\Mozilla 2011-10-31 23:27:17 ----A---- C:\Windows\SysWOW64\psisdecd.dll 2011-10-31 23:27:11 ----A---- C:\Windows\SysWOW64\ieframe.dll 2011-10-31 23:27:07 ----A---- C:\Windows\SysWOW64\mshtml.dll 2011-10-31 23:27:06 ----A---- C:\Windows\SysWOW64\wininet.dll 2011-10-31 23:27:06 ----A---- C:\Windows\SysWOW64\urlmon.dll 2011-10-31 23:27:05 ----A---- C:\Windows\SysWOW64\msfeeds.dll 2011-10-31 23:27:05 ----A---- C:\Windows\SysWOW64\ieui.dll 2011-10-31 23:27:05 ----A---- C:\Windows\SysWOW64\iertutil.dll 2011-10-31 23:27:04 ----A---- C:\Windows\SysWOW64\url.dll 2011-10-31 23:27:04 ----A---- C:\Windows\SysWOW64\mshtmled.dll 2011-10-31 23:27:04 ----A---- C:\Windows\SysWOW64\jsproxy.dll 2011-10-31 23:26:12 ----A---- C:\Windows\SysWOW64\oleacc.dll 2011-10-31 23:26:11 ----A---- C:\Windows\SysWOW64\oleaut32.dll ======List of files/folders modified in the last 1 month====== 2011-11-21 20:08:59 ----D---- C:\Windows\Prefetch 2011-11-21 20:08:56 ----D---- C:\Windows\Temp 2011-11-21 20:08:54 ----RD---- C:\Program Files (x86) 2011-11-21 16:43:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2011-11-21 16:43:33 ----SHD---- C:\System Volume Information 2011-11-21 15:50:40 ----HD---- C:\ProgramData 2011-11-21 12:25:21 ----D---- C:\Windows\System32 2011-11-21 12:25:21 ----D---- C:\Windows\inf 2011-11-21 12:19:19 ----D---- C:\ProgramData\NVIDIA 2011-11-19 14:16:10 ----D---- C:\Windows 2011-11-19 14:15:30 ----D---- C:\Windows\SysWOW64 2011-11-19 12:09:18 ----D---- C:\Windows\LiveKernelReports 2011-11-19 01:43:01 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2011-11-19 01:42:52 ----SHD---- C:\Windows\Installer 2011-11-19 01:33:32 ----D---- C:\Program Files (x86)\Common Files 2011-11-19 01:24:45 ----D---- C:\Windows\winsxs 2011-11-19 01:23:30 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe 2011-11-19 01:23:19 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe 2011-11-19 01:22:16 ----RSD---- C:\Windows\assembly 2011-11-18 17:14:37 ----D---- C:\Users\Marek\AppData\Roaming\Gadu-Gadu 10 2011-11-15 14:52:09 ----D---- C:\Windows\SysWOW64\GroupPolicy 2011-11-15 12:23:39 ----RD---- C:\Users 2011-11-14 19:41:09 ----D---- C:\Windows\SysWOW64\directx 2011-11-14 14:53:51 ----RD---- C:\Program Files 2011-11-14 14:47:06 ----D---- C:\ProgramData\AVAST Software 2011-11-04 09:47:47 ----D---- C:\Users\Marek\AppData\Roaming\Skype 2011-11-03 09:00:31 ----D---- C:\Windows\Microsoft.NET 2011-10-31 23:33:39 ----D---- C:\Windows\SysWOW64\migration 2011-10-31 23:33:39 ----D---- C:\Windows\ehome 2011-10-31 23:33:39 ----D---- C:\Program Files (x86)\Internet Explorer ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [] R1 PSINKNC;PSINKNC; C:\Windows\system32\DRIVERS\psinknc.sys [] R2 PSINAflt;PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [] R2 PSINFile;PSINFile; C:\Windows\system32\DRIVERS\PSINFile.sys [] R2 PSINProc;PSINProc; C:\Windows\system32\DRIVERS\PSINProc.sys [] R2 PSINProt;PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [] R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [] S3 a1lrp2oi;a1lrp2oi; C:\Windows\SysWOW64\drivers\a1lrp2oi.sys [] S3 a30viowh;a30viowh; C:\Windows\SysWOW64\drivers\a30viowh.sys [] S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [] S3 NVENETFD;Sterownik kontrolera sieci NVIDIA nForce; C:\Windows\system32\DRIVERS\nvm62x64.sys [] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [] S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [] S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [] S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [] S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [] S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [] S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [] S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 NanoServiceMain;Panda Cloud Antivirus Service; C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2011-04-28 140608] R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120] R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-11-19 75136] R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2011-11-19 189248] R2 StarWindServiceAE;StarWind AE Service; D:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF----------------- [/log] RSIT info [log]info.txt logfile of random's system information tool 1.09 2011-11-21 20:09:00 ======Uninstall list====== -->MsiExec /X{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4} µTorrent-->"D:\Programy\uTorrent\uTorrent.exe" /UNINSTALL