samos utworzono 16 marca 2010 utworzono 16 marca 2010 Czesc. Jestescie w stanie mi powiedziec co jest grane z moim kompem? Robie co kolwiek i komp mi sie resetuje sam, zawsze jak wlacze kompa juz pulpit jest to po wlaczeniu chociaz raz musi mi reseta walnac sam, dzis byly 4 resety, a to juz szczyt. To wina sprzety czy wirusow? Jesli wirusow to jak moge je usunac najdokladniesz z wasza pomoca? Pozdrawiam
raazor90 komentarz 16 marca 2010 komentarz 16 marca 2010 Podaj konfig komputera oraz na początek status SMART dysku. (program Hd tune ->> health)
samos komentarz 16 marca 2010 Autor komentarz 16 marca 2010 Ostatnio mi badaliscie tym hd tune dyski i wszystko bylo wporzo. tutaj trzymaj konfig. http://img522.imageshack.us/img522/5624/kompo.jpg
raazor90 komentarz 16 marca 2010 komentarz 16 marca 2010 Daj log z OTL: http://www.forumpc.pl/index.php?showtopic=104338
samos komentarz 16 marca 2010 Autor komentarz 16 marca 2010 (edytowane) [log]OTL logfile created on: 2010-03-16 16:15:37 - Run 1 OTL by OldTimer - Version 3.1.37.2 Folder = D:\Muzyka z mp3 Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free 3,00 Gb Paging File | 3,00 Gb Available in Paging File | 84,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 9,77 Gb Total Space | 0,44 Gb Free Space | 4,54% Space Free | Partition Type: NTFS Drive D: | 27,50 Gb Total Space | 3,78 Gb Free Space | 13,76% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 19,14 Gb Total Space | 4,66 Gb Free Space | 24,35% Space Free | Partition Type: NTFS G: Drive not present or media not loaded Drive H: | 7,47 Gb Total Space | 3,33 Gb Free Space | 44,54% Space Free | Partition Type: FAT32 I: Drive not present or media not loaded Computer Name: OK-6CA6A426A553 Current User Name: Ja Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color="#E56717"]========== Processes (All) ==========[/color] PRC - [2010-03-16 16:13:40 | 000,556,032 | ---- | M] (OldTimer Tools) -- D:\Muzyka z mp3\OTL.exe PRC - [2010-03-12 19:06:07 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-02-19 13:05:44 | 000,867,328 | ---- | M] (Murray Hurps Corp Pty Ltd) -- D:\Program Files\Ad Muncher\AdMunch.exe PRC - [2009-07-01 17:38:40 | 001,481,056 | ---- | M] (Nullsoft) -- D:\Program Files\Winamp\winamp.exe PRC - [2009-04-21 18:15:50 | 000,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2009-03-19 17:11:24 | 001,138,688 | ---- | M] (Last.fm) -- D:\Program Files\Last.fm\LastFM.exe PRC - [2009-02-09 11:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-11-10 05:43:40 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2008-11-03 11:45:46 | 001,332,480 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodag.exe PRC - [2008-05-30 15:54:16 | 000,076,744 | R--- | M] (Skype Technologies) -- D:\Program Files\Skype\Plugin Manager\skypePM.exe PRC - [2008-05-30 15:54:14 | 021,718,312 | R--- | M] (Skype Technologies S.A.) -- D:\Program Files\Skype\Phone\Skype.exe PRC - [2008-03-26 15:34:49 | 000,147,201 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe PRC - [2008-03-20 11:04:46 | 002,127,296 | ---- | M] (Gadu-Gadu S.A.) -- D:\Program Files\Gadu-Gadu\gg.exe PRC - [2008-03-07 12:00:08 | 000,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe PRC - [2008-02-12 10:06:50 | 000,262,401 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe PRC - [2007-10-16 14:54:22 | 000,495,616 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2006-06-21 05:42:44 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-03 23:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-08-03 23:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe [color="#E56717"]========== Modules (All) ==========[/color] MOD - [2010-03-16 16:13:40 | 000,556,032 | ---- | M] (OldTimer Tools) -- D:\Muzyka z mp3\OTL.exe MOD - [2010-02-19 13:05:47 | 000,030,208 | ---- | M] (Murray Hurps Corp Pty Ltd) -- D:\Program Files\Ad Muncher\AM31376.dll MOD - [2009-12-08 10:13:27 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:48:08 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 16:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 15:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:22:08 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 11:22:06 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 14:01:37 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-07-03 14:16:27 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2007-12-04 19:42:02 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2006-12-21 13:30:44 | 000,102,400 | ---- | M] (Gadu-Gadu S.A.) -- D:\Program Files\Gadu-Gadu\ggwhook.dll MOD - [2006-08-25 16:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2005-07-26 05:42:36 | 001,284,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2005-03-02 19:18:38 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-03 23:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2004-08-03 23:44:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll MOD - [2004-08-03 23:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll MOD - [2004-08-03 23:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2004-08-03 23:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-03 23:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-03 23:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-03 23:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-03 23:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-03 23:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2004-08-03 23:44:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2004-08-03 23:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-03 23:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-03 23:43:54 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2004-08-03 23:42:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME [color="#E56717"]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-03-05 20:31:32 | 000,812,544 | ---- | M] (MooSoft Development LLC) [Auto | Stopped] -- d:\Program Files\The Cleaner\mhelper.exe -- (moohelp) SRV - [2008-11-03 11:45:46 | 001,332,480 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag) SRV - [2008-03-26 15:34:49 | 000,147,201 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService) SRV - [2008-03-07 12:00:08 | 000,068,865 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler) SRV - [2007-06-15 16:55:00 | 000,300,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) [color="#E56717"]========== Driver Services (SafeList) ==========[/color] DRV - [2009-06-11 00:48:00 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009-05-02 14:35:47 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009-05-02 14:35:46 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2008-12-10 17:56:26 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM) DRV - [2008-03-04 13:28:53 | 000,079,424 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2008-02-18 