x-kom hosting

powolny start zatrzymywanie stron www

androlo
utworzono
utworzono (edytowane)

witam

przy starcie wolno sie otwiera windowas a pozatym przy przegladaniu stron www strony zatrzymuja sie na kilkadziesiat sekund i tak non stop

prosze o pomoc

2 logi

OTL Extras logfile created on: 2017-06-09 13:44:00 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\RULA\Moje dokumenty\Pobrane
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,00 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 65,09% Memory free
4,84 Gb Paging File | 3,71 Gb Available in Paging File | 76,66% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 117,19 Gb Total Space | 76,51 Gb Free Space | 65,28% Space Free | Partition Type: NTFS
Drive D: | 348,57 Gb Total Space | 348,46 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
 
Computer Name: RULA-36DDF7C1D4 | User Name: RULA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\PC Protector Plus\filetypehelper.exe -scanunknown "%1"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Dropbox\Client\Dropbox.exe" = C:\Program Files\Dropbox\Client\Dropbox.exe:*:Enabled:Dropbox
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Program Files\Java\jre1.8.0_45\bin\jp2launcher.exe" = C:\Program Files\Java\jre1.8.0_45\bin\jp2launcher.exe:*:Enabled:Java(TM) Platform SE binary
"C:\Documents and Settings\RULA\Dane aplikacji\WowApp\WowApp.exe" = C:\Documents and Settings\RULA\Dane aplikacji\WowApp\WowApp.exe:*:Enabled:WowApp -- (YouWowMe Romania SRL)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox) -- (Mozilla Corporation)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{19687AD5-7E54-4C5E-A796-125C95079C1D}" = Adobe AIR
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{26A24AE4-039D-4CA4-87B4-2F32180101F0}" = Java 8 Update 101
"{26A24AE4-039D-4CA4-87B4-2F83218073F0}" = Java 8 Update 73
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007
"{92a7fd6b-31e5-472f-862e-79214c5032ef}" = Avira Launcher
"{95120000-00AF-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Polish)
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6634D1D-EA57-45DE-AF8F-0EDD35B912C3}" = Avira Launcher
"{AAA66A0D-E610-40B8-9D51-C1854285773A}" = RT2500 Wireless LAN Card
"{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI (11.0.08) - Polish
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.30
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 23 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 25 NPAPI
"Avira Antivirus" = Avira Antivirus
"Google Chrome" = Google Chrome
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 52.1.2 ESR (x86 pl)" = Mozilla Firefox 52.1.2 ESR (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR 5.31 (32-bitowy)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-854245398-362288127-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1" = Telegram Desktop version 1.1.7
"WowApp" = WowApp
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 2017-05-07 11:43:34 | Computer Name = RULA-36DDF7C1D4 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca firefox.exe, wersja 52.1.1.6333, moduł zawieszenia
 hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
 
Error - 2017-05-07 11:43:41 | Computer Name = RULA-36DDF7C1D4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd plugin-container.exe, wersja 52.1.1.6333,
 moduł powodujący błąd mozglue.dll, wersja 52.1.1.6333, adres błędu 0x0000f770.
 
Error - 2017-05-10 11:22:31 | Computer Name = RULA-36DDF7C1D4 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca Skype.exe, wersja 7.30.85.105, moduł zawieszenia
 hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
 
Error - 2017-05-11 15:08:14 | Computer Name = RULA-36DDF7C1D4 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca firefox.exe, wersja 52.1.1.6333, moduł zawieszenia
 hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
 
Error - 2017-05-19 15:42:15 | Computer Name = RULA-36DDF7C1D4 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca firefox.exe, wersja 52.1.1.6333, moduł zawieszenia
 hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
 
Error - 2017-06-05 15:27:12 | Computer Name = RULA-36DDF7C1D4 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca firefox.exe, wersja 52.1.2.6346, moduł zawieszenia
 hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
 
Error - 2017-06-08 15:01:46 | Computer Name = RULA-36DDF7C1D4 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca firefox.exe, wersja 52.1.2.6346, moduł zawieszenia
 hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
 
Error - 2017-06-08 15:01:58 | Computer Name = RULA-36DDF7C1D4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd plugin-container.exe, wersja 52.1.2.6346,
 moduł powodujący błąd mozglue.dll, wersja 52.1.2.6346, adres błędu 0x0000f37f.
 
