antos utworzono 1 grudnia 2009 utworzono 1 grudnia 2009 Witam Przyniosłem ze szkoły pewną ilość danych na pendrive, niestety razem z nimi przyniosłem również trojana Amvo. Szczerze mówiąc jeszcze tak zajadłej cholery nie widziałem. W moment się rozmnożył na każdy dysk po jednym egzemplarzu w pliku sp1jensi.exe i zaczął atakować temp w którym się rozmnożył, a ja nie nadążałem wyłączać ostrzeżeń Avasta o wirusach. Niestety podszył się on pod jakiś proces i do tego swoim plikom ponadawał atrybuty systemowe, co nie było by dla mnie problemem, gdyby nie to, że nie pozwalał on pokazać plików ani systemowych ani ukrytych. Avast oczywiście nic nie umiał zdziałać, hijackthis też mi nie pomagał, więc w ruch poszedł Combofix. Combofix jakoś odblokował kopa, w ten sposób, że potrafiłem już wyczyścić temp i usunąć te nieszczęsne spjensi.exe. Na razie komp działa poprawnie. Nie zauważyłem nic. Skaner pokazuje, że komp jest czysty. Pousuwałem wszystkie wpisy z rejestru, które wspominały o tym pliku. Więc proszę o sprawdzenie logów, czy coś tam jeszcze nie siedzi przypadkiem. log z ComboFix [log] ComboFix 09-06-05.07 - Excalibur 2009-12-01 20:59.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.255.73 [GMT 1:00] Uruchomiony z: d:\instalki\ComboFix.exe AV: avast! antivirus 4.8.1351 [VPS 091201-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: Kerio Personal Firewall *enabled* {8DD86BF7-28B3-4CE9-88AE-E6EC790CAECA} . - TRYB ZREDUKOWANEJ FUNKCJONALNOŚCI - . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\autorun.inf D:\Autorun.inf . ((((((((((((((((((((((((( Pliki utworzone od 2009-11-01 do 2009-12-01 ))))))))))))))))))))))))))))))) . 2009-12-01 18:51 . 2009-10-04 17:00 117453 --sh--r- C:\sp1jensi.exe 2009-11-23 18:33 . 2003-03-15 22:15 90112 ----a-w- c:\windows\unvise32.exe 2009-11-07 09:47 . 2009-11-07 09:49 -------- d-----w- c:\windows\system32\NtmsData . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-30 21:44 . 2008-11-30 18:47 -------- d-----w- c:\documents and settings\Excalibur\Dane aplikacji\foobar2000 2009-11-23 18:16 . 2009-03-14 18:43 515 ----a-w- c:\windows\system32\drivers\fwdrv.err 2009-11-07 11:02 . 2009-10-28 16:36 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\NOS 2009-10-31 20:42 . 2008-11-24 14:07 -------- d-----w- c:\program files\Neostrada TP 2009-10-30 16:32 . 2008-11-24 14:10 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-10-26 21:00 . 2008-11-24 17:30 -------- d-----w- c:\program files\Common Files\Adobe 2009-10-25 07:50 . 2001-10-26 16:15 74230 ----a-w- c:\windows\system32\perfc015.dat 2009-10-25 07:50 . 2001-10-26 16:15 448004 ----a-w- c:\windows\system32\perfh015.dat 2009-10-20 18:11 . 2009-10-20 18:11 -------- d-----w- c:\documents and settings\Excalibur\Dane aplikacji\EurekaLog 2009-10-20 11:33 . 2009-10-23 12:49 103424 ----a-w- c:\documents and settings\Excalibur\Dane aplikacji\Mozilla\Firefox\Profiles\h65ehtwz.default\extensions\piclens@cooliris.com\libs\pixomatic.dll 2009-10-20 11:33 . 2009-10-23 12:49 545280 ----a-w- c:\documents and settings\Excalibur\Dane aplikacji\Mozilla\Firefox\Profiles\h65ehtwz.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe 2009-10-20 11:33 . 2009-10-23 12:49 4716544 ----a-w- c:\documents and settings\Excalibur\Dane aplikacji\Mozilla\Firefox\Profiles\h65ehtwz.default\extensions\piclens@cooliris.com\components\cooliris.dll 2009-10-20 11:33 . 2009-10-23 12:49 344064 ----a-w- c:\documents and settings\Excalibur\Dane aplikacji\Mozilla\Firefox\Profiles\h65ehtwz.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe 2009-10-20 11:33 . 2009-10-23 12:49 153600 ----a-w- c:\documents and settings\Excalibur\Dane aplikacji\Mozilla\Firefox\Profiles\h65ehtwz.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll 2009-09-23 15:37 . 2009-10-28 16:35 34112 ----a-w- c:\documents and settings\Excalibur\Dane aplikacji\Mozilla\Firefox\Profiles\h65ehtwz.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe 2009-09-23 15:37 . 2009-10-28 16:35 22352 ----a-w- c:\documents and settings\Excalibur\Dane aplikacji\Mozilla\Firefox\Profiles\h65ehtwz.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe 2009-09-22 18:29 . 2008-11-24 15:03 64272 ----a-w- c:\documents and settings\Excalibur\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2009-09-10 18:16 . 2008-11-25 07:55 881664 ----a-w- c:\windows\system32\xvidcore.dll 2009-09-10 18:12 . 2008-11-25 07:57 892928 ----a-w- c:\windows\system32\iconv.dll 2006-01-23 09:32 . 2006-01-23 09:32 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll 2006-06-07 13:40 . 2006-06-07 13:40 132848 ----a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll . ------- Sigcheck ------- [-] 2008-05-02 06:48 361344 21AB43BCA039B88B1D7F62EEC3F5CF32 c:\windows\system32\drivers\tcpip.sys . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="d:\programy\AVAST\ashDisp.exe" [2009-08-17 81000] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2008-03-01 124928] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 (0x3) "LightScribeService"=2 (0x2) "gusvc"=2 (0x2) "gupdate1c9e2277c1f0c42"=2 (0x2) "UPS"=3 (0x3) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "d:\\Programy\\BitSpirit\\BitSpirit.exe"= "d:\\Gry\\Live for Speed S2\\LFS.exe"= "d:\\Programy\\Kerio\\Personal Firewall 4\\kpf4gui.exe"= "d:\\Programy\\AQQ\\WapSter AQQ\\AQQ.exe"= "d:\\Gry\\mETIN 2\\metin2.bin"= "c:\\WINDOWS\\system32\\ftp.exe"= "d:\\Programy\\Gadu-Gadu\\gg.exe"= "d:\\Gry\\cs 1.6\\hl.exe"= "d:\\Gry\\cs 1.6\\hlds.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "d:\\Gry\\TmNationsForever\\TmForever.exe"= "d:\\Gry\\cs 1.6\\hltv.exe"= "d:\\Gry\\mETIN 2\\metin2client.bin"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-24 114768] R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [2004-11-02 262144] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-11-24 20560] S4 gupdate1c9e2277c1f0c42;Usługa Google Update (gupdate1c9e2277c1f0c42);c:\program files\Google\Update\GoogleUpdate.exe [2009-05-31 133104] --- Inne Usługi/Sterowniki w Pamięci --- *Deregistered* - TapiSrv *Deregistered* - TermService *Deregistered* - Themes *Deregistered* - TrkWks *Deregistered* - WebClient *Deregistered* - winmgmt *Deregistered* - WmiApSrv *Deregistered* - WudfSvc *Deregistered* - WZCSVC [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0bca8bbe-7697-11de-9a19-4d6564696130}] \Shell\AutoRun\command - H:\sp1jensi.exe \Shell\open\Command - H:\sp1jensi.exe [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Common Files\LightScribe\LSRunOnce.exe" . Zawartość folderu 'Zaplanowane zadania' 2009-09-19 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-31 19:37] 2009-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-05-31 19:39] 2009-06-06 c:\windows\Tasks\NSSstub.job - c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [2009-02-27 19:48] . . ------- Skan uzupełniający ------- . uInternet Connection Wizard,ShellNext = iexplore . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-01 20:59 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'winlogon.exe'(956) c:\windows\system32\Ati2evxx.dll . Czas ukończenia: 2009-12-01 21:03 ComboFix-quarantined-files.txt 2009-12-01 20:02 ComboFix2.txt 2009-03-07 09:58 ComboFix3.txt 2009-01-06 19:24 Przed: 1 613 344 768 bajtów wolnych Po: 1 619 079 168 bajtów wolnych Current=6 Default=6 Failed=5 LastKnownGood=7 Sets=1,2,3,4,5,6,7 136 [/log] oraz z OTL-a [log] OTL logfile created on: 2009-12-01 21:53:41 - Run 2 OTL by OldTimer - Version 3.0.19.0 Folder = D:\Instalki Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 255,48 Mb Total Physical Memory | 45,10 Mb Available Physical Memory | 17,65% Memory free 1003,01 Mb Paging File | 623,74 Mb Available in Paging File | 62,19% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 6,01 Gb Total Space | 1,53 Gb Free Space | 25,42% Space Free | Partition Type: NTFS Drive D: | 68,55 Gb Total Space | 5,09 Gb Free Space | 7,42% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HOME-DA6800DD63 Current User Name: Excalibur Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2009-11-07 08:34:37 | 00,908,248 | ---- | M] (Mozilla Corporation) -- D:\Programy\Mozilla FireFox 3.0\firefox.exe PRC - [2009-10-11 08:14:55 | 00,520,192 | ---- | M] (OldTimer Tools) -- D:\Instalki\OTL.exe PRC - [2009-08-17 17:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- D:\Programy\AVAST\ashDisp.exe PRC - [2009-08-17 17:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- D:\Programy\AVAST\ashServ.exe PRC - [2009-08-17 17:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- D:\Programy\AVAST\ashMaiSv.exe PRC - [2009-08-17 16:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- D:\Programy\AVAST\aswUpdSv.exe PRC - [2009-03-09 04:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2008-04-14 21:51:50 | 00,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winlogon.exe PRC - [2008-04-14 21:51:44 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spoolsv.exe PRC - [2008-04-14 21:51:44 