17:07:57 | 000,049,472 | ---- | M] (Avira GmbH) [File_System | On_Demand | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt) DRV - [2007-10-24 11:47:26 | 000,023,288 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\synasUSB.sys -- (SynasUSB) DRV - [2007-10-16 15:40:06 | 002,642,944 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2007-03-01 10:34:22 | 000,028,352 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2007-02-27 15:25:01 | 000,011,840 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio) DRV - [2007-02-22 11:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd) DRV - [2007-02-22 11:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm) DRV - [2007-02-22 11:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj) DRV - [2007-02-22 11:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc) DRV - [2006-06-27 17:42:14 | 003,972,672 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2005-01-13 16:45:46 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2005-01-13 16:45:44 | 000,033,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-04-02 15:40:00 | 000,021,760 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp) DRV - [2001-08-17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC) [color="#E56717"]========== Standard Registry (SafeList) ==========[/color] [color="#E56717"]========== Internet Explorer ==========[/color] IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1004336348-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-1004336348-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://search.bearshare.com/pl/"]http://search.bearshare.com/pl/[/url] IE - HKU\S-1-5-21-1004336348-789336058-725345543-1003\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\S-1-5-21-1004336348-789336058-725345543-1003\..\URLSearchHook: {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL File not found IE - HKU\S-1-5-21-1004336348-789336058-725345543-1003\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1004336348-789336058-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1004336348-789336058-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com, IE - HKU\S-1-5-21-1004336348-789336058-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks= [color="#E56717"]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Winamp Search" FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=" FF - prefs.js..browser.search.selectedEngine: "Wikipedia (pl)" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.pl" FF - prefs.js..extensions.enabledItems: {3ED591BC-7CC7-495B-A526-B2431356EDC1}:2.0 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1 FF - prefs.js..extensions.enabledItems: 6 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 48 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.0.5 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {eaf8a4ef-d221-45ca-9deb-d0934b45fa34}:1.3.0.3 FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.5.1.1 FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=" FF - HKLM\software\mozilla\Firefox\extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: d:\Program Files\Ad Muncher\FirefoxExtension_2.0 [2010-02-19 13:05:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-03-12 19:06:40 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-12 19:06:40 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\SeaMonkey\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: d:\Program Files\Ad Muncher\FirefoxExtension_2.0 [2010-02-19 13:05:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2008-10-31 18:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Extensions [2010-03-16 15:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\0i5w5rke.default\extensions [2008-11-07 19:11:40 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\0i5w5rke.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2009-09-03 14:36:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\0i5w5rke.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009-02-05 18:08:47 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\0i5w5rke.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2009-10-28 17:33:07 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\0i5w5rke.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2009-02-01 16:07:09 | 000,000,000 | ---D | M] (OggX (powered by TIME S.A.)) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\0i5w5rke.default\extensions\{eaf8a4ef-d221-45ca-9deb-d0934b45fa34} [2009-10-18 09:58:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\0i5w5rke.default\extensions\secureLogin@blueimp(2).net [2008-11-07 19:11:51 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\0i5w5rke.default\searchplugins\winamp-search.xml [2010-01-08 15:58:46 | 000,001,738 | ---- | M] () -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\0i5w5rke.default\searchplugins\wyszukiwanie-filmw-wideo-w-youtube.xml [2010-02-15 22:51:32 | 000,002,550 | ---- | M] () -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\0i5w5rke.default\searchplugins\wyszukiwarka-onetpl.xml [2010-03-04 16:30:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009-10-18 09:58:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} [2008-06-24 18:05:00 | 000,636,408 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPBILLARD8.dll [2008-09-30 15:03:24 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2010-03-12 19:06:22 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-03-12 19:06:22 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-03-12 19:06:22 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-03-12 19:06:22 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-03-12 19:06:22 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-03-12 19:06:22 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 18:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll () O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Ask Search Assistant BHO) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - Reg Error: Value error. File not found O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL File not found O3 - HKU\S-1-5-21-1004336348-789336058-725345543-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1004336348-789336058-725345543-1003\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare) O3 - HKU\S-1-5-21-1004336348-789336058-725345543-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKU\S-1-5-21-1004336348-789336058-725345543-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL File not found O4 - HKLM..\Run: [Ad Muncher] d:\Program Files\Ad Muncher\AdMunch.exe (Murray Hurps Corp Pty Ltd) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-21-1004336348-789336058-725345543-1003..\Run: [Gadu-Gadu] D:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - HKU\S-1-5-21-1004336348-789336058-725345543-1003..