Error - 2017-06-08 16:29:12 | Computer Name = RULA-36DDF7C1D4 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca firefox.exe, wersja 52.1.2.6346, moduł zawieszenia
 hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
 
Error - 2017-06-09 07:37:49 | Computer Name = RULA-36DDF7C1D4 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca firefox.exe, wersja 52.1.2.6346, moduł zawieszenia
 hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
 
[ System Events ]
Error - 2017-05-14 07:38:51 | Computer Name = RULA-36DDF7C1D4 | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
 z usługą Avira Mail Protection.
 
Error - 2017-05-14 07:38:51 | Computer Name = RULA-36DDF7C1D4 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Avira Mail Protection z powodu następującego
 błędu:   %%1053
 
Error - 2017-05-14 07:39:21 | Computer Name = RULA-36DDF7C1D4 | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
 z usługą Avira Web Protection.
 
Error - 2017-05-14 07:39:21 | Computer Name = RULA-36DDF7C1D4 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Avira Web Protection z powodu następującego
 błędu:   %%1053
 
Error - 2017-05-14 07:42:37 | Computer Name = RULA-36DDF7C1D4 | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
 z usługą Windows Presentation Foundation Font Cache 3.0.0.0.
 
Error - 2017-05-14 07:42:37 | Computer Name = RULA-36DDF7C1D4 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Windows Presentation Foundation Font Cache
 3.0.0.0 z powodu następującego błędu:   %%1053
 
 
< End of report >

 

 

OTL logfile created on: 2017-06-09 13:44:00 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\RULA\Moje dokumenty\Pobrane
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,00 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 65,09% Memory free
4,84 Gb Paging File | 3,71 Gb Available in Paging File | 76,66% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 117,19 Gb Total Space | 76,51 Gb Free Space | 65,28% Space Free | Partition Type: NTFS
Drive D: | 348,57 Gb Total Space | 348,46 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
 
