MGSniper utworzono 13 czerwca 2014 utworzono 13 czerwca 2014 Witam, niedawno aktywowałem wirusa ''haha'' z dołączonym plikiem wysłanym przez znajomego na facebooku. Komp zaczął mi strasznie zamulać, szczególnie wyszukiwarki iternetowe ''mozilla, opera''. Skanowałem komputer avastem 2014 i kasperskim wersja testową, niestety nic to nei dało. Prosze o jak najszybszą pomoc. Z góry dzięki. To moje logi z programu OTL: OTL Extras logfile created on: 2014-06-13 01:29:19 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MG\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 5,91 Gb Total Physical Memory | 4,33 Gb Available Physical Memory | 73,23% Memory free 11,83 Gb Paging File | 9,13 Gb Available in Paging File | 77,22% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 71,04 Gb Total Space | 28,50 Gb Free Space | 40,12% Space Free | Partition Type: NTFS Drive D: | 196,04 Gb Total Space | 145,79 Gb Free Space | 74,37% Space Free | Partition Type: NTFS Drive E: | 641,60 Gb Total Space | 10,84 Gb Free Space | 1,69% Space Free | Partition Type: NTFS Computer Name: MG-KOMPUTER | User Name: MG | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (All) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation) .cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation) .hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation) .html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software) .inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) .js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation) .txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .bat [@ = batfile] -- "%1" %* .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation) .cmd [@ = cmdfile] -- "%1" %* .com [@ = comfile] -- "%1" %* .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .exe [@ = exefile] -- "%1" %* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation) .html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software) .inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation) .js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .pif [@ = piffile] -- "%1" %* .reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation) .scr [@ = scrfile] -- "%1" /S .txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1993650941-1259634691-3691880156-1000\SOFTWARE\Classes\<extension>] .html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software) .scr [@ = AutoCADScriptFile] -- C:\Windows\SysWow64\notepad.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1BFAF436-D7D4-4C01-82FF-C538C9B49B2C}" = lport=139 | protocol=6 | dir=in | app=system | "{1F8D3094-B1E1-4D45-B631-F439BD0D7F38}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{255834B0-9D79-47D1-A765-6D0D9D8B20CA}" = rport=137 | protocol=17 | dir=out | app=system | "{2CEB0108-2FA4-4021-8E0E-C341BE3A09C5}" = rport=445 | protocol=6 | dir=out | app=system | "{3D9D6834-7247-4239-A154-06C44B0CFE9E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | "{404A1842-AB85-4869-8AE3-6E45B914960D}" = lport=445 | protocol=6 | dir=in | app=system | "{4605D2F6-7FDF-4E1A-964C-3F4ED24111B1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{472A72FA-51B7-416A-B82F-DE96B13D1CD5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5C8CC04C-8FEA-489A-B9EC-C31663C77C6D}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{64B6B785-3391-4681-A640-848C1A8B0E27}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{738E05A9-AE4B-4930-A877-A043D65E5D78}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7E8EBC49-A2F7-47A2-9D80-2C43327407AF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7FCF9899-DFBE-4E6E-9AC8-705672A09C20}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{850B56E0-3D49-4037-8121-DB5F7C71F1E6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9110AB53-5B94-404D-B7CC-3A0C479FC966}" = rport=138 | protocol=17 | dir=out | app=system | "{A2AADB8B-6010-4227-B1A8-EDA610726334}" = lport=10243 | protocol=6 | dir=in | app=system | "{CAFD826F-1A12-4D42-AA6A-1FAB70A27ED8}" = lport=137 | protocol=17 | dir=in | app=system | "{CEC06417-0CA2-4D1F-B823-9A451C0D5E14}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{CF0EB0D5-1532-4BF2-A5CB-59EDF60F5CBB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{D3C1CEB3-6609-4F51-8037-CBAAE6BE4C0D}" = rport=10243 | protocol=6 | dir=out | app=system | "{DBCD2922-DDEB-47DE-B142-E752886BCBAF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E1B46E3D-AA1C-4A52-8426-3A6CACEAF47D}" = rport=139 | protocol=6 | dir=out | app=system | "{E3B9F636-C189-4C76-BF7D-739CC6F6479F}" = lport=2869 | protocol=6 | dir=in | app=system | "{EC49F3EF-0D0C-4CE8-81AE-F0C8786002E6}" = lport=138 | protocol=17 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0DC8F46F-A27A-4C4F-A1DC-7C12255E0A02}" = protocol=6 | dir=in | app=d:\steam\steam.exe | "{1476D951-D278-41CE-BDB3-3FCF0028AF31}" = protocol=6 | dir=in | app=d:\bioshock infinite\binaries\win32\bioshockinfinite.exe | "{19F6F881-CCF2-4273-8DDA-8B5CC56DFEC9}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{1CECE52E-FE37-4434-A555-AC2FEB649C45}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{29620115-9DA0-495E-89B2-D997EDCB4D06}" = protocol=6 | dir=out | app=system | "{3798E184-D2F3-49D8-B96F-348D1880BADA}" = protocol=17 | dir=in | app=c:\users\mg\appdata\roaming\utorrent\utorrent.exe | "{39751E2C-B035-41AC-9CA1-031A0F34A347}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ids.application.exe | "{3B50DE87-4937-42A4-839C-3A48A4B03803}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{43105818-D5B6-46F4-863C-254227DB03D2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{46933E63-9AAC-4DCE-8850-64CE4767BAF4}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\cdas2pc.exe | "{49BE73DF-5150-4E97-B113-3026075D69DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{4A187A8E-CA27-4701-8B7A-683E42AD1DA2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{4B50DD81-D4CF-4C5C-83DB-4EF6A7D82C0A}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\scx3400\scnsearch\usdagent.exe | "{4C01AD82-6169-494E-84C3-F5C1FF68902B}" = protocol=17 | dir=in | app=c:\program files (x86)\scan assistant\usdagent.exe | "{530E6785-68D7-435C-A0A7-0B95932BC6E7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{588D41B0-7D6E-4769-8327-3534D92E9ABD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{5D5AACE4-F04D-4603-A8FE-0FF9980C41D1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{5EEFA442-1C38-4E06-81C7-637EAF8C6FFB}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\idsalert.exe | "{684E9EC5-6B98-4621-9F3D-BB08A248403D}" = protocol=17 | dir=in | app=d:\steam\steam.exe | "{6D7713B9-7E73-4C4F-B85E-7C3CC8DBAE74}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{79DE4916-2936-4ABE-BBA4-128143E9F538}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\cdas2pc.exe | "{7A6B9E15-F280-4EFF-8ACE-D7C5840D878F}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ordersupplies.exe | "{8168586B-9D87-444A-A6EF-ED7D3A732891}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{90A12DBA-7762-46D3-8335-893C9945E394}" = protocol=17 | dir=in | app=c:\program files (x86)\napiprojekt\napisy.exe | "{91F379A5-E936-4D12-B202-E07A5123558B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{92C87733-BEC9-4582-AD39-41D4B8CC45FE}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{940057D6-D8E4-4D0E-BA46-D0B894F57319}" = protocol=6 | dir=in | app=c:\program files (x86)\scan assistant\usdagent.exe | "{9BCBAC31-096C-483E-A845-7C507FD45AAE}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\idsalert.exe | "{A1859F62-B927-4FE6-B401-504D2AFD1C31}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{A19ABF88-CE8B-4AF9-8F5D-914B413390DD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{A39BAAA5-AA12-4701-91A1-CA917FA25591}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\scx3400\scnsearch\usdagent.exe | "{A6961A84-BA7D-4FA0-B73F-B53653389586}" = protocol=6 | dir=in | app=c:\program files (x86)\napiprojekt\napisy.exe | "{A7806FDE-8C95-4CC5-8848-66057A24F85E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AE95264C-892C-403F-AC96-B14F887B9AFD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B46A593F-A630-487E-8DA1-AAB4D6EAE214}" = protocol=6 | dir=in | app=c:\users\mg\appdata\roaming\utorrent\utorrent.exe | "{B719E9E2-5E18-4C08-B89D-8B44C565244A}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ordersupplies.exe | "{B79A1176-EC03-4C35-A780-67F924175FC2}" = protocol=17 | dir=in | app=c:\program files\common files\common desktop agent\cdasrv.exe | "{BB598D4C-0034-424E-BD10-505592513CB9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{BD08A221-35CA-41DE-94DD-CD2CCF9FA8A9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{C63F08DD-9FC3-4C3C-8488-F7649830265B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{C6C3B1A8-0066-4A7D-8ED4-6AA51182FC43}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{CE20258A-1E42-48A1-A71B-878D76912A1F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{E0AD4FC0-3500-4914-B944-6401623602A4}" = protocol=6 | dir=in | app=c:\program files\common files\common desktop agent\cdasrv.exe | "{E1644176-82EA-40CC-B2F0-6DDD7BEC1056}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{EDFFC660-B896-4475-ACB0-32E59706D04D}" = protocol=17 | dir=in | app=d:\bioshock infinite\binaries\win32\bioshockinfinite.exe | "{EE4377E0-F64D-4DE0-947A-A15E072A9D3D}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ids.application.exe | "{EFFF262D-88D9-4051-850A-B60D038A1DFE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "TCP Query User{D4AC8C37-DFF9-4B3C-82AF-15584A9F8604}C:\users\mg\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\mg\appdata\roaming\spotify\spotify.exe | "UDP Query User{D2FE413B-D32F-4A15-B388-3386D5BF8DB4}C:\users\mg\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\mg\appdata\roaming\spotify\spotify.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{031A0E14-0413-4C97-9772-2639B782F46F}" = Common Desktop Agent "{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5783F2D7-A001-0409-0102-0060B0CE6BBA}" = AutoCAD 2012 - English "{5783F2D7-A001-0409-1102-0060B0CE6BBA}" = AutoCAD 2012 Language Pack - English "{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}" = Intel(R) Turbo Boost Technology Monitor 2.6 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010 "{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010 "{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 335.23 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 335.23 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 11.10.13 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.1220 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "AutoCAD 2012 - English" = AutoCAD 2012 - English "Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter "CCleaner" = CCleaner "Elantech" = ETDWare PS/2-X64 10.7.14.12_WHQL "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service "{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{4A331D24-A9E8-484F-835E-1BA7B139689C}" = EasyBatteryManager "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}" = Fast Start "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16 "{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}" = Movie Color Enhancer "{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX "{8732818E-CA78-4ACB-B077-22311BF4C0E4}" = Easy Network Manager "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1" = ClipGrab 3.4.3 "{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012 "{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB "{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Polish "{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}" = Kaspersky PURE 3.0 "{D081C29C-1DDC-4C55-BCBF-DF8519636331}_is1" = "BioShock Infinite" "{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FFD0E594-823B-4E2B-B680-720B3C852588}" = BatteryLifeExtender "Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin "AIMP3" = AIMP3 "Avast" = avast! Free Antivirus "DAEMON Tools Lite" = DAEMON Tools Lite "Guitar Pro 5_is1" = Guitar Pro 5.2 "hon" = Heroes of Newerth "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}" = Kaspersky PURE 3.0 "Mozilla Firefox 29.0.1 (x86 pl)" = Mozilla Firefox 29.