\Run: [Prec] File not found O4 - HKU\S-1-5-21-1004336348-789336058-725345543-1003..\Run: [tcactive] d:\Program Files\The Cleaner\tcap.exe (MooSoft Development Inc) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1004336348-789336058-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1004336348-789336058-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1004336348-789336058-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1004336348-789336058-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - d:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} [url="http://www.mks.com.pl/skaner/SkanerOnline.cab"]http://www.mks.com.p...kanerOnline.cab[/url] (MksSkanerOnline Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab"]http://download.macr...ash/swflash.cab[/url] (Shockwave Flash Object) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - about:Home O24 - Desktop WallPaper: C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-10-31 15:43:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2008-10-31 16:22:36 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]AdobeUpdater[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - d:\Program Files\ALLPlayer\ALLUpdate.exe () MsConfig - StartUpReg: [b]ares[/b] - hkey= - key= - D:\Program Files\Ares\Ares.exe File not found MsConfig - StartUpReg: [b]Comrade.exe[/b] - hkey= - key= - C:\Program Files\GameSpy\Comrade\Comrade.exe (IGN Entertainment Inc.) MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - D:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) MsConfig - StartUpReg: [b]Gadu-Gadu[/b] - hkey= - key= - D:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]Nowe Gadu-Gadu[/b] - hkey= - key= - D:\Program Files\Nowe Gadu-Gadu\gg.exe File not found MsConfig - StartUpReg: [b]OODefragTray[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Orb[/b] - hkey= - key= - C:\Program Files\Winamp Remote\bin\OrbTray.exe File not found MsConfig - StartUpReg: [b]PCSuiteTrayApplication[/b] - hkey= - key= - D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia) MsConfig - StartUpReg: [b]Prec[/b] - hkey= - key= - d:\Program Files\Prec\PrecStarter.exe () MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - D:\Program Files\QuickTime\QTTask.exe (Apple Inc.) MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe File not found MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found MsConfig - StartUpReg: [b]TrojanScanner[/b] - hkey= - key= - d:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error. SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color="#E56717"]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-03-10 13:58:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ja\Recent [2010-03-09 22:34:48 | 000,022,336 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2010-03-09 22:34:47 | 000,041,792 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2010-03-09 22:34:46 | 000,028,352 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010-03-09 22:34:39 | 000,079,424 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010-03-09 22:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2010-03-09 22:34:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Avira [2010-03-08 18:53:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\hela [2010-03-06 13:44:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\moosoft [2010-03-06 12:55:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\thecleaner [2010-03-04 16:31:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010-03-03 20:11:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\TS3Client [2010-02-26 18:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard Entertainment [2010-02-25 18:00:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard [2010-02-22 21:13:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment [2010-02-21 22:50:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Performance [2010-02-21 22:50:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Microsoft Corporation [2010-02-21 22:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor [2010-02-20 18:44:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\cache [2010-02-19 13:05:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Ad Muncher [2010-02-18 13:42:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\ESET [2010-02-18 13:36:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\Juce VST Host [2010-02-18 12:15:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\ESET [2010-02-18 00:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET [2010-02-17 23:54:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-02-12 00:27:44 | 000,000,000 | ---D | C] -- C:\Fport-2.0 [2010-02-07 03:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\ipla [2010-02-07 03:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-02-07 02:48:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Wru [2010-02-06 22:21:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Moje dokumenty\Wru Downloads [2010-02-06 22:20:04 | 001,040,384 | ---- | C] (John Marshall Group) -- C:\WINDOWS\System32\GnucCOM.dll [2010-02-03 16:23:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-02-03 16:23:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\Gadu-Gadu 10 [2010-02-02 21:04:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\GetRightToGo [2010-02-02 21:01:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer [2010-01-31 21:43:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\STRONY WWW sfd [2010-01-31 21:42:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\JPG ZDJECIA [2010-01-31 21:40:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\Doc. Tekstowe KONTAKTY I NA ALLEGRO [2010-01-31 21:31:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Prec [2010-01-31 21:18:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm [2010-01-31 21:15:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Last.fm [2010-01-29 22:20:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\Publish Providers [2010-01-29 22:14:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Moje dokumenty\Vegas Movie Studio PE 9.0 Projects [2010-01-29 22:14:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\Sony [2010-01-29 22:14:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Sony [2010-01-29 22:08:24 | 000,000,000 | ---D | C] -- C:\Program Files\Vstplugins [2010-01-29 22:07:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2010-01-20 13:58:26 | 000,000,000 | ---D | C] -- C:\My Music [2010-01-20 13:56:47 | 000,425,984 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTAudioTransform2.dll [2010-01-20 13:56:47 | 000,196,608 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTWMAFile2.dll [2010-01-19 16:11:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Emersys [2009-10-21 20:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple [2009-09-12 09:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google [2009-09-12 09:21:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google [2008-12-01 12:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2008-10-31 15:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2008-10-31 15:43:26 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2008-10-31 15:43:26 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color="#E56717"]========== Files - Modified Within 60 Days ==========[/color] [2010-03-16 15:39:00 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-03-16 14:45:17 | 000,001,024 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-03-16 14:41:56 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-03-16 14:41:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-03-16 14:41:31 | 001,451,046 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor [2010-03-16 00:03:48 | 005,767,168 | ---- | M] () -- C:\Documents and Settings\Ja\ntuser.dat [2010-03-16 00:03:48 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\Ja\ntuser.ini [2010-03-14 14:44:32 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-03-12 18:48:41 | 000,098,816 | ---- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-03-10 21:50:17 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010-03-10 14:41:54 | 000,000,638 | ---- | M] () -- C:\WINDOWS\win.ini [2010-03-10 14:41:54 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010-03-10 14:41:54 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2010-03-10 14:16:17 | 000,000,513 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\HD Tune.lnk [2010-03-09 20:55:26 | 000,000,623 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\EVEREST Home Edition.lnk [2010-03-06 20:32:17 | 000,002,169 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-03-06 12:54:42 | 000,000,533 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Cleaner 2011.lnk [2010-03-03 23:13:34 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\list z więzienia.doc [2010-03-03 20:09:44 | 000,000,697 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk [2010-03-03 15:18:40 | 004,278,408 | -H-- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-02-26 18:58:16 | 000,000,508 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\World of Warcraft.lnk [2010-02-26 18:46:11 | 000,005,257 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\Moja ulubiona kompozycja2.Theme [2010-02-25 22:26:59 | 000,180,337 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\DSC_0062.jpg [2010-02-22 20:40:41 | 000,217,504 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\WoWScrnShot_022210_203926.jpg [2010-02-21 11:31:28 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-02-13 15:22:39 | 011,803,354 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\Zima_2010_-_po_prostu_musisz_to_zobaczyć_!_(HQ).mp4 [2010-02-12 12:38:11 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk [2010-02-11 22:50:41 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk [2010-02-10 23:20:06 | 000,507,938 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\Zdjęcie108.jpg [2010-02-07 03:21:06 | 000,000,536 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk [2010-02-05 22:41:48 | 010,269,184 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\nowa prezentacja FM Group 2.ppt [2010-02-04 00:19:25 | 000,000,588 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\Tunatic.lnk [2010-02-02 21:09:28 | 000,000,722 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Allok QuickTime to AVI MPEG DVD Converter.lnk [2010-02-02 21:02:15 | 000,001,482 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\QuickTime Player.lnk [2010-02-02 10:57:53 | 000,000,012 | ---- | M] () -- C:\Documents and Settings\Ja\intlname.ols [2010-01-29 22:09:12 | 000,001,642 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Vegas Movie Studio Platinum 9.0.lnk [2010-01-28 23:31:47 | 000,001,546 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Fresh RAM.lnk [2010-01-25 23:28:39 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\Ja\Moje dokumenty\Piersi_fur.pps.sha [2010-01-25 23:28:39 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Ja\Moje dokumenty\Piersi_fur.pps [2010-01-25 15:12:17 | 000,000,986 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk [2010-01-20 13:58:53 | 000,000,092 | ---- | M] () -- C:\WINDOWS\mp3wavcon.ini [2010-01-20 13:58:53 | 000,000,005 | ---- | M] () -- C:\WINDOWS\System32\SySmp3con.dat [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color="#E56717"]========== Files Created - No Company Name ==========[/color] [2010-03-12 18:50:15 | 000,772,407 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\IMG_7741.JPG [2010-03-10 14:16:17 | 000,000,513 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\HD Tune.lnk [2010-03-09 20:55:26 | 000,000,623 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\EVEREST Home Edition.lnk [2010-03-06 12:54:42 | 000,000,533 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Cleaner 2011.lnk [2010-03-04 16:31:42 | 000,002,169 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-03-03 23:13:33 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\list z więzienia.doc [2010-03-03 20:09:44 | 000,000,697 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk [2010-02-26 18:58:16 | 000,000,508 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\World of Warcraft.lnk [2010-02-26 18:46:09 | 000,005,257 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\Moja ulubiona kompozycja2.Theme [2010-02-25 22:26:51 | 000,180,337 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\DSC_0062.jpg [2010-02-22 20:40:26 | 000,217,504 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\WoWScrnShot_022210_203926.jpg [2010-02-21 02:59:07 | 001,023,846 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\bez tytułu.bmp [2010-02-17 23:54:08 | 005,767,168 | ---- | C] () -- C:\Documents and Settings\Ja\ntuser.dat [2010-02-13 15:19:15 | 011,803,354 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\Zima_2010_-_po_prostu_musisz_to_zobaczyć_!