Computer Name: RULA-36DDF7C1D4 | User Name: RULA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2017-06-09 13:42:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\RULA\Moje dokumenty\Pobrane\OTL(2).exe
PRC - [2017-05-30 22:35:14 | 038,632,808 | ---- | M] (Telegram Messenger LLP) -- C:\Documents and Settings\RULA\Dane aplikacji\Telegram Desktop\Telegram.exe
PRC - [2017-05-20 14:39:59 | 000,517,064 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2017-02-08 15:54:38 | 000,440,808 | ---- | M] (Digital Wave Ltd.) -- C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
PRC - [2016-10-25 18:51:47 | 000,470,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2016-10-25 18:51:29 | 000,461,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2016-10-25 18:51:25 | 000,831,576 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2016-10-25 18:51:25 | 000,470,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2016-07-11 11:03:10 | 000,151,776 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\Launcher\Avira.Systray.exe
PRC - [2016-07-11 11:01:40 | 000,309,384 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
PRC - [2008-04-15 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-12-23 20:20:54 | 000,532,480 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2017-02-08 15:44:30 | 000,114,664 | ---- | M] () -- C:\Program Files\Common Files\DVDVideoSoft\lib\zlib1.dll
MOD - [2017-02-08 15:44:28 | 000,108,008 | ---- | M] () -- C:\Program Files\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
MOD - [2017-02-08 15:44:28 | 000,048,104 | ---- | M] () -- C:\Program Files\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
MOD - [2017-02-08 15:44:28 | 000,024,040 | ---- | M] () -- C:\Program Files\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
MOD - [2016-07-11 11:04:50 | 000,254,440 | ---- | M] () -- C:\Program Files\Avira\Launcher\System.ComponentModel.Composition.dll
MOD - [2015-07-27 07:52:43 | 000,400,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\f0bb94276be98ff9ff0b22152fa633b9\System.Xml.Linq.ni.dll
MOD - [2015-07-27 07:51:37 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll
MOD - [2015-07-27 07:51:29 | 017,403,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\80743209bcc0a3af8305acd51569b483\System.ServiceModel.ni.dll
MOD - [2015-07-27 07:51:09 | 001,071,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\184f020284184651f03aa3cbc2bbccb6\System.IdentityModel.ni.dll
MOD - [2015-07-27 06:31:39 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1cdfe1998ad6794db3237006906c6fa2\System.Windows.Forms.ni.dll
MOD - [2015-07-27 06:31:20 | 002,518,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\ff8f87204db52c710c5fb5792d3f2283\System.Data.Linq.ni.dll
MOD - [2015-07-27 06:31:17 | 002,295,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\159b4a6888004de346d499841ec088a7\System.Core.ni.dll
MOD - [2015-07-27 06:30:21 | 014,329,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dad6af4d4f3b92adf0497c5ec9565236\PresentationFramework.ni.dll
MOD - [2015-07-27 06:28:40 | 012,218,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\89c032d0f8bccf31bb55b775a10c6992\PresentationCore.ni.dll
MOD - [2015-07-27 06:27:32 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\872e96c13f44bfaeff84d126fb847963\WindowsBase.ni.dll
MOD - [2015-07-26 22:21:36 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2015-07-26 22:21:26 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2015-07-21 14:00:22 | 011,906,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\f0b0625c2db624ba9c97ad1b12490d79\System.Web.ni.dll
MOD - [2015-07-21 14:00:16 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\7e310942e6e9a5d623e003130ec3d9bd\System.Transactions.ni.dll
MOD - [2015-07-21 14:00:15 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8cd995f00848816e3ec49dc326e3d49b\System.ServiceProcess.ni.dll
MOD - [2015-07-21 14:00:08 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\5c157466d360a10b2c97e94b41ddc588\System.Management.ni.dll
MOD - [2015-07-21 14:00:05 | 000,627,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\78e7a4c3acd1a345c4ef1f73ff48a1dd\System.EnterpriseServices.ni.dll
MOD - [2015-07-21 13:59:01 | 000,256,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ff1a0afc7a73669bca0ac4dffd8ee7c4\SMDiagnostics.ni.dll
MOD - [2015-07-21 13:58:34 | 002,345,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll
MOD - [2015-07-21 13:52:08 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb722edf9e1e738\System.Xml.ni.dll
MOD - [2015-07-21 13:51:49 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\424bff3295c6e7539cc6df62b9425bd0\System.Drawing.ni.dll
MOD - [2015-07-21 13:51:21 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\af8afdcab485e00a04b18ed487981f3d\System.Data.ni.dll
MOD - [2015-07-21 13:50:35 | 000,539,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\508d144b1e81e6642be4fea8799fb424\PresentationFramework.Luna.ni.dll
MOD - [2015-07-21 11:05:17 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll
MOD - [2015-07-21 11:04:47 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll
MOD - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2017-05-20 14:39:59 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2017-05-14 06:09:23 | 000,271,864 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2017-02-08 15:54:38 | 000,440,808 | ---- | M] (Digital Wave Ltd.) [Auto | Running] -- C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe -- (DigitalWave.Update.Service)
