x-kom hosting

logi do sprawdzenia

pstryk17
utworzono
utworzono (edytowane)

Jakiś czas temu zjadło mi pulpit i wszystkie ikony i nie mogę opróżnić folderów temp

log z otl

[log]OTL logfile created on: 2009-12-20 12:40:35 - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\arek.AREK-2C1CD33EA4\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

502,00 Mb Total Physical Memory | 148,00 Mb Available Physical Memory | 29,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,66 Gb Total Space | 49,97 Gb Free Space | 89,77% Space Free | Partition Type: NTFS
Drive D: | 56,12 Gb Total Space | 45,65 Gb Free Space | 81,34% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: AREK-2C1CD33EA4
Current User Name: arek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2009-12-20 12:36:17 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2009-12-18 19:05:57 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-10-26 08:33:41 | 00,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2009-02-10 16:30:02 | 00,364,544 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\corecom\CoreCom.exe
PRC - [2008-06-20 12:11:04 | 00,028,672 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\corecom\OraConfigRecover.exe
PRC - [2008-06-20 12:08:24 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
PRC - [2008-06-20 12:08:08 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2008-06-10 11:14:42 | 00,147,456 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Systray\SystrayApp.exe
PRC - [2008-06-10 11:14:14 | 00,602,864 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Launcher\Launcher.exe
PRC - [2008-06-10 11:11:34 | 00,712,704 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe
PRC - [2008-06-10 11:11:04 | 00,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
PRC - [2008-04-14 21:51:52 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008-04-14 21:51:50 | 00,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 21:51:44 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 21:51:44 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 21:51:44 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 21:51:44 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 21:51:44 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 21:51:44 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 21:51:44 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 21:51:44 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 21:51:44 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 21:51:44 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 21:51:40 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 21:51:40 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 21:51:24 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 21:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 21:51:12 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 21:51:12 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 21:51:04 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2008-02-08 17:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2009-12-20 12:36:17 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2009-10-26 08:33:32 | 00,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2008-06-10 11:12:26 | 00,006,144 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Launcher\Inactivity.dll
MOD - [2008-04-14 21:51:58 | 00,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 21:50:58 | 00,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 21:50:58 | 00,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 21:50:58 | 00,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 21:50:58 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 21:50:58 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 21:50:48 | 08,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 21:50:48 | 00,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 21:50:48 | 00,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 21:50:46 | 01,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 21:50:46 | 00,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 21:50:46 | 00,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 21:50:46 | 00,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 21:50:46 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 21:50:46 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 21:50:46 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 21:50:42 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 21:50:40 | 00,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 21:50:38 | 00,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-14 21:50:36 | 01,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 21:50:34 | 00,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 21:50:32 | 00,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 21:50:32 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 21:50:00 | 00,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 21:49:16 | 00,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 21:43:00 | 00,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2008-04-14 21:29:10 | 01,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008-02-08 17:37:48 | 00,088,592 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll
MOD - [2008-02-08 17:37:42 | 00,048,656 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll
MOD - [2007-06-27 22:08:58 | 00,626,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_0de56c07\msvcr80.dll
MOD - [2003-02-21 13:42:22 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSVCR71.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2008-06-20 12:08:08 | 00,065,536 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2008-04-14 23:50:34 | 00,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\irmon.dll -- (Irmon)
SRV - [2008-02-08 17:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -- (AVP)
SRV - [2007-03-12 02:35:02 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Stopped] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2006-11-08 15:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2006-11-08 15:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-09-29 08:30:42 | 00,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-09-28 22:33:22 | 00,112,144 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009-09-28 20:45:10 | 00,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2009-09-28 20:45:09 | 00,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2009-09-28 20:45:09 | 00,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2009-09-28 20:45:09 | 00,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2009-09-28 20:45:08 | 00,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2008-04-14 01:24:38 | 00,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA)
DRV - [2008-04-13 21:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008-04-13 21:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007-12-28 18:51:04 | 00,195,344 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (klif)
DRV - [2007-12-13 12:28:40 | 00,024,592 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2007-05-31 11:04:56 | 04,424,192 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-04-17 05:16:26 | 05,760,096 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007-03-08 20:20:50 | 00,021,568 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2007-03-08 20:20:49 | 00,016,496 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2007-03-08 20:20:48 | 00,049,920 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2007-02-16 14:46:00 | 00,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006-10-12 14:28:42 | 00,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwl5.sys -- (BCM43XX)
DRV - [2006-05-25 18:28:44 | 00,684,265 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2006-05-18 08:49:02 | 00,061,067 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2006-05-18 08:48:50 | 00,047,249 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2006-03-01 19:53:54 | 00,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2003-09-23 11:38:34 | 00,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2003-08-12 17:51:00 | 00,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)
DRV - [2001-08-17 22:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm






IE - HKU\S-1-5-21-1004336348-2077806209-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.tp.pl
IE - HKU\S-1-5-21-1004336348-2077806209-1177238915-1003\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll ()
IE - HKU\S-1-5-21-1004336348-2077806209-1177238915-1003\S-1-5-21-1004336348-2077806209-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-12-18 19:06:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-12-18 19:06:05 | 00,000,000 | ---D | M]

[2009-12-03 21:09:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Dane aplikacji\Mozilla\Extensions
[2009-12-03 21:09:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Dane aplikacji\Mozilla\Firefox\Profiles\ajjb700n.default\extensions
[2009-09-29 07:19:44 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-08-24 20:19:13 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-08-24 20:19:13 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-08-24 20:19:13 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-08-24 20:19:13 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-08-24 20:19:13 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-08-24 20:19:13 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.dll (STMicroelectronics )
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\Livebox\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1004336348-2077806209-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll (Kaspersky Lab)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O18 - Protocol\Handler\http\oledb - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-09-28 20:16:18 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-12-20 12:25:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Dane aplikacji\Desktopicon
[2009-12-20 12:25:07 | 00,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2009-12-20 12:23:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Moje dokumenty\Pobieranie
[2009-12-12 10:37:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Dane aplikacji\Thinstall
[2009-12-06 14:16:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Pulpit\zzz
[2009-12-02 12:02:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Ustawienia lokalne\Dane aplikacji\Mozilla
[2009-12-02 12:02:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Dane aplikacji\Mozilla
[2009-11-30 20:26:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Moje dokumenty\Updater5
[2009-11-30 20:03:46 | 00,065,536 | ---- | C] (France Telecom SA) -- C:\WINDOWS\System32\Autodial2000.dll
[2009-11-30 20:03:42 | 00,034,688 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\pcampr5.sys
[2009-11-30 20:03:21 | 00,000,000 | ---D | C] -- C:\Program Files\Livebox
[2009-11-30 20:01:33 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom
[2009-11-29 20:25:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Moje dokumenty\AREK
[2009-11-29 20:13:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Moje dokumenty\ESItronic
[2009-11-29 20:12:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Dane aplikacji\DAEMON Tools Lite
[2009-11-29 17:57:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Ustawienia lokalne\Dane aplikacji\Adobe
[2009-11-29 17:57:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Dane aplikacji\Adobe
[2009-11-29 17:56:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Dane aplikacji\Macromedia
[2009-11-28 11:57:06 | 00,000,000 | ---D | C] -- C:\Program Files\Testy B 2009
[2009-11-27 17:17:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Ustawienia lokalne\Dane aplikacji\Help
[2009-11-27 17:17:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Dane aplikacji\Help
[2009-11-25 18:57:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
[2009-11-25 18:56:52 | 00,000,000 | R--D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Moje dokumenty\Moje wideo
[2009-11-25 18:31:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Dane aplikacji\Identities
[2009-11-25 18:31:47 | 00,000,000 | R--D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Moje dokumenty\Moje obrazy
[2009-11-25 18:31:47 | 00,000,000 | R--D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Moje dokumenty\Moja muzyka
[2009-11-25 18:31:29 | 00,000,000 | --SD | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-11-25 18:31:29 | 00,000,000 | --SD | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Dane aplikacji\Microsoft
[2009-11-25 18:31:29 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\SendTo
[2009-11-25 18:31:29 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Recent
[2009-11-25 18:31:29 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Dane aplikacji
[2009-11-25 18:31:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Ulubione
[2009-11-25 18:31:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Moje dokumenty
[2009-11-25 18:31:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Menu Start
[2009-11-25 18:31:29 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Cookies