_(HQ).mp4 [2010-02-12 00:30:54 | 000,114,688 | ---- | C] () -- C:\Fport.exe [2010-02-11 22:50:41 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk [2010-02-10 23:06:13 | 000,507,938 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\Zdjęcie108.jpg [2010-02-07 03:21:06 | 000,000,536 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk [2010-02-05 22:14:22 | 010,269,184 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\nowa prezentacja FM Group 2.ppt [2010-02-04 00:19:25 | 000,000,588 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\Tunatic.lnk [2010-02-02 21:09:28 | 000,000,722 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Allok QuickTime to AVI MPEG DVD Converter.lnk [2010-02-02 21:09:27 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll [2010-02-02 21:02:15 | 000,001,482 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\QuickTime Player.lnk [2010-01-29 22:09:12 | 000,001,642 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Vegas Movie Studio Platinum 9.0.lnk [2010-01-28 23:31:47 | 000,001,546 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Fresh RAM.lnk [2010-01-25 23:28:39 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\Ja\Moje dokumenty\Piersi_fur.pps.sha [2010-01-25 23:28:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ja\Moje dokumenty\Piersi_fur.pps [2010-01-25 15:12:17 | 000,000,986 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk [2010-01-20 13:58:53 | 000,000,092 | ---- | C] () -- C:\WINDOWS\mp3wavcon.ini [2010-01-20 13:56:58 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySmp3con.dat [2010-01-20 13:56:47 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2009-05-02 14:35:46 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009-05-02 14:35:46 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009-04-24 22:07:44 | 000,000,632 | ---- | C] () -- C:\WINDOWS\Vtw.INI [2009-01-26 11:07:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI [2009-01-26 00:50:06 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll [2009-01-26 00:50:06 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar3.dll [2009-01-26 00:50:06 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll [2009-01-26 00:50:06 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll [2009-01-13 13:21:00 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2008-12-26 13:33:59 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2008-12-26 13:33:44 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Ja\Dane aplikacji\PnkBstrK.sys [2008-12-26 13:32:54 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini [2008-12-20 23:46:53 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008-11-15 16:03:43 | 000,000,054 | ---- | C] () -- C:\WINDOWS\wininit.ini [2008-11-10 17:42:34 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2008-11-10 17:42:33 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2008-11-10 17:42:28 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008-11-10 17:42:28 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2008-11-10 17:42:26 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-11-10 17:42:26 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008-11-06 17:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008-11-06 17:34:00 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest [2008-11-06 17:34:00 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest [2008-11-06 17:33:02 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2008-11-02 17:50:57 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini [2008-10-31 22:21:33 | 000,098,816 | ---- | C] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-10-31 16:39:36 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2008-10-31 16:39:05 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2007-03-29 22:00:40 | 000,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2003-04-08 10:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [color="#E56717"]========== LOP Check ==========[/color] [2008-11-07 17:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2929F [2010-02-21 14:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ad Muncher [2008-11-07 21:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Azureus [2010-02-17 23:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-02-03 16:23:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2008-12-12 18:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2010-02-07 03:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-01-31 21:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm [2010-03-06 17:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\moosoft [2009-06-05 22:49:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2009-01-26 00:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Simply Super Software [2010-01-29 22:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2009-11-01 17:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-09-05 10:47:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TrackMania [2010-02-07 02:48:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Wru [2009-03-12 21:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Azureus [2010-02-03 19:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\BESTplayer [2008-11-18 16:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\DAEMON Tools [2009-09-19 11:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\DC++ [2010-02-18 12:15:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\ESET [2008-10-31 19:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Gadu-Gadu [2010-02-20 18:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Gadu-Gadu 10 [2010-03-13 13:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\GanymedeNet [2010-02-02 21:09:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\GetRightToGo [2010-01-12 15:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\gtk-2.0 [2009-12-28 01:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Hide IP NG [2010-03-13 15:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\ipla [2010-02-18 13:39:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Juce VST Host [2009-06-05 22:49:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Nokia [2010-01-13 22:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Nokia Multimedia Player [2009-02-13 11:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Nowe Gadu-Gadu [2009-06-05 22:56:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\PC Suite [2010-01-29 22:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Publish Providers [2009-01-26 01:03:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Simply Super Software [2009-03-07 20:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Soldat [2010-01-29 22:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Sony [2009-09-21 10:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\SpeedSim [2009-03-25 21:45:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\TeamViewer [2010-03-06 12:55:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\thecleaner [2009-06-11 15:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Tibia [2010-03-03 20:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\TS3Client [2010-03-15 19:38:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\uTorrent [2008-12-22 16:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\zweitgeist [color="#E56717"]========== Purity Check ==========[/color] [color="#E56717"]========== Custom Scans ==========[/color] [color="#A23BEC"]< %systemdrive%\*.