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NapiProjekt_is1" = NapiProjekt (2.2.0.2399) "Opera 22.0.1471.50" = Opera Stable 22.0.1471.50 "Samsung Easy Printer Manager" = Samsung Easy Printer Manager "Samsung Printer Live Update" = Samsung Printer Live Update "Samsung Scan Assistant" = Samsung Scan Assistant "Samsung SCX-3400 Series" = Samsung SCX-3400 Series "SpeedFan" = SpeedFan (remove only) "VLC media player" = VLC media player 2.1.3 "WinRAR archiver" = WinRAR 5.01 (32-bitowy) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1993650941-1259634691-3691880156-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "uTorrent" = µTorrent [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-06-09 05:19:17 | Computer Name = MG-Komputer | Source = Microsoft-Windows-EapHost | ID = 2002 Description = Pomijanie: nie można zweryfikować Eap method DLL path. Błąd: identyfikator typu=17, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error - 2014-06-09 05:19:17 | Computer Name = MG-Komputer | Source = Microsoft-Windows-EapHost | ID = 2002 Description = Pomijanie: nie można zweryfikować Eap method DLL path. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error - 2014-06-09 05:19:17 | Computer Name = MG-Komputer | Source = Microsoft-Windows-EapHost | ID = 2002 Description = Pomijanie: nie można zweryfikować Eap method DLL path. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error - 2014-06-09 05:19:17 | Computer Name = MG-Komputer | Source = Microsoft-Windows-EapHost | ID = 2002 Description = Pomijanie: nie można zweryfikować Eap method DLL path. Błąd: identyfikator typu=17, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error - 2014-06-09 05:19:17 | Computer Name = MG-Komputer | Source = Microsoft-Windows-EapHost | ID = 2002 Description = Pomijanie: nie można zweryfikować Eap method DLL path. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error - 2014-06-09 05:19:17 | Computer Name = MG-Komputer | Source = Microsoft-Windows-EapHost | ID = 2002 Description = Pomijanie: nie można zweryfikować Eap method DLL path. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error - 2014-06-10 18:27:44 | Computer Name = MG-Komputer | Source = Microsoft-Windows-EapHost | ID = 2002 Description = Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=17, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error - 2014-06-10 18:27:44 | Computer Name = MG-Komputer | Source = Microsoft-Windows-EapHost | ID = 2002 Description = Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error - 2014-06-10 18:27:44 | Computer Name = MG-Komputer | Source = Microsoft-Windows-EapHost | ID = 2002 Description = Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error - 2014-06-10 18:29:27 | Computer Name = MG-Komputer | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2014-06-04 11:54:51 | Computer Name = MG-Komputer | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Autodesk Content Service. Error - 2014-06-04 11:54:51 | Computer Name = MG-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Autodesk Content Service z powodu następującego błędu: %%1053 Error - 2014-06-04 11:55:02 | Computer Name = MG-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Intel(R) PROSet/Wireless Event Log z powodu następującego błędu: %%2 Error - 2014-06-04 11:55:37 | Computer Name = MG-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Intel(R) PROSet/Wireless Registry Service z powodu następującego błędu: %%2 Error - 2014-06-04 11:55:49 | Computer Name = MG-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Intel(R) PROSet/Wireless Zero Configuration Service z powodu następującego błędu: %%2 Error - 2014-06-10 18:28:05 | Computer Name = MG-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Intel(R) PROSet/Wireless Event Log z powodu następującego błędu: %%2 Error - 2014-06-10 18:28:20 | Computer Name = MG-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Intel(R) PROSet/Wireless Registry Service z powodu następującego błędu: %%2 Error - 2014-06-10 18:28:21 | Computer Name = MG-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Intel(R) PROSet/Wireless Zero Configuration Service z powodu następującego błędu: %%2 Error - 2014-06-11 11:29:51 | Computer Name = MG-Komputer | Source = Service Control Manager | ID = 7011 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi ShellHWDetection. Error - 2014-06-12 02:25:40 | Computer Name = MG-Komputer | Source = Service Control Manager | ID = 7011 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi Netman. < End of report >