SRV - [2016-10-25 18:51:47 | 000,470,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2016-10-25 18:51:30 | 001,253,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2016-10-25 18:51:26 | 000,970,632 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2016-10-25 18:51:25 | 000,470,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2016-09-20 13:54:54 | 000,324,224 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2016-07-11 11:01:40 | 000,309,384 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe -- (Avira.ServiceHost)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2016-10-25 18:51:49 | 000,140,272 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2016-10-25 18:51:49 | 000,115,600 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2016-09-28 15:48:10 | 000,037,896 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2016-05-25 12:53:14 | 000,015,360 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_usbccgpfilter.sys -- (ew_usbccgpfilter)
DRV - [2015-07-16 05:45:40 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2015-05-16 08:01:06 | 000,035,144 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aswTap.sys -- (aswTap)
DRV - [2011-07-08 01:21:30 | 000,119,656 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2011-05-04 12:31:00 | 000,295,528 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009-06-25 08:07:44 | 005,095,936 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009-06-25 08:07:40 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009-06-25 08:07:40 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2004-12-15 20:12:04 | 000,218,368 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RT2500.sys -- (RT2500)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com/?fr=hp-avast&type=avastbcl
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-854245398-362288127-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-854245398-362288127-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://pl.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10300_FYD_161223__yaie
IE - HKU\S-1-5-21-854245398-362288127-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pl
IE - HKU\S-1-5-21-854245398-362288127-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 94 34 4B AD 93 B0 D0 01  [binary data]
IE - HKU\S-1-5-21-854245398-362288127-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-21-854245398-362288127-682003330-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-854245398-362288127-682003330-1004\..\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: "URL" = https://pl.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10300_FYD_161223__yaie&p={searchTerms}
IE - HKU\S-1-5-21-854245398-362288127-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.countryCode: "PL"
FF - prefs.js..browser.search.region: "PL"
FF - prefs.js..browser.startup.homepage: "www.onet.pl/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:52.1.2
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_25_0_0_171.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.101.2: C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2: C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Documents and Settings\RULA\Ustawienia lokalne\Dane aplikacji\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 52.1.2 ESR\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 52.1.2 ESR\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2015-02-13 22:14:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\RULA\Dane aplikacji\Mozilla\Extensions
[2017-06-07 15:26:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\RULA\Dane aplikacji\Mozilla\Firefox\Profiles\zg7pf9p4.default-1485973295468\browser-extension-data
[2017-06-07 15:26:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\RULA\Dane aplikacji\Mozilla\Firefox\Profiles\zg7pf9p4.default-1485973295468\browser-extension-data\firefox@tampermonkey.net
[2017-06-07 15:26:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\RULA\Dane aplikacji\Mozilla\Firefox\Profiles\zg7pf9p4.default-1485973295468\extensions
[2017-06-07 15:26:32 | 001,103,170 | ---- | M] () (No name found) -- C:\Documents and Settings\RULA\Dane aplikacji\Mozilla\Firefox\Profiles\zg7pf9p4.default-1485973295468\extensions\firefox@tampermonkey.net.xpi
[2017-03-03 20:21:10 | 000,007,704 | ---- | M] () (No name found) -- C:\Documents and Settings\RULA\Dane aplikacji\Mozilla\Firefox\Profiles\zg7pf9p4.default-1485973295468\features\{00bdf24e-27b0-41dc-b187-e9b6df7104a5}\aushelper@mozilla.org.xpi
[2017-03-03 20:21:10 | 000,005,527 | ---- | M] () (No name found) -- C:\Documents and Settings\RULA\Dane aplikacji\Mozilla\Firefox\Profiles\zg7pf9p4.default-1485973295468\features\{00bdf24e-27b0-41dc-b187-e9b6df7104a5}\diagnostics@mozilla.org.xpi
[2017-03-03 20:21:10 | 000,008,857 | ---- | M] () (No name found) -- C:\Documents and Settings\RULA\Dane aplikacji\Mozilla\Firefox\Profiles\zg7pf9p4.default-1485973295468\features\{00bdf24e-27b0-41dc-b187-e9b6df7104a5}\disableSHA1rollout@mozilla.org.xpi
[2017-03-03 20:21:10 | 000,005,336 | ---- | M] () (No name found) -- C:\Documents and Settings\RULA\Dane aplikacji\Mozilla\Firefox\Profiles\zg7pf9p4.default-1485973295468\features\{00bdf24e-27b0-41dc-b187-e9b6df7104a5}\hsts-priming@mozilla.org.xpi
[2017-05-20 14:40:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - Extension: No name found = C:\Documents and Settings\RULA\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_1\
CHR - Extension: No name found = C:\Documents and Settings\RULA\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Documents and Settings\RULA\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Documents and Settings\RULA\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Documents and Settings\RULA\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Documents and Settings\RULA\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg\1.0.43_0\
CHR - Extension: No name found = C:\Documents and Settings\RULA\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_1\
CHR - Extension: No name found = C:\Documents and Settings\RULA\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Documents and Settings\RULA\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Documents and Settings\RULA\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\
 