* >[/color] [2008-10-31 15:43:36 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-10-16 10:31:49 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2010-03-10 14:41:54 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2001-07-22 01:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2004-08-03 22:00:14 | 000,262,400 | ---- | M] () -- C:\cmldr [2009-10-18 09:47:53 | 000,017,543 | ---- | M] () -- C:\ComboFix.txt [2008-10-31 15:43:36 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2001-05-04 13:58:10 | 000,114,688 | ---- | M] () -- C:\Fport.exe [2008-10-31 15:43:36 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009-03-07 20:16:05 | 000,000,000 | R--- | M] () -- C:\logwmemory.bin [2009-10-18 12:55:29 | 000,026,509 | ---- | M] () -- C:\mksbasel.cpp.log [2008-10-31 15:43:36 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004-08-03 21:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr [2010-03-16 14:41:31 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [color="#A23BEC"]< MD5 for: AGP440.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\26b8c19476314ac25f93aad52bbaf865\agp440.sys [color="#A23BEC"]< MD5 for: ATAPI.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\26b8c19476314ac25f93aad52bbaf865\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [color="#A23BEC"]< MD5 for: BEEP.SYS >[/color] [2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys [2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color="#A23BEC"]< MD5 for: CDROM.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\26b8c19476314ac25f93aad52bbaf865\cdrom.sys [2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color="#A23BEC"]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\26b8c19476314ac25f93aad52bbaf865\eventlog.dll [color="#A23BEC"]< MD5 for: NDIS.SYS >[/color] [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\26b8c19476314ac25f93aad52bbaf865\ndis.sys [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ERDNT\cache\ndis.sys [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color="#A23BEC"]< MD5 for: WINLOGON.EXE >[/color] [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\ERDNT\cache\winlogon.exe [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\26b8c19476314ac25f93aad52bbaf865\winlogon.exe [color="#E56717"]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF @Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CB0AACC9 @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:E41EAF13 < End of report >[/log] z extras tez mam wrzucic? Edytowane 16 marca 2010 przez raazor90 wstawiam w [log] i przenoszę
Psycholandia komentarz 16 marca 2010 komentarz 16 marca 2010 W okienko OTL wklej poniższy skrypt i klik na Run Fix: [quote]:Processes explorer.exe :OTL O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL File not found O3 - HKU\S-1-5-21-1004336348-789336058-725345543-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1004336348-789336058-725345543-1003\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare) O3 - HKU\S-1-5-21-1004336348-789336058-725345543-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKU\S-1-5-21-1004336348-789336058-725345543-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL File not found O4 - HKU\S-1-5-21-1004336348-789336058-725345543-1003..\Run: [Prec] File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found :Files C:\Program Files\DAEMON Tools Toolbar C:\Program Files\BearShare Applications\BearShare MediaBar C:\Program Files\Winamp Toolbar C:\Program Files\AskTBar :Commands [emptytemp] [start explorer] [Reboot][/quote] Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)
samos komentarz 17 marca 2010 Autor komentarz 17 marca 2010 (edytowane) tutaj daje loga z tego otl. Nie wiem czy wszystko dobrze zrobilem, wiec jesli sie przyda to prosze sobie tam przejrzyj, a loga z malware dam za pare minut. All [log]processes killed ========== PROCESSES ========== No active process named explorer.exe was found! ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully. C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ deleted successfully. C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}\ deleted successfully. C:\Program Files\Winamp Toolbar\winamptb.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{FE063DB9-4EC0-403e-8DD8-394C54984B2C} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE063DB9-4EC0-403e-8DD8-394C54984B2C}\ deleted successfully. Registry value HKEY_USERS\S-1-5-21-1004336348-789336058-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found. Registry value HKEY_USERS\S-1-5-21-1004336348-789336058-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ not found. File C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll not found. Registry value HKEY_USERS\S-1-5-21-1004336348-789336058-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ not found. File C:\Program Files\Winamp Toolbar\winamptb.dll not found. Registry value HKEY_USERS\S-1-5-21-1004336348-789336058-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{FE063DB9-4EC0-403E-8DD8-394C54984B2C} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}\ not found. Registry value HKEY_USERS\S-1-5-21-1004336348-789336058-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Prec deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully. ========== FILES ========== C:\Program Files\DAEMON Tools Toolbar\Resources folder moved successfully. C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\components folder moved successfully. C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\chrome folder moved successfully. C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT folder moved successfully. C:\Program Files\DAEMON Tools Toolbar folder moved successfully. C:\Program Files\BearShare Applications\BearShare MediaBar folder moved successfully. C:\Program Files\Winamp Toolbar folder moved successfully. C:\Program Files\AskTBar\SrchAstt\1.bin folder moved successfully. C:\Program Files\AskTBar\SrchAstt folder moved successfully. C:\Program Files\AskTBar\PopSwatr\History folder moved successfully. C:\Program Files\AskTBar\PopSwatr folder moved successfully. C:\Program Files\AskTBar\bar\Settings folder moved successfully. C:\Program Files\AskTBar\bar\History folder moved successfully. C:\Program Files\AskTBar\bar\Cache folder moved successfully. C:\Program Files\AskTBar\bar\1.bin folder moved successfully. C:\Program Files\AskTBar\bar folder moved successfully. C:\Program Files\AskTBar folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 405 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Ja ->Temp folder emptied: 168056647 bytes ->Temporary Internet Files folder emptied: 10632491 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 122322249 bytes ->Google Chrome cache emptied: 7663467 bytes ->Flash cache emptied: 5254 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 1259758 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2114584 bytes %systemroot%\System32 .tmp files removed: 4586532 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 7345866 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 309,00 mb OTL by OldTimer - Version 3.1.37.2 log created on 03172010_115217 Files\Folders moved on Reboot... Registry entries deleted on Reboot...[/log] Edytowane 17 marca 2010 przez Andziorka wstawiam w [log]