[2009-11-25 18:31:29 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Szablony
[2009-11-25 18:31:29 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\PrintHood
[2009-11-25 18:31:29 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\NetHood
[2009-11-25 18:31:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Pulpit
[2009-11-25 18:31:28 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Ustawienia lokalne
[2009-09-28 20:20:12 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2009-09-28 20:19:56 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2009-09-28 20:16:12 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-09-28 20:16:12 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009-12-20 12:43:28 | 00,379,936 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009-12-20 12:37:23 | 00,123,168 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2009-12-20 12:37:15 | 00,000,032 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2009-12-20 12:25:08 | 00,001,618 | ---- | M] () -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Pulpit\eBay.lnk
[2009-12-20 12:00:05 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-12-20 12:00:04 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-12-20 12:00:02 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-12-19 08:23:26 | 00,013,592 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2009-12-19 08:23:18 | 01,572,864 | -H-- | M] () -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\NTUSER.DAT
[2009-12-19 08:23:18 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\ntuser.ini
[2009-12-18 20:36:21 | 03,752,830 | -H-- | M] () -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-12-06 13:22:37 | 00,397,312 | ---- | M] () -- C:\WINDOWS\esi_kl01.dat
[2009-12-06 13:19:04 | 00,004,017 | ---- | M] () -- C:\WINDOWS\System\v9Sys_xx.vxd
[2009-12-06 13:19:04 | 00,000,812 | ---- | M] () -- C:\WINDOWS\win.ini
[2009-11-30 20:43:45 | 00,008,115 | ---- | M] () -- C:\FT_Splash.img
[2009-11-30 20:17:46 | 00,001,362 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Livebox.lnk
[2009-11-30 20:17:46 | 00,001,352 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\tp.pl.lnk
[2009-11-29 17:57:20 | 00,000,032 | ---- | M] () -- C:\WINDOWS\Kit.ini
[2009-11-29 17:50:20 | 00,001,821 | ---- | M] () -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Pulpit\CV.rtf
[2009-11-28 11:57:19 | 00,000,665 | ---- | M] () -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Pulpit\Testy B 2009.lnk
[2009-11-25 18:32:30 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009-11-25 18:31:47 | 00,013,496 | ---- | M] () -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-11-25 12:30:50 | 00,763,990 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-11-25 12:30:50 | 00,355,724 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2009-11-25 12:30:50 | 00,311,802 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-11-25 12:30:50 | 00,049,690 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2009-11-25 12:30:50 | 00,040,190 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2009-12-20 12:25:08 | 00,001,618 | ---- | C] () -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Pulpit\eBay.lnk
[2009-11-30 20:43:45 | 00,008,115 | ---- | C] () -- C:\FT_Splash.img
[2009-11-30 20:17:46 | 00,001,362 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Livebox.lnk
[2009-11-30 20:17:46 | 00,001,352 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\tp.pl.lnk
[2009-11-29 17:57:20 | 00,000,032 | ---- | C] () -- C:\WINDOWS\Kit.ini
[2009-11-29 17:50:20 | 00,001,821 | ---- | C] () -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Pulpit\CV.rtf
[2009-11-28 11:57:19 | 00,000,665 | ---- | C] () -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Pulpit\Testy B 2009.lnk
[2009-11-25 18:31:41 | 00,000,188 | -HS- | C] () -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\ntuser.ini
[2009-11-25 18:31:27 | 01,572,864 | -H-- | C] () -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\NTUSER.DAT
[2009-09-29 08:47:56 | 00,001,845 | ---- | C] () -- C:\WINDOWS\RBSystem.ini
[2009-09-29 08:41:58 | 00,327,680 | ---- | C] () -- C:\WINDOWS\System32\ldf251.dll
[2009-09-29 08:41:57 | 00,655,360 | ---- | C] () -- C:\WINDOWS\System32\dslang32.dll
[2009-09-29 08:30:41 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-09-29 07:48:37 | 00,000,133 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2009-09-29 07:39:52 | 00,000,339 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2009-09-28 21:45:22 | 00,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini
[2009-09-28 21:45:21 | 00,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini
[2009-09-28 21:45:19 | 00,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2009-09-28 21:28:19 | 00,204,800 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2009-09-28 21:28:17 | 00,910,464 | R--- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2009-09-28 21:11:11 | 00,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll

[color=#E56717]========== LOP Check ==========[/color]

[2009-09-29 08:33:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-09-29 08:35:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\DAEMON Tools Lite
[2009-09-29 14:50:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Thinstall
[2009-11-29 20:12:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Dane aplikacji\DAEMON Tools Lite
[2009-12-20 12:25:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Dane aplikacji\Desktopicon
[2009-12-12 10:37:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\arek.AREK-2C1CD33EA4\Dane aplikacji\Thinstall
[2009-12-19 08:23:22 | 00,011,876 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/log]


otl extras

[log] OTL Extras logfile created on: 2009-12-20 12:40:35 - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\arek.AREK-2C1CD33EA4\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

502,00 Mb Total Physical Memory | 148,00 Mb Available Physical Memory | 29,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,66 Gb Total Space | 49,97 Gb Free Space | 89,77% Space Free | Partition Type: NTFS
Drive D: | 56,12 Gb Total Space | 45,65 Gb Free Space | 81,34% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: AREK-2C1CD33EA4
Current User Name: arek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1004336348-2077806209-1177238915-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe" = C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}" = Kaspersky Anti-Virus 7.0
"{7CB9546E-BF2C-47DE-9DB4-C4364FBE57EC}" = Broadcom Wireless LAN Driver 4.100.15.7_Negative_Foxconn
"{AC1E4C93-C1E7-11D6-9D10-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.0_03
"{AC76BA86-7AD7-1045-7B44-A80000000000}" = Adobe Reader 8 - Polish
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B2C61EBB-F47C-48ba-B375-27A40F8F48F7}" = HP Deskjet All-In-One Software 9.0
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{D31E6192-5790-4AB4-852B-1153205AE653}_is1" = Polski VAG 4.9
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{ORAHSS}.UninstallSuite" = Livebox
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Bosch Viewer" = Bosch Viewer
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"eBay Icon" = eBay Icon
"ESI[tronic]" = ESI[tronic]
"FTDICOMM" = FTDI USB Serial Converter Drivers
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallWIX_{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}" = Kaspersky Anti-Virus 7.0
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"neostradatp.exe" = neostrada tp
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"StmAdsl" = ADSL Modem
"Testy B 2009_is1" = Testy B 2009
"Unlocker" = Unlocker 1.8.8
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2009-12-18 14:01:13 | Computer Name = AREK-2C1CD33EA4 | Source = Userenv | ID = 1090
Description = System Windows nie może zarejestrować stanu sesji RSoP (Resultant
Set of Policies - wynikowego zestawu zasad). Próba połączenia z WMI nie powiodła
się. Dlatego żadne następne rejestrowanie zasad RSoP dla tej aplikacji nie zostanie
wykonane.

Error - 2009-12-18 14:01:13 | Computer Name = AREK-2C1CD33EA4 | Source = Userenv | ID = 1090
Description = System Windows nie może zarejestrować stanu sesji RSoP (Resultant
Set of Policies - wynikowego zestawu zasad). Próba połączenia z WMI nie powiodła
się. Dlatego żadne następne rejestrowanie zasad RSoP dla tej aplikacji nie zostanie
wykonane.