Ad Muncher v4.92 Build 32700-->"C:\Program Files (x86)\Ad Muncher\AdMunch.exe" /P "InstallerAction=Uninstall" /P "InstallTarget=C:\Program Files (x86)\Ad Muncher" Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10t_ActiveX.exe -maintain activex Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_Plugin.exe -maintain plugin Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe" Akamai NetSession Interface Service-->C:\Program Files (x86)\Common Files\Akamai\uninstall.exe Ashampoo Burning Studio 2010 Advanced-->"C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2010 Advanced\unins000.exe" Assassin's Creed Brotherhood-->"C:\Program Files (x86)\InstallShield Installation Information\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}\setup.exe" -runfromtemp -l0x0015 -removeonly Battlefield 3™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging Battlefield Heroes-->"D:\gry\Battlefield Heroes\uninstaller.exe" "D:\gry\Battlefield Heroes\Uninstall.xml" Battlefield Play4Free-->"D:\gry\Battlefield play for free\uninstaller.exe" "D:\gry\Battlefield play for free\Uninstall.xml" Colin McRae Rally 04-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F8718F95-21A1-44B9-97EC-679C93020BAE}\setup.exe" -l0x15 -removeonly FCleaner 1.3.1.621-->"C:\Program Files (x86)\FCleaner\unins000.exe" Foxit Reader-->C:\Program Files (x86)\Foxit Software\Foxit Reader\Uninstall.exe Gadu-Gadu 10-->C:\Program Files (x86)\Gadu-Gadu 10\Uninstall.exe Java(TM) 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216029FF} K-Lite Mega Codec Pack 7.5.0-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe" League of Legends-->"C:\Program Files (x86)\InstallShield Installation Information\{918A9082-6287-4D25-9002-5E5D5E4971CB}\setup.exe" -runfromtemp -l0x0415 -removeonly Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E} Mozilla Firefox 8.0 (x86 pl)-->D:\Programy\Firefox\uninstall\helper.exe Need For Speed™ World-->"D:\gry\NFSW\Need For Speed World\unins000.exe" NVIDIA PhysX-->MsiExec.exe /X{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4} NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask OpenAL-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U OpenOffice.ux.pl 3.3-->MsiExec.exe /I{7336143C-44FD-4AAC-B53A-158FEA08489D} Panda Cloud Antivirus-->"C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\Setup.exe" /X{50431EE1-C1CC-4AE7-BDE3-B60536E7BA92} Panda Security URL Filtering-->C:\ProgramData\Panda Security URL Filtering\uninstall.exe Pando Media Booster-->C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u Real Alternative 2.0.1-->"C:\Program Files (x86)\Real Alternative\unins000.exe" Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {3162617C-537F-3BB6-8D0C-C6021F442391} /parameterfolder Extended Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A} Sony Ericsson PC Companion 1.60.13-->"C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe" -runfromtemp -l0x0009 -removeonly Sony Ericsson PC Suite 6.011.00-->"C:\Program Files (x86)\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\ISAdmin.exe" -runfromtemp -l0x0009 -removeonly The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe" Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client Update for Microsoft .NET Framework 4 Extended (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended Update for Microsoft .NET Framework 4 Extended (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} ======System event log====== Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Cryptographic Services weszła w stan stopped. Record Number: 5 Source Name: Service Control Manager Time Written: 20090714051424.262212-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Windows Modules Installer weszła w stan stopped. Record Number: 4 Source Name: Service Control Manager Time Written: 20090714051424.168612-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Software Protection weszła w stan stopped. Record Number: 3 Source Name: Service Control Manager Time Written: 20090714051424.059412-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Windows Event Log weszła w stan stopped. Record Number: 2 Source Name: Service Control Manager Time Written: 20090714051424.012612-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Volume Shadow Copy weszła w stan stopped. Record Number: 1 Source Name: Service Control Manager Time Written: 20090714051423.934612-000 Event Type: Informacje