Psycholandia komentarz 17 marca 2010 komentarz 17 marca 2010 Wszystko się usunęło. Czekam na loga z Malware.
samos komentarz 17 marca 2010 Autor komentarz 17 marca 2010 Chyba bedzie kiepsko juz 3 razy podczas skanowania malware mi sie komp zresetowal. Na C partycji nic nie wykryło. Na D wykrylo, a F na bank jest czyste. Jesli na C nic nie wykrylo to tak czy siak mam dac loga z C ?
Psycholandia komentarz 17 marca 2010 komentarz 17 marca 2010 Wydaje mi się, że to nie wina wirusów, wykonaj: http://www.forumpc.pl/index.php?showtopic=16074
samos komentarz 17 marca 2010 Autor komentarz 17 marca 2010 (edytowane) Na partycji D wykryto jakis wirus, ale juz go usunalem. Teraz robie to co mi doradziles. [color="#FF0000"]//Doradziłaś. Jestem kobietą. //Andziorka[/color] Ogolnie mam takich dumpow z 5 mam wszystkie wstawic? Wstawiam narazie pierwszy: [log]Use !analyze -v to get detailed debugging information. BugCheck 4E, {99, 0, 0, 0} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ********************************************************************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ********************************************************************* ********************************************************************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ********************************************************************* Probably caused by : ntoskrnl.exe ( nt+21b0f ) Followup: MachineOwner --------- To jest drugi, a w sumie jest ich 8. Use !analyze -v to get detailed debugging information. BugCheck 10000050, {fb7bbec5, 0, bf8e52f0, 0} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ********************************************************************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ********************************************************************* ********************************************************************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ********************************************************************* Probably caused by : win32k.sys ( win32k+e52f0 ) Followup: MachineOwner --------- Teraz 3: Use !analyze -v to get detailed debugging information. BugCheck 10000050, {9dba5978, 0, 805ab8cf, 0} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ********************************************************************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ********************************************************************* ********************************************************************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ********************************************************************* Probably caused by : ntoskrnl.exe ( nt+d48cf ) Followup: MachineOwner --------- Leci 4: Use !analyze -v to get detailed debugging information. BugCheck 1000000A, {28, 2, 0, 8051ebcb} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ********************************************************************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ********************************************************************* ********************************************************************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ********************************************************************* Probably caused by : ntoskrnl.exe ( nt+47bcb ) Followup: MachineOwner --------- 5: Use !analyze -v to get detailed debugging information. BugCheck 1000008E, {c0000005, 8054496c, aaa9e76c, 0} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. *** WARNING: Unable to verify timestamp for avgntflt.sys *** ERROR: Module load completed but symbols could not be loaded for avgntflt.sys ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ********************************************************************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ********************************************************************* ********************************************************************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ********************************************************************* Probably caused by : avgntflt.sys ( avgntflt+dbf7 ) Followup: MachineOwner --------- 6: Use !analyze -v to get detailed debugging information. BugCheck 1A, {41284, 2846001, 0, c0883000} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ********************************************************************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ********************************************************************* ********************************************************************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ********************************************************************* Probably caused by : ntoskrnl.exe ( nt+21b0f ) Followup: MachineOwner --------- 7: Use !analyze -v to get detailed debugging information. BugCheck 10000050, {be3e09f3, 0, bf85010a, 2} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ********************************************************************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ********************************************************************* ********************************************************************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ********************************************************************* Probably caused by : win32k.sys ( win32k+5010a ) Followup: MachineOwner --------- No i ostatni 8: Use !analyze -v to get detailed debugging information. BugCheck 1A, {41284, cb15001, 38966, c0883000} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ********************************************************************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ********************************************************************* ********************************************************************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y <symbol_path> argument when starting the debugger. * * using .sympath and .sympath+ * ********************************************************************* Probably caused by : ntoskrnl.exe ( nt+21b0f ) Followup: MachineOwner ---------[/log] Edytowane 17 marca 2010 przez Andziorka wstawiam w [log]
Psycholandia komentarz 17 marca 2010 komentarz 17 marca 2010 [quote]Probably caused by : ntoskrnl.exe ( nt+21b0f ) Probably caused by : win32k.sys ( win32k+e52f0 ) Probably caused by : avgntflt.sys ( avgntflt+dbf7 )[/quote] Wykonaj: http://andziorka.wordpress.com/2009/11/04/probably-caused-by-ntoskrnl-exe/ Przeinstaluj Avirę, albo zainstaluj innego antywirusa na próbę.