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smss.exe PRC - [2008-04-14 21:51:44 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe PRC - [2008-04-14 21:51:40 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\services.exe PRC - [2008-04-14 21:51:24 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lsass.exe PRC - [2008-04-14 21:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2008-04-14 21:51:12 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ctfmon.exe PRC - [2008-04-14 21:51:12 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\csrss.exe PRC - [2008-04-14 21:51:04 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\alg.exe PRC - [2006-07-25 17:28:16 | 00,200,704 | ---- | M] (National Instruments, Inc.) -- D:\Programy\NI MULTISIM\Shared\Security\nidmsrv.exe PRC - [2006-07-25 17:28:10 | 00,057,344 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\System32\lktsrv.exe PRC - [2006-07-25 17:28:02 | 00,045,056 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\System32\lkads.exe PRC - [2006-06-19 14:01:52 | 00,688,190 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\System32\lkcitdl.exe PRC - [2006-05-03 18:43:46 | 00,413,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe PRC - [2006-02-06 16:46:42 | 00,049,152 | ---- | M] (National Instruments Corp.) -- C:\WINDOWS\System32\nisvcloc.exe PRC - [2004-10-27 10:56:38 | 01,912,832 | ---- | M] (Kerio Technologies) -- D:\Programy\Kerio\Personal Firewall 4\kpf4ss.exe PRC - [2004-10-27 10:56:00 | 02,899,968 | ---- | M] (Kerio Technologies) -- D:\Programy\Kerio\Personal Firewall 4\kpf4gui.exe PRC - [2003-06-19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-08-17 17:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- D:\Programy\AVAST\ashServ.exe -- (avast! Antivirus [Auto | Running]) SRV - [2009-08-17 17:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- D:\Programy\AVAST\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running]) SRV - [2009-08-17 17:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- D:\Programy\AVAST\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Stopped]) SRV - [2009-08-17 16:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- D:\Programy\AVAST\aswUpdSv.exe -- (aswUpdSv [Auto | Running]) SRV - [2009-05-31 20:39:08 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9e2277c1f0c42 [Disabled | Stopped]) SRV - [2009-05-31 20:37:15 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Disabled | Stopped]) SRV - [2009-03-09 04:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running]) SRV - [2008-08-07 11:17:30 | 00,575,488 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped]) SRV - [2008-04-14 21:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2007-06-01 10:21:30 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [Disabled | Stopped]) SRV - [2007-05-15 17:20:12 | 00,079,400 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Disabled | Stopped]) SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Disabled | Stopped]) SRV - [2006-07-25 17:28:16 | 00,200,704 | ---- | M] (National Instruments, Inc.) -- D:\Programy\NI MULTISIM\Shared\Security\nidmsrv.exe -- (NIDomainService [Auto | Running]) SRV - [2006-07-25 17:28:10 | 00,057,344 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\System32\lktsrv.exe -- (lkTimeSync [Auto | Running]) SRV - [2006-07-25 17:28:02 | 00,045,056 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\System32\lkads.exe -- (lkClassAds [Auto | Running]) SRV - [2006-06-27 19:55:28 | 01,007,616 | ---- | M] (Macrovision Corporation) -- D:\Programy\NI MULTISIM\Shared\License Manager\Bin\lmgrd.exe -- (NILM License Manager [On_Demand | Stopped]) SRV - [2006-06-19 14:01:52 | 00,688,190 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\System32\lkcitdl.exe -- (LkCitadelServer [Auto | Running]) SRV - [2006-05-03 18:43:46 | 00,413,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running]) SRV - [2006-02-06 16:46:42 | 00,049,152 | ---- | M] (National Instruments Corp.) -- C:\WINDOWS\System32\nisvcloc.exe -- (niSvcLoc [Auto | Running]) SRV - [2005-09-23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2005-09-23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2004-10-27 10:56:38 | 01,912,832 | ---- | M] (Kerio Technologies) -- D:\Programy\Kerio\Personal Firewall 4\kpf4ss.exe -- (KPF4 [Auto | Running]) SRV - [2004-10-22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped]) SRV - [2004-09-15 21:10:00 | 00,516,096 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped]) SRV - [2003-07-28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2003-06-19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-08-17 17:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running]) DRV - [2009-08-17 17:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running]) DRV - [2009-08-17 17:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running]) DRV - [2009-08-17 17:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running]) DRV - [2009-08-17 17:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running]) DRV - [2009-08-17 17:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running]) DRV - [2009-01-11 13:16:02 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Running]) DRV - [2008-11-30 11:00:37 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running]) DRV - [2008-06-06 09:24:44 | 00,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev [On_Demand | Stopped]) DRV - [2008-05-07 07:38:20 | 00,020,864 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys -- (nmwcdc [On_Demand | Stopped]) DRV - [2008-05-07 07:38:20 | 00,017,536 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys -- (nmwcd [On_Demand | Stopped]) DRV - [2008-05-02 07:48:55 | 00,062,208 | ---- | M] (Silicon Image, Inc.) -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112 [Boot | Running]) DRV - [2008-04-14 01:15:30 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running]) DRV - [2008-04-14 00:15:38 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\usbser.sys -- (usbser [On_Demand | Stopped]) DRV - [2008-04-13 21:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2006-07-27 10:00:00 | 00,004,096 | ---- | M] () -- C:\WINDOWS\System32\drivers\cvintdrv.sys -- (cvintdrv [Auto | Running]) DRV - [2006-05-03 18:50:42 | 01,540,608 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running]) DRV - [2005-11-03 15:40:07 | 00,063,488 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02 [Boot | Running]) DRV - [2005-08-10 13:44:04 | 00,050,688 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running]) DRV - [2005-05-16 14:20:39 | 00,006,656 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running]) DRV - [2004-11-02 10:00:52 | 00,262,144 | ---- | M] () -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv [System | Running]) DRV - [2004-08-09 12:33:26 | 00,114,016 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02 [Boot | Running]) DRV - [2004-08-09 12:29:28 | 00,053,920 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06 [System | Running]) DRV - [2004-07-19 15:49:54 | 00,007,040 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1 [Boot | Running]) DRV - [2004-03-02 09:26:58 | 00,050,007 | ---- | M] (Analog Deivces) -- C:\WINDOWS\System32\Drivers\adildr.sys -- (ADILOADER [Auto | Stopped]) DRV - [2004-03-02 09:24:16 | 00,127,065 | ---- | M] (Analog Devices Inc.) -- C:\WINDOWS\System32\DRIVERS\adiusbaw.sys -- (adiusbaw [On_Demand | Running]) DRV - [2003-12-01 16:20:52 | 00,004,832 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01 [Boot | Running]) DRV - [2002-12-05 05:01:00 | 00,241,664 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvapu.sys -- (nvnforce [On_Demand | Running]) DRV - [2002-12-05 05:01:00 | 00,013,056 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvax.sys -- (nvax [On_Demand | Running]) DRV - [2002-09-23 03:37:00 | 00,080,896 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\NVENET.sys -- (NVENET [On_Demand | Running]) DRV - [2002-09-06 04:24:00 | 00,013,568 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp [Boot | Running]) DRV - [2002-08-13 14:27:22 | 00,074,338 | ---- | M] (3Com Corporation) -- C:\WINDOWS\System32\DRIVERS\el90Xbc5.SYS -- (EL90Xbc [On_Demand | Running]) DRV - [2001-08-17 23:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running]) DRV - [2001-08-17 22:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2001-08-17 22:02:32 | 00,008,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\hidgame.sys -- (hidgame [On_Demand | Stopped]) DRV - [1997-04-22 10:16:00 | 00,006,272 | ---- | M] () -- C:\WINDOWS\System32\drivers\aslm75.sys -- (aslm75 [Auto | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - Reg Error: Key error. File not found IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1993962763-1409082233-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm IE - HKU\S-1-5-21-1993962763-1409082233-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-1993962763-1409082233-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\S-1-5-21-1993962763-1409082233-1177238915-1003\S-1-5-21-1993962763-1409082233-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1 FF - prefs.js..extensions.enabledItems: 6 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 48 FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.11.