User: =====Application event log===== Computer Name: 37L4247E29-32 Event Code: 1001 Message: Pakiet błędów , typ 0 Nazwa zdarzenia: PnPGenericDriverFound Odpowiedź: Niedostępny Identyfikator pliku Cab: 0 Sygnatura problemu: P1: x64 P2: PCI\VEN_10DE&DEV_0DE0&SUBSYS_119919DA&REV_A1 P3: P4: P5: P6: P7: P8: P9: P10: Dołączone pliki: Te pliki mogą być dostępne tutaj: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_fdde3e18df56c84715479147894fbfdd7b75c67_cab_056a40e6 Symbol analizy: Ponowne sprawdzanie rozwiązania: 0 Identyfikator raportu: 8cf2a580-b941-11e0-8078-be7ff9530628 Stan raportu: 6 Record Number: 5 Source Name: Windows Error Reporting Time Written: 20110728174642.000000-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 5617 Message: Windows Management Instrumentation Service subsystems initialized successfully Record Number: 4 Source Name: Microsoft-Windows-WMI Time Written: 20110728174516.000000-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 5615 Message: Windows Management Instrumentation Service started sucessfully Record Number: 3 Source Name: Microsoft-Windows-WMI Time Written: 20110728174512.000000-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 4625 Message: System podrzędny EventSystem pomija zduplikowane wpisy dziennika zdarzeń przez okres 86400 sekund. Limit czasu pomijania można kontrolować za pomocą wartości REG_DWORD o nazwie SuppressDuplicateDuration w następującym kluczu rejestru: HKLM\Software\Microsoft\EventSystem\EventLog. Record Number: 2 Source Name: Microsoft-Windows-EventSystem Time Written: 20110728174508.000000-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 1531 Message: Usługa profilów użytkowników została uruchomiona pomyślnie. Record Number: 1 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20110728174507.994000-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM =====Security event log===== Computer Name: 37L4247E29-32 Event Code: 4735 Message: Zmieniono grupę lokalną z włączonymi zabezpieczeniami. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: 37L4247E29-32$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Grupa: Identyfikator zabezpieczeń: S-1-5-32-551 Nazwa grupy: Operatorzy kopii zapasowych Domena grupy: Builtin Zmienione atrybuty: Nazwa konta SAM: - Historia identyfikatora SID: - Informacje dodatkowe: Uprawnienia: - Record Number: 5 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20110728174450.709200-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4731 Message: Utworzono grupę lokalną z włączonymi zabezpieczeniami. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: 37L4247E29-32$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Nowa grupa: Identyfikator zabezpieczeń: S-1-5-32-551 Nazwa grupy: Operatorzy kopii zapasowych Domena grupy: Builtin Atrybuty: Nazwa konta SAM: Operatorzy kopii zapasowych Historia identyfikatora SID: - Informacje dodatkowe: Uprawnienia: - Record Number: 4 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20110728174450.709200-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4902 Message: Utworzono tabelę zasad inspekcji użytkownika. Liczba elementów: 0 Identyfikator zasad: 0x3024e Record Number: 3 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20110728174450.381600-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-0-0 Nazwa konta: - Domena konta: - Identyfikator logowania: 0x0 Typ logowania: 0 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x4 Nazwa procesu: Informacje o sieci: Nazwa stacji roboczej: - Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: - Pakiet uwierzytelniania: - Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 2 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20110728174448.556400-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4608 Message: Trwa uruchamianie systemu Windows. To zdarzenie jest rejestrowane w momencie uruchamiania programu LSASS.EXE i inicjowania podsystemu inspekcji. Record Number: 1 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20110728174448.478400-000 Event Type: Sukcesy inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=2 "PROCESSOR_LEVEL"=16 "PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD "PROCESSOR_REVISION"=0603 -----------------EOF----------------- [/log]Naprawdę proszę o pomoc, bo komputer nadal jest na gwarancji a jest z nim źle. Nie mogę odpalić nawet trybu awaryjnego! Normalnie udało mi się go uruchomić chyba za 20 razem...