Error - 2009-12-19 03:17:14 | Computer Name = AREK-2C1CD33EA4 | Source = WinMgmt | ID = 28
Description = Moduł WinMgmt nie może zainicjować części podstawowych. Powodem mogą
być: źle zainstalowana wersja modułu WinMgmt, awaria uaktualnienia repozytorium
modułu WinMgmt, za mało miejsca na dysku lub za mało pamięci.

Error - 2009-12-19 03:17:14 | Computer Name = AREK-2C1CD33EA4 | Source = SecurityCenter | ID = 1802
Description = Usługa Centrum zabezpieczeń systemu Windows nie może ustanowić kwerend
zdarzeń z WMI, aby monitorować zaporę i program antywirusowy innej firmy.

Error - 2009-12-19 03:17:15 | Computer Name = AREK-2C1CD33EA4 | Source = Userenv | ID = 1090
Description = System Windows nie może zarejestrować stanu sesji RSoP (Resultant
Set of Policies - wynikowego zestawu zasad). Próba połączenia z WMI nie powiodła
się. Dlatego żadne następne rejestrowanie zasad RSoP dla tej aplikacji nie zostanie
wykonane.

Error - 2009-12-19 03:17:15 | Computer Name = AREK-2C1CD33EA4 | Source = Userenv | ID = 1090
Description = System Windows nie może zarejestrować stanu sesji RSoP (Resultant
Set of Policies - wynikowego zestawu zasad). Próba połączenia z WMI nie powiodła
się. Dlatego żadne następne rejestrowanie zasad RSoP dla tej aplikacji nie zostanie
wykonane.

Error - 2009-12-20 07:00:07 | Computer Name = AREK-2C1CD33EA4 | Source = WinMgmt | ID = 28
Description = Moduł WinMgmt nie może zainicjować części podstawowych. Powodem mogą
być: źle zainstalowana wersja modułu WinMgmt, awaria uaktualnienia repozytorium
modułu WinMgmt, za mało miejsca na dysku lub za mało pamięci.

Error - 2009-12-20 07:00:07 | Computer Name = AREK-2C1CD33EA4 | Source = SecurityCenter | ID = 1802
Description = Usługa Centrum zabezpieczeń systemu Windows nie może ustanowić kwerend
zdarzeń z WMI, aby monitorować zaporę i program antywirusowy innej firmy.

Error - 2009-12-20 07:00:08 | Computer Name = AREK-2C1CD33EA4 | Source = Userenv | ID = 1090
Description = System Windows nie może zarejestrować stanu sesji RSoP (Resultant
Set of Policies - wynikowego zestawu zasad). Próba połączenia z WMI nie powiodła
się. Dlatego żadne następne rejestrowanie zasad RSoP dla tej aplikacji nie zostanie
wykonane.

Error - 2009-12-20 07:00:08 | Computer Name = AREK-2C1CD33EA4 | Source = Userenv | ID = 1090
Description = System Windows nie może zarejestrować stanu sesji RSoP (Resultant
Set of Policies - wynikowego zestawu zasad). Próba połączenia z WMI nie powiodła
się. Dlatego żadne następne rejestrowanie zasad RSoP dla tej aplikacji nie zostanie
wykonane.


< End of report >
[/log]


hijack

[log] Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:36:42, on 2009-12-20
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Livebox\Launcher\Launcher.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Livebox\systray\systrayapp.exe
C:\Program Files\Livebox\connectivity\connectivitymanager.exe
C:\Program Files\Livebox\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Livebox\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Documents and Settings\arek.AREK-2C1CD33EA4\Moje dokumenty\Pobieranie\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.tp.pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = neostrada tp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\Livebox\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User '?')
O4 - HKUS\S-1-5-21-1004336348-2077806209-1177238915-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

--
End of file - 5225 bytes
[/log]

z góry dziękuję za pomoc;-)

moxia
komentarz
komentarz

hej widze ze jestes nowym uzytkownikiem wiec od razu ci powiem ze te logi nalezy umieszczac [url="http://www.forumpc.pl/index.php?showforum=116"]tutaj[/url],beda wieksze szanse ze ktos zajrzy

  • Dobra wypowiedź 1

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.