O1 HOSTS File: ([2016-09-23 19:13:18 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira SystrayStartTrigger] C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-21-854245398-362288127-682003330-1004..\Run: [WowApp] C:\Documents and Settings\RULA\Dane aplikacji\WowApp\WowApp.exe (YouWowMe Romania SRL)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe (Ralink Technology, Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-854245398-362288127-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-854245398-362288127-682003330-1004\..Trusted Domains: localhost ([]* in Trusted sites)
O15 - HKU\S-1-5-21-854245398-362288127-682003330-1004\..Trusted Domains: webcompanion.com ([]http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{520D443C-644D-4168-B2D7-ABFA34AF2BD6}: DhcpNameServer = 192.168.10.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\System32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () -
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015-02-13 14:21:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{51733be2-3847-11e6-8807-50e549d7477c}\Shell - "" = AutoRun
O33 - MountPoints2\{51733be2-3847-11e6-8807-50e549d7477c}\Shell\AutoRun\command - "" = G:\HiSuiteDownLoader.exe
O33 - MountPoints2\{8cc1da06-9160-11e6-897a-50e549d7477c}\Shell - "" = AutoRun
O33 - MountPoints2\{8cc1da06-9160-11e6-897a-50e549d7477c}\Shell\AutoRun\command - "" = G:\HiSuiteDownLoader.exe
O33 - MountPoints2\{8cc1da07-9160-11e6-897a-50e549d7477c}\Shell - "" = AutoRun
O33 - MountPoints2\{8cc1da07-9160-11e6-897a-50e549d7477c}\Shell\AutoRun\command - "" = G:\HiSuiteDownLoader.exe
O33 - MountPoints2\{91fa2eee-814c-11e6-8929-50e549d7477c}\Shell - "" = AutoRun
O33 - MountPoints2\{91fa2eee-814c-11e6-8929-50e549d7477c}\Shell\AutoRun\command - "" = G:\HiSuiteDownLoader.exe
O33 - MountPoints2\{91fa2ef6-814c-11e6-8929-50e549d7477c}\Shell - "" = AutoRun
O33 - MountPoints2\{91fa2ef6-814c-11e6-8929-50e549d7477c}\Shell\AutoRun\command - "" = G:\HiSuiteDownLoader.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2017-06-07 15:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RULA\Menu Start\Programy\Telegram Desktop
[2017-06-07 15:57:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RULA\Dane aplikacji\Telegram Desktop
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2017-06-09 13:05:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2017-06-09 11:19:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017-06-08 09:15:38 | 011,117,208 | ---- | M] () -- C:\Documents and Settings\RULA\Pulpit\Royal Dragon Traders Double Your Bitcoins In 90 Days Earning Huge Passive Income.mp4
[2017-06-07 15:57:45 | 000,000,981 | ---- | M] () -- C:\Documents and Settings\RULA\Pulpit\Telegram.lnk
[2017-06-06 10:27:18 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2017-06-02 17:42:18 | 000,012,984 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2017-05-14 06:09:22 | 000,803,320 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2017-05-14 06:09:22 | 000,144,888 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2017-05-11 15:25:01 | 000,000,897 | ---- | M] () -- C:\Documents and Settings\RULA\Pulpit\WowApp.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2017-06-08 09:15:25 | 011,117,208 | ---- | C] () -- C:\Documents and Settings\RULA\Pulpit\Royal Dragon Traders Double Your Bitcoins In 90 Days Earning Huge Passive Income.mp4
[2017-06-07 15:57:45 | 000,000,981 | ---- | C] () -- C:\Documents and Settings\RULA\Pulpit\Telegram.lnk
[2017-05-11 15:25:01 | 000,000,897 | ---- | C] () -- C:\Documents and Settings\RULA\Pulpit\WowApp.lnk
[2016-09-28 15:36:30 | 000,338,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2016-02-18 16:13:53 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2015-08-14 08:32:15 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2015-08-09 11:13:01 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\RULA\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015-06-29 22:41:45 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\RULA\Ustawienia lokalne\Dane aplikacji\housecall.guid.cache