Gość komentarz 27 listopada 2011 komentarz 27 listopada 2011 (edytowane) 1. Zrób nowe logi z OTL wg tej instrukcji : Po uruchomieniu OTL pojawi sie okienko główne i w nim masz zaznaczyć następujące opcje: [b]Wszystkie sekcje[/b] ustawione na [b]Użyj filtrowania[/b] (Use SafeList). Należy zaznaczyć [b]Wszyscy użytkownicy[/b] (Scan All Users) Dodatkowo postawić ptaszki przy pozycjach [b]Infekcja LOP[/b] (LOP Check) + [b]Infekcja Purity[/b] (Purity Check) Potem klikasz [b]Skanuj[/b]. Jak program skończy powstaną dwa logi [b]OTL i Extras[/b], obydwa wstaw na serwis [b]wklej.to[/b] a do posta daj linki. Dodatkowo log z [b]Kaspersky[/b] [b]TDSSkiller[/b] [url="http://www.hotfix.pl/instrukcja-obslugi-tdsskiller-a341.htm"]http://www.hotfix.pl...killer-a341.htm[/url] [b]Jak program coś znajdzie dla każdego wyniku przyznajesz akcję[/b] [b]SKIP[/b] Edytowane 27 listopada 2011 przez squonk 1
Jackaal komentarz 27 listopada 2011 Autor komentarz 27 listopada 2011 (edytowane) [b]Kaspersky[/b] [b]TDSSkiller [/b][b]- [/b][url="http://wklej.to/WwaQc"]http://wklej.to/WwaQc[/url] OTL mi nie działa. Uruchamiałem normalnie i jako administrator. Okno programu zawiesza się (brak odpowiedzi) przy [i]Getting Drive Info[/i]. Edytowane 27 listopada 2011 przez Jackaal
Gość komentarz 27 listopada 2011 komentarz 27 listopada 2011 [quote]OTL mi nie działa. Uruchamiałem normalnie i jako administrator. Okno programu zawiesza się (brak odpowiedzi) przy [i]Getting Drive Info[/i]. [/quote] Spróbuj uruchomic OTL w trybie awaryjnym Windows. 1
Jackaal komentarz 27 listopada 2011 Autor komentarz 27 listopada 2011 Tryb awaryjny mi też nie działa. Zatrzymuje się w momencie ładowania [i]\windows\system32\DRIVERS\CLASSPNP.SYS[/i].
Gość komentarz 27 listopada 2011 komentarz 27 listopada 2011 To bedzie problem sprzetowy. Spakuj pliki[b] Dziennika zdarzeń do zipa[/b] (sekcja [b]System i Aplikacje[/b]) i wstaw na [url="http://www.speedyshare.com/"]http://www.speedyshare.com/[/url] Wykonaj test pamieci RAM, programem [b]Memtest [/b] Możesz też zrobić test dysku korzystając z MHDD [url="http://nirvanowiec.republika.pl/MHDD.html"]http://nirvanowiec.r...ka.pl/MHDD.html[/url] To są narzedzia bootowalne, wiec nagrywasz je na płyty i z nich uruchamiasz kompa. 1
Jackaal komentarz 27 listopada 2011 Autor komentarz 27 listopada 2011 Jesteś pewien, że to problem sprzętowy? Bo jeśli tak to nie będę dalej nic kombinował tylko oddam komputer bo jeszcze jest na gwarancji jak już pisałem. Na jakimś forum czytałem, że to może być przez sterowniki. W menadżerze urządzeń jest jedna pozycja z wykrzyknikiem w żółtym trójkącie. Kategoria [b]kontrolery magazynu[/b] a nazwa [b]A7KSX0RV IDE controller[/b]. Wygląda jak ikonka instalki sterowników STPD, ale to już odinstalowałem i zainstalowałem ponownie - nadal bez zmian.