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5 FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-03-08 14:56:33 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: D:\Programy\Mozilla FireFox 3.0\components [2009-11-07 16:26:01 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: D:\Programy\Mozilla FireFox 3.0\plugins [2009-11-07 12:02:52 | 00,000,000 | ---D | M] [2008-11-24 15:34:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\mozilla\Extensions [2008-11-24 15:34:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-12-01 19:54:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\mozilla\Firefox\Profiles\h65ehtwz.default\extensions [2009-08-21 19:47:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\mozilla\Firefox\Profiles\h65ehtwz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009-10-28 17:35:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\mozilla\Firefox\Profiles\h65ehtwz.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2008-11-29 22:22:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\mozilla\Firefox\Profiles\h65ehtwz.default\extensions\bkmrksync@nokia.com [2009-10-23 13:49:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\mozilla\Firefox\Profiles\h65ehtwz.default\extensions\piclens@cooliris.com [2009-10-23 13:49:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\mozilla\Firefox\Profiles\h65ehtwz.default\extensions\piclens@cooliris.com-trash O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O4 - HKLM..\Run: [avast!] D:\Programy\AVAST\ashDisp.exe (ALWIL Software) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\dontdisplaylastusername: = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1993962763-1409082233-1177238915-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1993962763-1409082233-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1993962763-1409082233-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1993962763-1409082233-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-1993962763-1409082233-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistryTools: = 0 O7 - HKU\S-1-5-21-1993962763-1409082233-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistryTools\ShowInfoTip: = 0 O7 - HKU\S-1-5-21-1993962763-1409082233-1177238915-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-11-24 14:52:56 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found NetSvcs: 6to4 - Service key not found. File not found NetSvcs: Ias - Service key not found. File not found NetSvcs: Iprip - Service key not found. File not found NetSvcs: Irmon - Service key not found. File not found NetSvcs: NWCWorkstation - Service key not found. File not found NetSvcs: Nwsapagent - Service key not found. File not found NetSvcs: WmdmPmSp - Service key not found. File not found NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [1 C:\WINDOWS\System32\*.tmp files] [2009-12-01 21:08:53 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2009-12-01 20:58:12 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2009-11-23 19:33:28 | 00,090,112 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe [2009-11-07 10:47:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2008-11-25 22:46:21 | 01,469,952 | ---- | C] (Toshiba Samsung Storage Technology Corporation) -- C:\Documents and Settings\Excalibur\Dane aplikacji\tsdnwin.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [1 C:\WINDOWS\System32\*.tmp files] [3 C:\WINDOWS\*.tmp files] [1 C:\Documents and Settings\Excalibur\Pulpit\*.tmp files] [2009-12-01 21:19:59 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-12-01 21:19:45 | 26,796,4416 | -HS- | M] () -- C:\hiberfil.sys [2009-12-01 20:59:52 | 00,000,277 | ---- | M] () -- C:\WINDOWS\system.ini [2009-12-01 18:22:51 | 00,043,520 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\Nowy Dokument programu Microsoft Word.doc [2009-12-01 18:04:58 | 00,036,352 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\Nowy Dokument programu Microsoft Word (2).doc [2009-11-30 17:41:14 | 00,790,404 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\zalaczniki.zip [2009-11-30 17:39:22 | 00,406,847 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\DSC03342.JPG [2009-11-30 17:39:22 | 00,386,590 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\DSC03343.JPG [2009-11-30 15:05:17 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-11-29 19:14:59 | 05,493,686 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\AD934A5Fd01.mp3 [2009-11-23 23:32:44 | 02,107,618 | -H-- | M] () -- C:\Documents and Settings\Excalibur\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-11-23 19:28:20 | 00,000,471 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Magiczny Kamień.lnk [2009-11-23 19:16:50 | 00,000,515 | ---- | M] () -- C:\WINDOWS\System32\drivers\fwdrv.err [2009-11-23 10:15:34 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-11-21 10:01:49 | 00,002,273 | ---- | M] () -- C:\test.spr [2009-11-20 20:30:52 | 00,000,609 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\AQQ.lnk [2009-11-16 19:58:39 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\~$wy Dokument programu Microsoft Word.doc [2009-11-14 09:17:27 | 00,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini [2009-11-03 21:48:16 | 00,150,383 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\Cke.jpg [2009-11-03 21:24:20 | 00,162,850 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\cke.edu.pl.jpg [color=#E56717]========== Files - No Company Name ==========[/color] [2009-11-30 17:41:54 | 00,406,847 | ---- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\DSC03342.JPG [2009-11-30 17:41:48 | 00,386,590 | ---- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\DSC03343.JPG [2009-11-30 17:41:01 | 00,790,404 | ---- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\zalaczniki.zip [2009-11-29 19:15:37 | 05,493,686 | ---- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\AD934A5Fd01.mp3 [2009-11-23 19:28:20 | 00,000,471 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Magiczny Kamień.lnk [2009-11-18 15:44:37 | 00,002,273 | ---- | C] () -- C:\test.spr [2009-11-17 16:45:11 | 00,036,352 | ---- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\Nowy Dokument programu Microsoft Word (2).doc [2009-11-16 19:58:39 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\~$wy Dokument programu Microsoft Word.doc [2009-11-15 21:49:32 | 00,043,520 | ---- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\Nowy Dokument programu Microsoft Word.doc [2009-11-03 21:48:16 | 00,150,383 | ---- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\Cke.jpg [2009-11-03 21:24:19 | 00,162,850 | ---- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\cke.edu.pl.jpg [2009-07-20 11:22:35 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2009-07-02 10:00:13 | 00,000,420 | ---- | C] () -- C:\Documents and Settings\Excalibur\Dane aplikacji\SamsungLiveUpdateConfig.ini [2009-06-05 19:54:07 | 00,207,360 | ---- | C] () -- C:\WINDOWS\System32\evrprop.dll [2009-06-05 19:47:03 | 00,108,032 | ---- | C] () -- C:\WINDOWS\System32\avi.dll [2009-06-05 19:47:00 | 00,141,312 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll [2009-06-05 19:46:57 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll [2009-06-05 19:46:55 | 00,120,832 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll [2009-06-05 19:46:52 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll [2009-06-05 19:46:51 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll [2009-06-05 19:45:55 | 04,471,092 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2009-06-05 19:42:50 | 00,246,784 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll [2009-06-05 19:42:50 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\ts.dll [2009-06-05 19:42:50 | 00,148,480 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll [2009-06-05 19:42:49 | 01,416,015 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll [2009-05-20 17:33:17 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2009-01-31 14:35:54 | 01,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll [2009-01-25 13:07:58 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL [2009-01-18 20:17:48 | 00,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2009-01-18 20:15:39 | 00,557,469 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2009-01-18 20:15:22 | 00,146,098 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll [2009-01-18 20:14:06 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2009-01-18 20:14:03 | 00,113,152 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll [2009-01-18 20:14:00 | 00,183,296 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll [2009-01-18 20:13:56 | 00,178,688 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll [2009-01-18 20:13:52 | 00,486,400 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll [2009-01-18 20:13:45 | 00,257,024 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll [2009-01-18 20:13:40 | 00,142,848 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll [2009-01-12 17:46:30 | 02,941,563 | ---- | C] () -- C:\Documents and Settings\Excalibur\Dane aplikacji\NMM-MetaData.db [2008-11-30 20:31:03 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-11-30 11:00:37 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008-11-30 10:00:46 | 00,007,680 | ---- | C] () -- C:\Documents and Settings\Excalibur\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-11-25 23:22:30 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008-11-25 08:57:37 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2008-11-25 08:57:35 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2008-11-25 08:57:28 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2008-11-25 08:57:26 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2008-11-25 08:57:09 | 00,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2008-11-25 08:55:38 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2008-11-25 08:55:37 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2008-11-25 08:55:34 | 02,041,363 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll [2008-11-25 08:55:34 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008-11-25 08:55:34 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2008-11-25 08:55:33 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008-11-25 08:55:32 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-11-25 08:55:32 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008-11-24 18:39:37 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2008-11-24 16:03:55 | 00,064,272 | ---- | C] () -- C:\Documents and Settings\Excalibur\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2008-11-24 15:43:34 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2008-11-24 15:11:04 | 00,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2008-11-24 15:11:04 | 00,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2008-11-24 15:11:01 | 00,000,342 | ---- | C] () -- C:\WINDOWS\adiras.ini [2008-11-24 15:11:00 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2008-11-24 15:11:00 | 00,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll [2008-11-24 15:06:06 | 02,107,618 | -H-- | C] () -- C:\Documents and Settings\Excalibur\Ustawienia lokalne\Dane aplikacji\IconCache.db [2008-11-24 15:05:10 | 00,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS [2008-11-24 15:00:49 | 00,018,253 | ---- | C] () -- C:\WINDOWS\System32\ssnvfx.ini [2008-11-24 14:59:37 | 00,003,429 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2008-11-24 14:59:36 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2008-11-24 14:56:47 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Excalibur\Dane aplikacji\desktop.ini [2008-05-03 08:24:01 | 00,000,082 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2007-03-29 23:00:40 | 00,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2006-07-27 10:00:00 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\cvintdrv.sys [2006-03-31 22:00:35 | 00,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini [2004-11-02 10:00:52 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\fwdrv.sys [2004-05-02 09:20:19 | 00,000,918 | ---- | C] () -- C:\WINDOWS\GTA-SA_Trn_Settings.ini [2003-04-08 11:40:22 | 00,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2001-07-21 23:16:20 | 00,001,024 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-21 23:15:52 | 00,000,277 | ---- | C] () -- C:\WINDOWS\system.ini [color=#E56717]========== LOP Check ==========[/color] [2009-10-28 17:36:06 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji [2009-02-22 15:54:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2009-01-04 18:00:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2009-01-21 21:38:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\National Instruments [2008-11-29 22:33:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2009-03-05 20:32:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Schematica [2009-01-21 18:48:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2009-08-23 10:13:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TrackMania [2008-11-24 15:43:34 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji [2009-10-20 19:11:00 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji [2009-01-04 18:01:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\Ahead [2009-08-04 17:56:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\Blender Foundation [2008-11-30 11:00:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\DAEMON Tools [2009-10-20 19:11:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\EurekaLog [2009-11-30 22:44:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\foobar2000 [2008-11-24 16:08:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\Gadu-Gadu [2009-07-07 16:08:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\GetRightToGo [2009-01-23 15:49:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\Hamachi [2009-01-21 21:45:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\National Instruments [2009-01-12 17:46:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\Nokia [2008-11-29 22:33:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\PC Suite [2008-11-24 14:55:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji [2008-11-24 14:54:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji [2001-07-21 23:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-09-19 09:11:10 | 00,000,972 | ---- | M] () -- C:\WINDOWS\Tasks\Google Software Updater.job [2009-07-01 07:25:08 | 00,001,032 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [2009-06-06 15:26:02 | 00,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\NSSstub.job [2008-11-24 15:38:14 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2008-11-24 14:52:56 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-06-18 07:03:54 | 00,002,036 | ---- | M] () -- C:\avenger.txt [2008-11-24 14:47:53 | 00,000,211 | ---- | M] () -- C:\Boot.bak [2009-09-19 09:49:44 | 00,000,281 | -HS- | M] () -- C:\boot.ini [2001-07-21 23:13:54 | 00,004,952 | RHS- | M] () -- C:\Bootfont.bin [2004-08-03 23:00:14 | 00,262,400 | ---- | M] () -- C:\cmldr [2009-12-01 21:03:04 | 00,008,332 | ---- | M] () -- C:\ComboFix.txt [2008-11-24 14:52:56 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009-12-01 21:19:45 | 26,796,4416 | -HS- | M] () -- C:\hiberfil.sys [2009-12-01 18:21:57 | 00,029,676 | ---- | M] () -- C:\hpfr3500.log [2008-11-24 14:52:56 | 00,000,000 | RHS- | M] () -- C:\IO.SYS [2008-11-24 14:52:56 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-13 21:13:04 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-13 23:02:00 | 00,251,152 | RHS- | M] () -- C:\ntldr [2009-12-01 21:19:37 | 80,530,6368 | -HS- | M] () -- C:\pagefile.sys [2009-11-21 10:01:49 | 00,002,273 | ---- | M] () -- C:\test.spr < End of report > [/log]
Gość komentarz 2 grudnia 2009 komentarz 2 grudnia 2009 Uruchom OTL i w oknie Custom Scans/Fixes wklej to co jest podanej na tej stronce: http://wklej.org/id/222105/ Kliknij w [b][color=red]Run Fix[/b][/color]. Zatwierdź restart komputera. Następnie uruchom OTL ponownie, tym razem wywołaj opcję [b][color=blue]Run Scan[/b][/color]. Pokaż nowy log OTL.txt oraz log z czyszczenia. .
antos komentarz 2 grudnia 2009 Autor komentarz 2 grudnia 2009 Przy wykonwywaniu tej czynności program OTL zatrzymał się już parokrotnie zatrzymał się na: [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] i od 45 minut na tym stoi i widnieje napis Proccesing Registry Data#