samos komentarz 17 marca 2010 Autor komentarz 17 marca 2010 Avirę zainstalowałem z tydzień temu. Ogólnie używałem całe życie avasta, na nie cały miesiąc przeszedłem na NOD'a , który tak zmulił mi kompa, że wziąłem Avirę. Ale zrobię jak mówisz
Psycholandia komentarz 17 marca 2010 komentarz 17 marca 2010 [quote]Probably caused by : avgntflt.sys ( avgntflt+dbf7 )[/quote] Z tego wynika, że Avira też powoduje resety. Wykonaj także powyższe wskazówki.
samos komentarz 17 marca 2010 Autor komentarz 17 marca 2010 Jaki program AV polecasz najbardziej tylko taki zeby kompa nie mulił. Czy muszę na płyte wstawiac ten program co podałaś, bo nie mam teraz plyty i nie mam gdzie kupic. I ostatnie: co do karty graficznej to jak najlepiej odinstalowac te sterowniki i skad wziac nowe, mam je zainstalowac z plyty ktora dostalem wraz z karta czy moze mam sciagnac ze strony www? Czy moge w ogole na poczatku samym poczatku zrobic te sterowniki z karta ? Moze to jest przyczyna resetowania kompa? I dalej nie trzeba bedzie ingerowac ? Ogolnie to zauwazylem poprawe w kompie nie resetuje sie tak czesto. A 2 to zauwazylem wlasnie, ze cos z karta jest nie tak, wiec moze zaczne od tych sterownikow do karty??
Psycholandia komentarz 17 marca 2010 komentarz 17 marca 2010 1. Może być Avast nawet. 2. Tak na płytę, najwyżej jutro kup i zgraj. 3. Stery odinstaluj programem Driver Cleaner 3. Ściągnij najnowsze stery ze strony producenta. 4. Możesz najpierw przeinstalować stery, kolejność obojętna.
samos komentarz 17 marca 2010 Autor komentarz 17 marca 2010 Moze byc program driver cleaner 3.3??i jak mam karte na agp to nie moze byc pod pci sterownik ?
samos komentarz 17 marca 2010 Autor komentarz 17 marca 2010 Nie moge znalezc tych driverów pod agp. Prosze Cie o wklejenie linka do tej karty: radeon hd3850 agp, bede wdzieczny naprawde
Psycholandia komentarz 17 marca 2010 komentarz 17 marca 2010 http://game.amd.com/us-en/drivers_catalyst.aspx?p=xp/radeonx-xp
samos komentarz 17 marca 2010 Autor komentarz 17 marca 2010 Które dokladnie mam sciagnac wg ciebie ? Pierwsze te wiecej wazace, czy te mniej wazace?
Psycholandia komentarz 17 marca 2010 komentarz 17 marca 2010 [b]Option 1[/b] to sterowniki z oprogramowaniem, a [b]Option 2[/b] same sterowniki. Ja zawsze instaluje same, bez dodatków.
samos komentarz 17 marca 2010 Autor komentarz 17 marca 2010 (edytowane) a co takie dodatki mogą dodawac ? ;p Mozna jak cos pozniej te dodatki doinstalowac do samej wersji ? Edytowane 17 marca 2010 przez samos
Psycholandia komentarz 17 marca 2010 komentarz 17 marca 2010 To jest Catalyst Control Center, więcej na necie poczytasz o tym.
samos komentarz 17 marca 2010 Autor komentarz 17 marca 2010 aa to wiem. Co do programu driver cleaner to w ogole nie moge załapać jak odnalezc sterowniki karty i je usunac. Pomozesz ?
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.