Gość komentarz 27 listopada 2011 komentarz 27 listopada 2011 [quote]Jesteś pewien, że to problem sprzętowy? Bo jeśli tak to nie będę dalej nic kombinował tylko oddam komputer bo jeszcze jest na gwarancji jak już pisałem.[/quote] Może byc problem oprogramowania. Ale na razie mam za mało danych. Dlatego proszę o pliki Dziennika zdarzeń. Podaj dokładna specyfikację komputera. Bo na razie to są gdybania. Wrzuć też obrazek z MU z tego [b]Kontrolera magazynu[/b]. system oryginalny, czy jakaś lewizna? Żeby oddać kompa na gwarancję warto wiedzieć co mu dolega. 1
Jackaal komentarz 27 listopada 2011 Autor komentarz 27 listopada 2011 System raczej nie lewizna bo jakiś znajomy informatyk ojcu instalował. Z jakiego programu mam podać tą specyfikację? Bo szczerze mówiąc nie wiem dokładnie co to za sprzęt. Dziennik zdarzeń znalazłem ale nie wiem jak zpisać go do pliku. Obrazek z menadżera dam razem z resztą.
Gość komentarz 27 listopada 2011 komentarz 27 listopada 2011 Pobierz CPU-Z [url="http://cpu-z-portable.softonic.pl/"]http://cpu-z-portable.softonic.pl/[/url] Klikasz na plik exe, przechdzisz do zakładki About > Registeres dump.txt i zapisujesz raport Raport umieszczasz na [b]wklej.to[/b] [quote]System raczej nie lewizna bo jakiś znajomy informatyk ojcu instalował.[/quote] A płytę z systemem masz? [quote]Dziennik zdarzeń znalazłem ale nie wiem jak zpisać go do pliku. Obrazek z menadżera dam razem z resztą. [/quote] [b]PPM na sekcję Aplikacje > Zapisz wszystkie zdarzenia jako[/b] to samo dla sekcji[b] System[/b] 1
Jackaal komentarz 27 listopada 2011 Autor komentarz 27 listopada 2011 (edytowane) [i][b]CPU-Z[/b][/i] [url="http://wklej.to/lCNYW"]http://wklej.to/lCNYW[/url] [i][b]Dziennik zdarzeń[/b][/i] [url="http://speedy.sh/jkEsH/Zdarzenia.rar"]http://speedy.sh/jkEsH/Zdarzenia.rar[/url] [i][b]Menadżer urządzeń[/b][/i] [url="http://imageshack.us/photo/my-images/828/beztytuucwev.png/"]http://imageshack.us...ztytuucwev.png/[/url] Dzięki wielkie za pomoc :-) @Edit Dopiero teraz sprawdziłem napęd i okazało się, że nie czyta płytek. Edytowane 27 listopada 2011 przez Jackaal
Gość komentarz 27 listopada 2011 komentarz 27 listopada 2011 1.Odinstaluj koniecznie [b]Alcohol[/b]. Najpierw z panelu sterowania Dodaj/usun programy. Potem zastosuj sie do instrukcji usuwania sterownika [b]sptd[/b] Pobierzesz [b]SPTDinstx64[/b] i zastosujesz według instrukcji. [url="http://www.fixitpc.pl/forum-38/announcement-2-wazne-oprogramowanie-emulujace-napedy/"]http://www.fixitpc.p...ulujace-napedy/[/url] 2. [b]Start > Wszystkie programy > Akcesoria > PPM [/b]na [b]Wiersz polecenia[/b] uruchom jako administrator wpisz polecenie: [b]sfc /scannow[/b] czekasz cierpliwie jak urządzenie skończy. Zapisujesz ewentualne komunikaty. 3. Uruchom program [b]CPUZ > zakładka Mainboard[/b] i potwierdź czy twoja płyta to [b]Gigabyte GA-M52LT-D3[/b] Jak to wykonasz powiem co dalej. 1
Jackaal komentarz 28 listopada 2011 Autor komentarz 28 listopada 2011 [quote name='Jackaal' timestamp='1322402210' post='1385670'] Wygląda jak ikonka instalki sterowników STPD, ale to już odinstalowałem i zainstalowałem ponownie - nadal bez zmian. [/quote] Chyba nie udało mi się usunąć całej zawartości SPTD bo całkiem skomplikowane te klucze typu NULL. Muszę wykasować to całkowicie? [i]Funkcja Ochrona zasobów systemu Windows nie znalazła naruszeń integralności.[/i] Potwierdzam model płyty głównej - M52LT-D3.