antos komentarz 3 grudnia 2009 Autor komentarz 3 grudnia 2009 [log] OTL logfile created on: 2009-12-03 16:12:21 - Run 3 OTL by OldTimer - Version 3.0.19.0 Folder = D:\Instalki Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 255,48 Mb Total Physical Memory | 66,13 Mb Available Physical Memory | 25,89% Memory free 1003,01 Mb Paging File | 525,82 Mb Available in Paging File | 52,42% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 6,01 Gb Total Space | 1,53 Gb Free Space | 25,43% Space Free | Partition Type: NTFS Drive D: | 68,55 Gb Total Space | 5,09 Gb Free Space | 7,43% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HOME-DA6800DD63 Current User Name: Excalibur Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2009-11-17 15:18:22 | 06,807,552 | ---- | M] (Creative Team S.A.) -- D:\Programy\AQQ\WapSter AQQ\AQQ.exe PRC - [2009-11-07 08:34:37 | 00,908,248 | ---- | M] (Mozilla Corporation) -- D:\Programy\Mozilla FireFox 3.0\firefox.exe PRC - [2009-10-11 08:14:55 | 00,520,192 | ---- | M] (OldTimer Tools) -- D:\Instalki\OTL.exe PRC - [2009-08-17 17:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- D:\Programy\AVAST\ashDisp.exe PRC - [2009-08-17 17:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- D:\Programy\AVAST\ashServ.exe PRC - [2009-08-17 17:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- D:\Programy\AVAST\ashMaiSv.exe PRC - [2009-08-17 16:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- D:\Programy\AVAST\aswUpdSv.exe PRC - [2009-03-09 04:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2008-04-14 21:51:50 | 00,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winlogon.exe PRC - [2008-04-14 21:51:44 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spoolsv.exe PRC - [2008-04-14 21:51:44 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smss.exe PRC - [2008-04-14 21:51:44 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe PRC - [2008-04-14 21:51:40 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\services.exe PRC - [2008-04-14 21:51:24 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lsass.exe PRC - [2008-04-14 21:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2008-04-14 21:51:12 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ctfmon.exe PRC - [2008-04-14 21:51:12 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\csrss.exe PRC - [2008-04-14 21:51:04 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\alg.exe PRC - [2006-07-25 17:28:16 | 00,200,704 | ---- | M] (National Instruments, Inc.) -- D:\Programy\NI MULTISIM\Shared\Security\nidmsrv.exe PRC - [2006-07-25 17:28:10 | 00,057,344 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\System32\lktsrv.exe PRC - [2006-07-25 17:28:02 | 00,045,056 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\System32\lkads.exe PRC - [2006-06-19 14:01:52 | 00,688,190 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\System32\lkcitdl.exe PRC - [2006-05-03 18:43:46 | 00,413,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe PRC - [2006-02-06 16:46:42 | 00,049,152 | ---- | M] (National Instruments Corp.) -- C:\WINDOWS\System32\nisvcloc.exe PRC - [2004-10-27 10:56:38 | 01,912,832 | ---- | M] (Kerio Technologies) -- D:\Programy\Kerio\Personal Firewall 4\kpf4ss.exe PRC - [2004-10-27 10:56:00 | 02,899,968 | ---- | M] (Kerio Technologies) -- D:\Programy\Kerio\Personal Firewall 4\kpf4gui.exe PRC - [2003-06-19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-08-17 17:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- D:\Programy\AVAST\ashServ.exe -- (avast! Antivirus [Auto | Running]) SRV - [2009-08-17 17:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- D:\Programy\AVAST\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running]) SRV - [2009-08-17 17:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- D:\Programy\AVAST\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Stopped]) SRV - [2009-08-17 16:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- D:\Programy\AVAST\aswUpdSv.exe -- (aswUpdSv [Auto | Running]) SRV - [2009-05-31 20:39:08 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9e2277c1f0c42 [Disabled | Stopped]) SRV - [2009-05-31 20:37:15 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Disabled | Stopped]) SRV - [2009-03-09 04:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running]) SRV - [2008-08-07 11:17:30 | 00,575,488 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped]) SRV - [2008-04-14 21:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2007-06-01 10:21:30 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [Disabled | Stopped]) SRV - [2007-05-15 17:20:12 | 00,079,400 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Disabled | Stopped]) SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Disabled | Stopped]) SRV - [2006-07-25 17:28:16 | 00,200,704 | ---- | M] (National Instruments, Inc.) -- D:\Programy\NI MULTISIM\Shared\Security\nidmsrv.exe -- (NIDomainService [Auto | Running]) SRV - [2006-07-25 17:28:10 | 00,057,344 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\System32\lktsrv.exe -- (lkTimeSync [Auto | Running]) SRV - [2006-07-25 17:28:02 | 00,045,056 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\System32\lkads.exe -- (lkClassAds [Auto | Running]) SRV - [2006-06-27 19:55:28 | 01,007,616 | ---- | M] (Macrovision Corporation) -- D:\Programy\NI MULTISIM\Shared\License Manager\Bin\lmgrd.exe -- (NILM License Manager [On_Demand | Stopped]) SRV - [2006-06-19 14:01:52 | 00,688,190 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\System32\lkcitdl.exe -- (LkCitadelServer [Auto | Running]) SRV - [2006-05-03 18:43:46 | 00,413,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running]) SRV - [2006-02-06 16:46:42 | 00,049,152 | ---- | M] (National Instruments Corp.) -- C:\WINDOWS\System32\nisvcloc.exe -- (niSvcLoc [Auto | Running]) SRV - [2005-09-23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2005-09-23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2004-10-27 10:56:38 | 01,912,832 | ---- | M] (Kerio Technologies) -- D:\Programy\Kerio\Personal Firewall 4\kpf4ss.exe -- (KPF4 [Auto | Running]) SRV - [2004-10-22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped]) SRV - [2004-09-15 21:10:00 | 00,516,096 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped]) SRV - [2003-07-28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2003-06-19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-08-17 17:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running]) DRV - [2009-08-17 17:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running]) DRV - [2009-08-17 17:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running]) DRV - [2009-08-17 17:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running]) DRV - [2009-08-17 17:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running]) DRV - [2009-08-17 17:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running]) DRV - [2009-01-11 13:16:02 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Running]) DRV - [2008-11-30 11:00:37 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running]) DRV - [2008-06-06 09:24:44 | 00,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev [On_Demand | Stopped]) DRV - [2008-05-07 07:38:20 | 00,020,864 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys -- (nmwcdc [On_Demand | Stopped]) DRV - [2008-05-07 07:38:20 | 00,017,536 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys -- (nmwcd [On_Demand | Stopped]) DRV - [2008-05-02 07:48:55 | 00,062,208 | ---- | M] (Silicon Image, Inc.) -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112 [Boot | Running]) DRV - [2008-04-14 01:15:30 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running]) DRV - [2008-04-14 00:15:38 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\usbser.sys -- (usbser [On_Demand | Stopped]) DRV - [2008-04-13 21:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2006-07-27 10:00:00 | 00,004,096 | ---- | M] () -- C:\WINDOWS\System32\drivers\cvintdrv.sys -- (cvintdrv [Auto | Running]) DRV - [2006-05-03 18:50:42 | 01,540,608 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running]) DRV - [2005-11-03 15:40:07 | 00,063,488 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02 [Boot | Running]) DRV - [2005-08-10 13:44:04 | 00,050,688 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running]) DRV - [2005-05-16 14:20:39 | 00,006,656 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running]) DRV - [2004-11-02 10:00:52 | 00,262,144 | ---- | M] () -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv [System | Running]) DRV - [2004-08-09 12:33:26 | 00,114,016 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02 [Boot | Running]) DRV - [2004-08-09 12:29:28 | 00,053,920 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06 [System | Running]) DRV - [2004-07-19 15:49:54 | 00,007,040 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1 [Boot | Running]) DRV - [2004-03-02 09:26:58 | 00,050,007 | ---- | M] (Analog Deivces) -- C:\WINDOWS\System32\Drivers\adildr.sys -- (ADILOADER [Auto | Stopped]) DRV - [2004-03-02 09:24:16 | 00,127,065 | ---- | M] (Analog Devices Inc.) -- C:\WINDOWS\System32\DRIVERS\adiusbaw.sys -- (adiusbaw [On_Demand | Running]) DRV - [2003-12-01 16:20:52 | 00,004,832 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01 [Boot | Running]) DRV - [2002-12-05 05:01:00 | 00,241,664 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvapu.sys -- (nvnforce [On_Demand | Running]) DRV - [2002-12-05 05:01:00 | 00,013,056 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvax.sys -- (nvax [On_Demand | Running]) DRV - [2002-09-23 03:37:00 | 00,080,896 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\NVENET.sys -- (NVENET [On_Demand | Running]) DRV - [2002-09-06 04:24:00 | 00,013,568 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp [Boot | Running]) DRV - [2002-08-13 14:27:22 | 00,074,338 | ---- | M] (3Com Corporation) -- C:\WINDOWS\System32\DRIVERS\el90Xbc5.SYS -- (EL90Xbc [On_Demand | Running]) DRV - [2001-08-17 23:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running]) DRV - [2001-08-17 22:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2001-08-17 22:02:32 | 00,008,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\hidgame.sys -- (hidgame [On_Demand | Stopped]) DRV - [1997-04-22 10:16:00 | 00,006,272 | ---- | M] () -- C:\WINDOWS\System32\drivers\aslm75.sys -- (aslm75 [Auto | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - Reg Error: Key error. File not found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1 FF - prefs.js..extensions.enabledItems: 6 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 48 FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.11.