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2015-07-16 12:08:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-15 13:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2013-07-26 15:24:16 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2015-06-18 12:38:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\.mono
[2016-12-23 14:14:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2015-07-14 21:01:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG
[2015-07-14 20:38:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2017-01-02 16:55:47 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DIBsection
[2017-04-20 17:17:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DigitalWave.ApplicationUpdater_files
[2016-01-20 13:29:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Dropbox
[2015-08-17 17:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MetaQuotes
[2016-02-03 09:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MGS
[2016-08-05 06:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Oracle
[2016-09-28 15:52:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Package Cache
[2015-06-18 12:38:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\.mono
[2015-07-14 21:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\AVG
[2017-01-02 16:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\BetexTrader
[2016-01-02 09:25:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\bwincom
[2016-02-27 16:44:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\cef-cache
[2016-06-29 18:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\cef3-cache
[2015-05-16 08:10:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\Dropbox
[2017-06-08 09:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\DVDVideoSoft
[2015-08-19 21:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\ElevatedDiagnostics
[2015-08-18 13:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\Eusing
[2015-07-12 09:46:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\Gyazo
[2015-07-14 21:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\How Inc
[2015-08-17 17:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\MetaQuotes
[2016-11-30 19:27:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\Microgaming
[2015-08-01 09:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\Nico Mak Computing
[2015-07-14 15:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\Opera Software
[2015-03-27 20:20:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\Oracle
[2016-02-27 16:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\Party
[2016-09-20 15:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\PCPRJ
[2015-05-20 20:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\RADsoft
[2016-12-23 12:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\SoftCDN
[2017-06-09 12:26:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\Telegram Desktop
[2016-01-24 12:25:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\UDC Profiles
[2015-06-18 12:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\Unity
[2017-05-11 15:25:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\WowApp
[2015-12-21 17:44:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RULA\Dane aplikacji\WWINPoker
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >

 

Edytowane przez androlo

Twój_Anioł_Stróż
komentarz
komentarz

Nie widzę tu żadnej infekcji.

 

Cytuj

Error - 2017-06-08 15:01:46 | Computer Name = RULA-36DDF7C1D4 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca firefox.exe, wersja 52.1.2.6346, moduł zawieszenia
 hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
 
Error - 2017-06-08 15:01:58 | Computer Name = RULA-36DDF7C1D4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd plugin-container.exe, wersja 52.1.2.6346,
 moduł powodujący błąd mozglue.dll, wersja 52.1.2.6346, adres błędu 0x0000f37f.
 
Error - 2017-06-08 16:29:12 | Computer Name = RULA-36DDF7C1D4 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca firefox.exe, wersja 52.1.2.6346, moduł zawieszenia
 hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Przeinstaluj Firefoxa.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.