Gość komentarz 28 listopada 2011 komentarz 28 listopada 2011 (edytowane) 1. Pobierz i zainstaluj sterowniki do chipsetu płyty głównej [b]NVIDIA MCP61/MCP68 Chipset Driver[/b] dla systemu W7 64bit [url="http://www.gigabyte.pl/products/page/mb/ga-m52lt-d3rev_23/download/"]http://www.gigabyte....ev_23/download/[/url] [quote]Dopiero teraz sprawdziłem napęd i okazało się, że nie czyta płytek. [/quote] Co masz na myśli? Płyty się nie uruchamiają, czy może W7 nie chce bootować? 2. Podaj z Menedżera urządzeń dokładne dane [b]dysku HDD[/b]. [quote]Chyba nie udało mi się usunąć całej zawartości SPTD bo całkiem skomplikowane te klucze typu NULL. Muszę wykasować to całkowicie?[/quote] Zostaw na razie klucze rejestru w spokoju. 3. Po wykonaniu punktow 1 -2, spróbuj wykonać skan [b]OTL[/b] w trybie normalnym lub awaryjnym. Zwróć uwagę na podane wyżej przeze mnie ustawienia OTL. Edytowane 28 listopada 2011 przez squonk 1
Jackaal komentarz 29 listopada 2011 Autor komentarz 29 listopada 2011 (edytowane) Jest chyba już dobrze. Komputer normalnie się włącza i nie zawiesza się. Płytki czyta, chociaż wydaje mi się że sporo za długo (ten pasek na górze bardzo długo się ładuje). Powiedz mi jak mam podać te dane dysku twardego bo nie ma konkretnie napisane, które urządzenie to dysk. [b]OTL.txt[/b] - [url="http://wklej.to/sO9lU"]http://wklej.to/sO9lU[/url] [b]Extras.txt[/b] - [url="http://wklej.to/89jUs"]http://wklej.to/89jU[/url] Edytowane 29 listopada 2011 przez Jackaal
Gość komentarz 29 listopada 2011 komentarz 29 listopada 2011 [quote]Płytki czyta, chociaż wydaje mi się że sporo za długo (ten pasek na górze bardzo długo się ładuje).[/quote] jaki pasek, bo nie rozumiem? obrazek daj o co chodzi. [quote] Powiedz mi jak mam podać te dane dysku twardego bo nie ma konkretnie napisane, które urządzenie to dysk. [/quote] Nie załamuj mnie..........wejdź do MU i rozwiń gałąź [b]Stacje dysków[/b] i tam bedzie opis dysku, maraka model Czy nie ma juz żadnych wykrzykników , znakow zapytania w MU? Musisz rozwinąć wszystkie gałezie od urządzeń. Odinstaluj ten wynalazek koniecznie [b]Pando Media Booster[/b] 1
Jackaal komentarz 29 listopada 2011 Autor komentarz 29 listopada 2011 (edytowane) Nie działa dobrze. Co jakiś czas zawiesza się na 30-60 sekund (czasem wyciemnia się ekran), po tym odwiesi się i później znowu to samo... W Windows7 jak otwiera się napęd DVD przez [i]Mój komputer[/i] to ładuje się pasek adresu, pokazuje progres wczytywania płyty. [url="http://imageshack.us/photo/my-images/15/beztytuurnc.png/"]http://imageshack.us...eztytuurnc.png/[/url] W menadżerze nie ma żadnych wykrzykników. Wchodzić we właściwości stacji dysków? Stamtąd coś Ci przepisać? Edytowane 29 listopada 2011 przez Jackaal
Gość komentarz 29 listopada 2011 komentarz 29 listopada 2011 [quote]Wchodzić we właściwości stacji dysków? Stamtąd coś Ci przepisać?[/quote] Tak. [b]PPM > Właściwości[/b] i jaki jest opis tego urzadzenia? To samo dla CD/DVD. Szybkość ładowania zalezy od nagrywarki, zawartości płyty, jakości płyty itd, itp. 1
Jackaal komentarz 29 listopada 2011 Autor komentarz 29 listopada 2011 Opis urządzenia wyświetla się po prostu [i]Stacja dysków[/i]. Mam napęd DVD-RW, ale w menadżerze wyświetla się jako [i]Stacja dysków CD-ROM[/i]. Kiedy próbuję wejść we właściwości, zawiesza się okno menadżera (brak odpowiedzi).