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5 FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-03-08 14:56:33 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: D:\Programy\Mozilla FireFox 3.0\components [2009-11-07 16:26:01 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: D:\Programy\Mozilla FireFox 3.0\plugins [2009-11-07 12:02:52 | 00,000,000 | ---D | M] [2008-11-24 15:34:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\mozilla\Extensions [2008-11-24 15:34:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-12-02 20:13:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\mozilla\Firefox\Profiles\h65ehtwz.default\extensions [2009-08-21 19:47:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\mozilla\Firefox\Profiles\h65ehtwz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009-10-28 17:35:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\mozilla\Firefox\Profiles\h65ehtwz.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2008-11-29 22:22:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\mozilla\Firefox\Profiles\h65ehtwz.default\extensions\bkmrksync@nokia.com [2009-10-23 13:49:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\mozilla\Firefox\Profiles\h65ehtwz.default\extensions\piclens@cooliris.com [2009-10-23 13:49:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\mozilla\Firefox\Profiles\h65ehtwz.default\extensions\piclens@cooliris.com-trash O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O4 - HKLM..\Run: [avast!] D:\Programy\AVAST\ashDisp.exe (ALWIL Software) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\dontdisplaylastusername: = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistryTools: = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistryTools\ShowInfoTip: = 0 O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-11-24 14:52:56 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found NetSvcs: 6to4 - Service key not found. File not found NetSvcs: Ias - Service key not found. File not found NetSvcs: Iprip - Service key not found. File not found NetSvcs: Irmon - Service key not found. File not found NetSvcs: NWCWorkstation - Service key not found. File not found NetSvcs: Nwsapagent - Service key not found. File not found NetSvcs: WmdmPmSp - Service key not found. File not found NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [1 C:\WINDOWS\System32\*.tmp files] [2009-12-01 21:08:53 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2009-12-01 20:58:12 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2009-11-23 19:33:28 | 00,090,112 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe [2009-11-07 10:47:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2008-11-25 22:46:21 | 01,469,952 | ---- | C] (Toshiba Samsung Storage Technology Corporation) -- C:\Documents and Settings\Excalibur\Dane aplikacji\tsdnwin.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [1 C:\WINDOWS\System32\*.tmp files] [3 C:\WINDOWS\*.tmp files] [1 C:\Documents and Settings\Excalibur\Pulpit\*.tmp files] [2009-12-03 15:01:36 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-12-03 15:01:21 | 26,796,4416 | -HS- | M] () -- C:\hiberfil.sys [2009-12-02 22:29:51 | 02,108,716 | -H-- | M] () -- C:\Documents and Settings\Excalibur\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-12-01 20:59:52 | 00,000,277 | ---- | M] () -- C:\WINDOWS\system.ini [2009-12-01 18:22:51 | 00,043,520 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\Nowy Dokument programu Microsoft Word.doc [2009-12-01 18:04:58 | 00,036,352 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\Nowy Dokument programu Microsoft Word (2).doc [2009-11-30 17:41:14 | 00,790,404 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\zalaczniki.zip [2009-11-30 17:39:22 | 00,406,847 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\DSC03342.JPG [2009-11-30 17:39:22 | 00,386,590 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\DSC03343.JPG [2009-11-30 15:05:17 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-11-29 19:14:59 | 05,493,686 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\AD934A5Fd01.mp3 [2009-11-23 19:28:20 | 00,000,471 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Magiczny Kamień.lnk [2009-11-23 19:16:50 | 00,000,515 | ---- | M] () -- C:\WINDOWS\System32\drivers\fwdrv.err [2009-11-23 10:15:34 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-11-21 10:01:49 | 00,002,273 | ---- | M] () -- C:\test.spr [2009-11-20 20:30:52 | 00,000,609 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\AQQ.lnk [2009-11-16 19:58:39 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\~$wy Dokument programu Microsoft Word.doc [2009-11-14 09:17:27 | 00,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini [2009-11-03 21:48:16 | 00,150,383 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\Cke.jpg [2009-11-03 21:24:20 | 00,162,850 | ---- | M] () -- C:\Documents and Settings\Excalibur\Pulpit\cke.edu.pl.jpg [color=#E56717]========== Files - No Company Name ==========[/color] [2009-11-30 17:41:54 | 00,406,847 | ---- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\DSC03342.JPG [2009-11-30 17:41:48 | 00,386,590 | ---- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\DSC03343.JPG [2009-11-30 17:41:01 | 00,790,404 | ---- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\zalaczniki.zip [2009-11-29 19:15:37 | 05,493,686 | ---- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\AD934A5Fd01.mp3 [2009-11-23 19:28:20 | 00,000,471 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Magiczny Kamień.lnk [2009-11-18 15:44:37 | 00,002,273 | ---- | C] () -- C:\test.spr [2009-11-17 16:45:11 | 00,036,352 | ---- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\Nowy Dokument programu Microsoft Word (2).doc [2009-11-16 19:58:39 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\~$wy Dokument programu Microsoft Word.doc [2009-11-15 21:49:32 | 00,043,520 | ---- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\Nowy Dokument programu Microsoft Word.doc [2009-11-03 21:48:16 | 00,150,383 | ---- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\Cke.jpg [2009-11-03 21:24:19 | 00,162,850 | ---- | C] () -- C:\Documents and Settings\Excalibur\Pulpit\cke.edu.pl.jpg [2009-07-20 11:22:35 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2009-07-02 10:00:13 | 00,000,420 | ---- | C] () -- C:\Documents and Settings\Excalibur\Dane aplikacji\SamsungLiveUpdateConfig.ini [2009-06-05 19:54:07 | 00,207,360 | ---- | C] () -- C:\WINDOWS\System32\evrprop.dll [2009-06-05 19:47:03 | 00,108,032 | ---- | C] () -- C:\WINDOWS\System32\avi.dll [2009-06-05 19:47:00 | 00,141,312 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll [2009-06-05 19:46:57 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll [2009-06-05 19:46:55 | 00,120,832 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll [2009-06-05 19:46:52 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll [2009-06-05 19:46:51 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll [2009-06-05 19:45:55 | 04,471,092 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2009-06-05 19:42:50 | 00,246,784 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll [2009-06-05 19:42:50 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\ts.dll [2009-06-05 19:42:50 | 00,148,480 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll [2009-06-05 19:42:49 | 01,416,015 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll [2009-05-20 17:33:17 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2009-01-31 14:35:54 | 01,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll [2009-01-18 20:17:48 | 00,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2009-01-18 20:15:39 | 00,557,469 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2009-01-18 20:15:22 | 00,146,098 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll [2009-01-18 20:14:06 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2009-01-18 20:14:03 | 00,113,152 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll [2009-01-18 20:14:00 | 00,183,296 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll [2009-01-18 20:13:56 | 00,178,688 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll [2009-01-18 20:13:52 | 00,486,400 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll [2009-01-18 20:13:45 | 00,257,024 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll [2009-01-18 20:13:40 | 00,142,848 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll [2009-01-12 17:46:30 | 02,941,563 | ---- | C] () -- C:\Documents and Settings\Excalibur\Dane aplikacji\NMM-MetaData.db [2008-11-30 20:31:03 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-11-30 11:00:37 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008-11-30 10:00:46 | 00,007,680 | ---- | C] () -- C:\Documents and Settings\Excalibur\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-11-25 23:22:30 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008-11-25 08:57:37 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2008-11-25 08:57:35 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2008-11-25 08:57:28 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2008-11-25 08:57:26 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2008-11-25 08:57:09 | 00,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2008-11-25 08:55:38 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2008-11-25 08:55:37 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2008-11-25 08:55:34 | 02,041,363 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll [2008-11-25 08:55:34 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008-11-25 08:55:34 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2008-11-25 08:55:33 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008-11-25 08:55:32 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-11-25 08:55:32 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008-11-24 18:39:37 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2008-11-24 16:03:55 | 00,064,272 | ---- | C] () -- C:\Documents and Settings\Excalibur\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2008-11-24 15:43:34 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2008-11-24 15:11:04 | 00,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2008-11-24 15:11:04 | 00,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2008-11-24 15:11:01 | 00,000,342 | ---- | C] () -- C:\WINDOWS\adiras.ini [2008-11-24 15:11:00 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2008-11-24 15:11:00 | 00,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll [2008-11-24 15:06:06 | 02,108,716 | -H-- | C] () -- C:\Documents and Settings\Excalibur\Ustawienia lokalne\Dane aplikacji\IconCache.db [2008-11-24 15:05:10 | 00,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS [2008-11-24 15:00:49 | 00,018,253 | ---- | C] () -- C:\WINDOWS\System32\ssnvfx.ini [2008-11-24 14:59:37 | 00,003,429 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2008-11-24 14:59:36 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2008-11-24 14:56:47 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Excalibur\Dane aplikacji\desktop.ini [2008-05-03 08:24:01 | 00,000,082 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2007-03-29 23:00:40 | 00,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2006-07-27 10:00:00 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\cvintdrv.sys [2006-03-31 22:00:35 | 00,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini [2004-11-02 10:00:52 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\fwdrv.sys [2004-05-02 09:20:19 | 00,000,918 | ---- | C] () -- C:\WINDOWS\GTA-SA_Trn_Settings.ini [2003-04-08 11:40:22 | 00,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2001-07-21 23:16:20 | 00,001,024 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-21 23:15:52 | 00,000,277 | ---- | C] () -- C:\WINDOWS\system.ini [color=#E56717]========== LOP Check ==========[/color] [2009-10-28 17:36:06 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji [2009-02-22 15:54:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2009-01-04 18:00:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2009-01-21 21:38:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\National Instruments [2008-11-29 22:33:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2009-03-05 20:32:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Schematica [2009-01-21 18:48:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2009-08-23 10:13:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TrackMania [2009-10-20 19:11:00 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji [2009-01-04 18:01:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\Ahead [2009-08-04 17:56:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\Blender Foundation [2008-11-30 11:00:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\DAEMON Tools [2009-10-20 19:11:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\EurekaLog [2009-11-30 22:44:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\foobar2000 [2008-11-24 16:08:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\Gadu-Gadu [2009-07-07 16:08:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\GetRightToGo [2009-01-23 15:49:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\Hamachi [2009-01-21 21:45:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\National Instruments [2009-01-12 17:46:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\Nokia [2008-11-29 22:33:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Excalibur\Dane aplikacji\PC Suite [2001-07-21 23:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-09-19 09:11:10 | 00,000,972 | ---- | M] () -- C:\WINDOWS\Tasks\Google Software Updater.job [2009-07-01 07:25:08 | 00,001,032 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [2009-06-06 15:26:02 | 00,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\NSSstub.job [2008-11-24 15:38:14 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2008-11-24 14:52:56 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-06-18 07:03:54 | 00,002,036 | ---- | M] () -- C:\avenger.txt [2008-11-24 14:47:53 | 00,000,211 | ---- | M] () -- C:\Boot.bak [2009-09-19 09:49:44 | 00,000,281 | -HS- | M] () -- C:\boot.ini [2001-07-21 23:13:54 | 00,004,952 | RHS- | M] () -- C:\Bootfont.bin [2004-08-03 23:00:14 | 00,262,400 | ---- | M] () -- C:\cmldr [2009-12-01 21:03:04 | 00,008,332 | ---- | M] () -- C:\ComboFix.txt [2008-11-24 14:52:56 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009-12-03 15:01:21 | 26,796,4416 | -HS- | M] () -- C:\hiberfil.sys [2009-12-01 22:34:06 | 00,029,957 | ---- | M] () -- C:\hpfr3500.log [2008-11-24 14:52:56 | 00,000,000 | RHS- | M] () -- C:\IO.SYS [2008-11-24 14:52:56 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-13 21:13:04 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-13 23:02:00 | 00,251,152 | RHS- | M] () -- C:\ntldr [2009-12-03 15:01:13 | 80,530,6368 | -HS- | M] () -- C:\pagefile.sys [2009-11-21 10:01:49 | 00,002,273 | ---- | M] () -- C:\test.spr < End of report > [/log] extras [log] OTL Extras logfile created on: 2009-12-03 16:12:21 - Run 3 OTL by OldTimer - Version 3.0.19.0 Folder = D:\Instalki Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 255,48 Mb Total Physical Memory | 66,13 Mb Available Physical Memory | 25,89% Memory free 1003,01 Mb Paging File | 525,82 Mb Available in Paging File | 52,42% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 6,01 Gb Total Space | 1,53 Gb Free Space | 25,43% Space Free | Partition Type: NTFS Drive D: | 68,55 Gb Total Space | 5,09 Gb Free Space | 7,43% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HOME-DA6800DD63 Current User Name: Excalibur Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- D:\Programy\Mozilla FireFox 3.0\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found htmlfile [edit] -- "D:\Programy\Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "D:\Programy\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "D:\Programy\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "D:\Programy\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "D:\Programy\BitSpirit\BitSpirit.exe" = D:\Programy\BitSpirit\BitSpirit.exe:*:Enabled:The powerful and easy-to-use BitTorrent Client -- (LANSPIRIT.NET) "D:\Gry\Live for Speed S2\LFS.exe" = D:\Gry\Live for Speed S2\LFS.exe:*:Enabled:LFS -- () "D:\Programy\Kerio\Personal Firewall 4\kpf4gui.exe" = D:\Programy\Kerio\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI -- (Kerio Technologies) "D:\Programy\AQQ\WapSter AQQ\AQQ.exe" = D:\Programy\AQQ\WapSter AQQ\AQQ.exe:*:Enabled:AQQ -- (Creative Team S.A.) "D:\Gry\mETIN 2\metin2.bin" = D:\Gry\mETIN 2\metin2.bin:*:Enabled:metin2 -- () "C:\WINDOWS\system32\ftp.exe" = C:\WINDOWS\system32\ftp.exe:*:Disabled:Program do transferu plików -- (Microsoft Corporation) "D:\Programy\Gadu-Gadu\gg.exe" = D:\Programy\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.) "D:\Gry\cs 1.6\hl.exe" = D:\Gry\cs 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve) "D:\Gry\cs 1.6\hlds.exe" = D:\Gry\cs 1.6\hlds.exe:*:Enabled:HLDS Launcher -- (Valve) "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "D:\Gry\TmNationsForever\TmForever.exe" = D:\Gry\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- () "D:\Gry\cs 1.6\hltv.exe" = D:\Gry\cs 1.6\hltv.exe:*:Enabled:HLTV Launcher -- (Valve) "D:\Gry\mETIN 2\metin2client.bin" = D:\Gry\mETIN 2\metin2client.bin:*:Enabled:metin2client -- () [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0168B3E7-393C-4749-B429-FD5B6FD50567}" = NI Circuit Design Suite Support and Upgrade Utility "{0A3D3C54-2EC0-4D67-B265-FF17926E6D67}" = Nokia Connectivity Cable Driver "{0BEA337D-71D0-44C7-A575-932612A00908}" = NI EULA Depot "{11F5D779-7BD9-465A-BBC4-10701386BCB9}" = FW LiveUpdate "{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}" = PC Connectivity Solution "{1DED92A7-05FA-4736-8AEA-1BE2363F1045}" = Nero 7 Essentials "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 13 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{39833F1F-E56B-4A2C-93F1-E5F6C1D7C107}" = Conquer 2.0 "{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840 "{4CDE9452-7BA2-46BC-9551-6A041F4A3B66}" = NI LabVIEW Run-Time Engine 8.2 "{4F763B06-A014-481B-951A-11AFCD667010}" = Global MU Online "{53FE1175-1B37-4677-924C-62AFFCC83800}" = NI MDF Support "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{6CAB860B-CB68-462B-AF66-83AEF9BD6ED2}" = NI Circuit Design Suite 10 Pro "{6CB09F11-AA88-499A-A7CC-709B18FE552F}" = Max Payne 2 Tools "{6D3A42EA-DFD9-4E8A-A9DC-3DE9B162BEDD}" = Sony Vegas Movie Studio 8.0 "{6FADAF5C-C9AC-49E5-8B14-7021F91EF0B5}" = NI LabVIEW Run-Time Engine 8.0.1 "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{80157B54-DB3E-4EE9-8AD8-63A905765FF4}_is1" = Opti Drive Control 1.10 "{889BF4A8-E783-46C4-8FB8-97A0B977C32A}" = NI LabWindows/CVI 8.0.1 Run-Time Engine "{8D6F5556-EB3C-420D-9B75-020DEF9AD0AC}" = NI Uninstaller "{8DD86BF7-28B3-4CE9-88AE-E6EC790CAECA}" = Kerio Personal Firewall "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6 "{A1F7BDF1-6D46-46FC-92D1-BC91202251DD}" = NI Service Locator "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A2DC3907-B0A3-484F-9677-A16F1D58BF60}" = NI TDMS "{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}" = Nokia PC Suite "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2 "{B6ADA0E4-9451-43EB-B86E-878AD9E68D4F}" = LightScribe 1.6.45.1 "{BAADD05A-8BDD-4C1B-BE38-94627C552A86}" = NI Logos 4.7 "{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters "{CC016F21-3970-11DE-B878-005056806466}" = Google Earth "{CC7F0FAA-9768-4CE2-B133-72C66492EC06}" = LS-USBMX1/2/3 Steering... "{CD094AFB-E5B0-4687-A3D2-358E04BCA172}" = NI Circuit Design Suite 10 Core "{D8B7A9C5-7ACE-4F9C-9788-77D08850AB4F}" = NI USI 1.3.0 "{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries "{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 "{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}" = Max Payne 2 "{FDB8EF7A-4118-4B27-8892-4FBE82729340}" = NI License Manager "3D Driving-School" = 3D Driving-School "555 Timer PRO" = 555 Timer PRO "AARONS CLIKER_is1" = Aarons Cliker Version 2.89 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "ALLPassword Manager_is1" = ALLPassword Manager "ALLPlayer V3.5.6.3_is1" = ALLPlayer V3.X "ALLPlayer V3.6.6.5_is1" = ALLPlayer V3.X "ALLPlayer_is1" = ALLPlayer V4.X "AQQ" = WapSter AQQ "ASUS Probe V2.19.07" = ASUS Probe V2.19.07 "ATI Display Driver" = ATI Display Driver (Omega 3.8.252) "avast!" = avast! Antivirus "Back To Gaya-polish" = Magiczny Kamień "Blender" = Blender (remove only) "CCleaner" = CCleaner (remove only) "Cheat Engine 5.4_is1" = Cheat Engine 5.4 "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "foobar2000" = foobar2000 v0.9.6 "FurySync_is1" = FurySync 3.0 "Google Chrome" = Google Chrome "Google Updater" = Aktualizator Google "Hamachi" = Hamachi 1.0.3.0 "HC51 9.60PL0" = HI-TECH C51-lite V9.60PL0 "HijackThis" = HijackThis 2.0.2 "hp deskjet 3500 series_Driver" = hp deskjet 3500 series "InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters "IrfanView" = IrfanView (remove only) "jv16 PowerTools 2009_is1" = jv16 PowerTools 2009 "King" = King "KLiteCodecPack_is1" = K-Lite Codec Pack 4.2.5 (Full) "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 "Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5) "MultiRes (remove only)" = MultiRes (remove only) "NeostradaTP.exe" = Neostrada TP "Network Play System" = EA Network Play System "NI Uninstaller" = National Instruments Software "Nokia PC Suite" = Nokia PC Suite "NokiaFREE Unlock Codes Calculator" = NokiaFREE Unlock Codes Calculator "NVIDIAnForce" = Sterowniki NVIDIA nForce dla Windows 2000/XP "PICC 9.60PL0" = HI-TECH PICC lite V9.60PL0 "Pizza Connection 2" = Pizza Connection 2 "Radeon Omega Drivers for Windows 2k/XPv3.8.252" = Radeon Omega Drivers v3.8.252 Setup Files and Tools "RealAlt_is1" = Real Alternative 1.9.0 Lite "RedTube to ALLPlayer_is1" = RedTube to ALLPlayer "SSUtils" = NVIDIA nForce Utilities "SubEdit-Player_is1" = SubEdit-Player "SubtitleWorkshop" = Subtitle Workshop 2.51 "Szkoła podstawowa klasa 4 - Tajemnice przyrody" = Szkoła podstawowa klasa 4 - Tajemnice przyrody "TmNationsForever_is1" = TmNationsForever "Winamp" = Winamp "YouTube to ALLPlayer_is1" = YouTube to ALLPlayer [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FlareMu Season 4" = FlareMu Season 4 "I-Doser v4" = I-Doser v4 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Antivirus Events ] Error - 2009-05-24 08:05:32 | Computer Name = HOME-DA6800DD63 | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of F:\Support\EReg.exe failed, 0000A474. Error - 2009-10-07 15:30:05 | Computer Name = HOME-DA6800DD63 | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\WINDOWS\system32\dbgeng.dll failed, 0000A413. Error - 2009-10-07 15:30:08 | Computer Name = HOME-DA6800DD63 | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\WINDOWS\system32\exts.dll failed, 0000A413. [ Application Events ] Error - 2009-09-13 03:46:22 | Computer Name = HOME-DA6800DD63 | Source = Google Update | ID = 20 Description = Error - 2009-09-14 02:53:47 | Computer Name = HOME-DA6800DD63 | Source = Google Update | ID = 20 Description = Error - 2009-09-14 09:01:45 | Computer Name = HOME-DA6800DD63 | Source = Google Update | ID = 20 Description = Error - 2009-09-15 09:07:17 | Computer Name = HOME-DA6800DD63 | Source = Google Update | ID = 20 Description = Error - 2009-09-15 09:22:03 | Computer Name = HOME-DA6800DD63 | Source = Google Update | ID = 20 Description = Error - 2009-09-15 13:37:35 | Computer Name = HOME-DA6800DD63 | Source = EventSystem | ID = 4614 Description = System zdarzeń modelu COM+ wykrył niespójność w stanie wewnętrznym. Potwierdzenie "GetLastError() == 122L" zwróciło błąd w wierszu 201 z f:\xpsp3\com\com1x\src\events\shared\sectools.cpp. Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą Error - 2009-09-16 08:29:36 | Computer Name = HOME-DA6800DD63 | Source = Google Update | ID = 20 Description = Error - 2009-09-17 09:47:51 | Computer Name = HOME-DA6800DD63 | Source = Google Update | ID = 20 Description = Error - 2009-09-18 09:06:45 | Computer Name = HOME-DA6800DD63 | Source = Google Update | ID = 20 Description = Error - 2009-09-19 04:11:35 | Computer Name = HOME-DA6800DD63 | Source = Google Update | ID = 20 Description = [ System Events ] Error - 2009-12-01 15:59:33 | Computer Name = HOME-DA6800DD63 | Source = Service Control Manager | ID = 7009 Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się z usługą PEVSystemStart. Error - 2009-12-01 15:59:34 | Computer Name = HOME-DA6800DD63 | Source = Service Control Manager | ID = 7009 Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się z usługą PEVSystemStart. Error - 2009-12-01 16:24:03 | Computer Name = HOME-DA6800DD63 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi General Purpose USB Driver (adildr.sys) z powodu następującego błędu: %%1058 Error - 2009-12-01 17:15:04 | Computer Name = HOME-DA6800DD63 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi General Purpose USB Driver (adildr.sys) z powodu następującego błędu: %%1058 Error - 2009-12-02 08:28:55 | Computer Name = HOME-DA6800DD63 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi General Purpose USB Driver (adildr.sys) z powodu następującego błędu: %%1058 Error - 2009-12-02 13:08:41 | Computer Name = HOME-DA6800DD63 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi General Purpose USB Driver (adildr.sys) z powodu następującego błędu: %%1058 Error - 2009-12-02 13:21:59 | Computer Name = HOME-DA6800DD63 | Source = Service Control Manager | ID = 7034 Description = Usługa Machine Debug Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2009-12-02 13:21:59 | Computer Name = HOME-DA6800DD63 | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2009-12-02 13:22:07 | Computer Name = HOME-DA6800DD63 | Source = Service Control Manager | ID = 7034 Description = Usługa Usługa bramy warstwy aplikacji niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2009-12-03 10:05:32 | Computer Name = HOME-DA6800DD63 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi General Purpose USB Driver (adildr.sys) z powodu następującego błędu: %%1058 < End of report > [/log]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.