Gość komentarz 29 listopada 2011 komentarz 29 listopada 2011 PPM na nieopisane narzędzie i dajesz Odinstaluj. Restart. Sprawdzasz czy w MU pojawił sie opis. 1
Jackaal komentarz 29 listopada 2011 Autor komentarz 29 listopada 2011 http://imageshack.us/photo/my-images/607/beztytuupgu.png/ Ten paseczek sobie normalnie przelatuje z lewej do prawej, ale nic się nie dzieje. Tak samo z napędem. To okno mogę wyłączyć tylko przez Ctrl+Alt+Del.@Edit Udało się! http://imageshack.us/photo/my-images/651/beztytuufrk.png/
Gość komentarz 29 listopada 2011 komentarz 29 listopada 2011 [quote]Udało się![/quote] Teraz zajmiemy się drobiazgami. [b]1.[/b] Uruchom OTL, w oknie [b]Własne opcje skanowania/skrypt[/b] wklej tekst: [php]:Files C:\ProgramData\DAEMON Tools Pro :OTL O8:[b]64bit:[/b] - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_frame File not found O8:[b]64bit:[/b] - Extra context menu item: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_image File not found O8:[b]64bit:[/b] - Extra context menu item: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_link File not found O8:[b]64bit:[/b] - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_exclude File not found O8:[b]64bit:[/b] - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_report File not found O8 - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_frame File not found O8 - Extra context menu item: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_image File not found O8 - Extra context menu item: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_link File not found O8 - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_exclude File not found O8 - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=52D633A2&id=menu_ie_report File not found :Commands [emptytemp] [emptyflash][/php] [b]2.[/b] Kliknij w butonik [b]Wykonaj skrypt[/b]. OTL poprosi o restart zatwierdź OK. Po usuwaniu, uruchom OTL ponownie i wykonaj nowy skan. Przedstaw log. 1
Jackaal komentarz 29 listopada 2011 Autor komentarz 29 listopada 2011 Komputer nie chciał znowu się włączyć, ale za drugim razem poszło i OTL pokazał mi raport, który miał pokazać więc chyba dobrze wyszło. Skan po usuwaniu: [b]OTL.txt[/b] - http://wklej.to/FPfZx [b]Extras.txt[/b] - http://wklej.to/zWb8H
Gość komentarz 29 listopada 2011 komentarz 29 listopada 2011 1. Uruchom [b]OTL[/b] i kliknij opcje [b]Sprzątanie[/b]. To usunie program z dysku. 2. Odinstaluj [b]RSIT i HijackThis[/b] [quote]Komputer nie chciał znowu się włączyć,[/quote] Podaj markę i model zasilacza. Dane znajdziesz na obudowie. 1
Jackaal komentarz 30 listopada 2011 Autor komentarz 30 listopada 2011 Nie znalazłem danych na obudowie, ale mam fakturę za komputer: [i]Obudowa TRACER PROTON TRO-112 420W[/i]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.