eva-kotek komentarz 15 czerwca 2014 komentarz 15 czerwca 2014 Witam Ja chyba tez zlapalam jakiegos wirusa niestety nie znam sie za dobrze na komputerach ale za pomoca internetu mam Logi z OTL pomozcie mi prosze :/ extras.txt.: OTL Extras logfile created on: 2014-06-15 16:31:44 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17126) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,80 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 46,29% Memory free 7,60 Gb Paging File | 4,66 Gb Available in Paging File | 61,27% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 384,26 Gb Free Space | 82,52% Space Free | Partition Type: NTFS Computer Name: USER-KOMPUTER | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_USERS\S-1-5-21-989173570-2452618996-1951653105-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00C5AAEB-0B36-400A-B442-0E91BEA126E3}" = lport=139 | protocol=6 | dir=in | app=system | "{02A01203-D4B4-47B3-B496-60A792EC8552}" = rport=10243 | protocol=6 | dir=out | app=system | "{1226AB1F-90D1-47BD-8BBE-D1797FB9AC32}" = rport=139 | protocol=6 | dir=out | app=system | "{1A921347-4A80-4ECA-9233-825B5A95BA53}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2505C5E7-F995-44D5-9A30-ABE8AE5AB6AB}" = lport=10243 | protocol=6 | dir=in | app=system | "{3B824FEB-03C7-4EBD-892E-E555399B648F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{5036EEC8-5907-412E-8FD1-5A40634FD506}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{596FB307-09F0-42AB-A06D-B23EF7AF9CFA}" = lport=2869 | protocol=6 | dir=in | app=system | "{5F86F023-469E-4BD8-BE24-70C96B70A1E4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{98E16F43-9808-4186-8496-14744DB0F6AF}" = lport=137 | protocol=17 | dir=in | app=system | "{B794E04C-B874-4011-A5B7-B61620C9B94D}" = lport=445 | protocol=6 | dir=in | app=system | "{C0EA88DD-5FCB-4DDE-A7A2-8B527AB884DE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CA70AE16-A934-40BA-B317-4A743F7722AE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{DC7622CF-726E-40DA-BA28-02327A647DC4}" = lport=138 | protocol=17 | dir=in | app=system | "{DEDA6331-C14D-4E47-AD9F-6EB80B809B7F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E27B979F-F8BB-476E-ADD4-0C3F81E4ABAF}" = rport=445 | protocol=6 | dir=out | app=system | "{EB180CAF-7AC7-435B-A6FD-59B61A47E7EB}" = rport=138 | protocol=17 | dir=out | app=system | "{EE78B6DF-30AC-4917-827B-EE9B15B21D9D}" = rport=137 | protocol=17 | dir=out | app=system | "{EE8D5439-33D7-4E07-A5C0-DADD9E3AB3E9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F522FEBE-1B09-4AB7-9C81-6F2B65E86CD6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F9B87FF6-F4F3-4FBB-AC98-89AA406D5CE3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{03362AB0-893C-460F-B5D2-408B737481AE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{034CEBE6-EA9B-43B8-A810-68D8E37AD27B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{05238306-1B42-428B-82AE-F4CA9B0E7BB2}" = protocol=17 | dir=in | app=uncserver.exe | "{09ECA5E5-2E42-45F7-AC5D-BDD06EAA6B27}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{0DDE8042-469B-4DA5-9C70-8F92D93D526B}" = protocol=17 | dir=in | app=uncserver.exe | "{15DDB434-0606-4898-927B-850FCCBF7E04}" = protocol=6 | dir=in | app=uncserver.exe | "{1A9A1C98-3728-4F9A-86C1-27BAE256EE84}" = protocol=17 | dir=in | app=uncserver.exe | "{1ABD62B5-0715-4BAF-99B3-861F7B6A9518}" = protocol=6 | dir=in | app=uncserver.exe | "{1E1F2547-C4A6-4A78-9515-55706BAE39D2}" = protocol=17 | dir=in | app=uncserver.exe | "{1E4E687E-7A7F-42E9-BFBE-87E9BA38A086}" = protocol=6 | dir=in | app=uncserver.exe | "{243E2299-58BE-4740-B1AB-151E425DDAD5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{3344B15A-A188-42AC-96D1-7C13AE43C371}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{33FE6B90-8903-482D-A612-DE5A7580EA44}" = protocol=17 | dir=in | app=uncserver.exe | "{41B1E9CA-289B-46DB-B7CC-31094CE0B539}" = protocol=6 | dir=in | app=uncserver.exe | "{436D756D-479E-4AA0-9C8D-28C301911CB9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{4A650610-1335-4541-8C8A-6CF157D15C59}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{58DE1F01-061F-4F13-B667-84780EFA5070}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{5C221CF6-B426-4FA7-83ED-469C9FEEE8FB}" = protocol=17 | dir=in | app=uncserver.exe | "{5D0B1063-196A-49D5-9B97-5193BDF583E4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{668F3DBE-7728-46C2-A1CA-5D048D8D42B1}" = protocol=6 | dir=in | app=uncserver.exe | "{6D108D6C-1FE5-4E77-8725-EB651845C711}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\utorrent\utorrent.exe | "{77352B07-DC40-42E9-A723-4E3774E3AF4A}" = protocol=17 | dir=in | app=uncserver.exe | "{78038694-994B-4A50-8E22-0F738C02B543}" = protocol=6 | dir=in | app=uncserver.exe | "{7A575D9A-8F0C-4BFE-8123-AE984B29D3F1}" = protocol=17 | dir=in | app=uncserver.exe | "{91B41033-0CE6-465F-A738-1E32C4128B50}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9F275E9A-FB58-43B3-8366-C828C0645070}" = protocol=6 | dir=in | app=uncserver.exe | "{A3BD8CC7-670E-4B3B-A182-C02A4AAF7D6E}" = protocol=17 | dir=in | app=uncserver.exe | "{A60C1A0B-A9E0-4486-86E1-C817D8B90263}" = protocol=6 | dir=in | app=uncserver.exe | "{A8219337-4885-4C33-AD48-41E5974D8477}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{A9A2D550-514B-41EE-8B27-F5E24BAFED27}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\utorrent\utorrent.exe | "{AB89051B-85B6-4B0D-8AF6-952E3C444AC3}" = protocol=6 | dir=in | app=uncserver.exe | "{B79BCD68-86B5-4F0B-A8BC-3658936DF01C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{C719FD28-8F65-4BEB-A720-CA12D1AB4717}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{D39B1492-8519-4B0A-9318-F6E39B2EAF6B}" = protocol=6 | dir=in | app=uncserver.exe | "{D5A88CFD-1EC3-4087-A78A-86D20E771948}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{D8630700-DAF8-42A9-A7EA-23A6919AC717}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{DE4CD161-8D8B-44A2-9281-6550FFA993C7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{E03FCFFD-0B30-4D96-AF32-FA9E800031FE}" = protocol=6 | dir=in | app=uncserver.exe | "{E34980F4-2907-433F-A250-05D5879A9AB8}" = protocol=17 | dir=in | app=uncserver.exe | "{F5421610-60EB-44C6-848F-A91652849BE4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{FAA15337-CB71-41C0-A3B2-AD4EEC91B198}" = protocol=6 | dir=out | app=system | "{FBDC3DB5-A451-4377-AF5C-A18962E885D2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{FD33BB11-D4C5-4B6E-86CC-22F5F3966DC4}" = protocol=17 | dir=in | app=uncserver.exe | "TCP Query User{0BFC39D0-D23D-4155-A138-51DEDAC747EA}C:\program files (x86)\lenovo\system update\uncserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe | "UDP Query User{EC411B8A-07D6-4B9A-8926-A10DBE8096D1}C:\program files (x86)\lenovo\system update\uncserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{053ACA98-6B07-4DD0-9DB3-F51E3EB1780C}" = Lenovo Patch Utility 64 bit "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{45F1F774-38B4-3CC3-BAAF-051E6D19E48E}" = Microsoft .NET Framework 4.5.1 (PLK) "{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1 "{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski) "{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = ThinkPad Bluetooth with Enhanced Data Rate Software "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 312.69 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 312.69 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.24.2 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "CNXT_AUDIO_HDA" = Conexant 20585 SmartAudio HD "CNXT_MODEM_HDA_HSF" = ThinkPad Modem Adapter "Greener Web" = Greener Web "LENOVO.SMIIF" = Lenovo System Interface Driver "OnScreenDisplay" = On Screen Display "Power Management Driver" = Lenovo Power Management Driver "PROSet" = Intel(R) Network Connections Drivers "SynTPDeinstKey" = ThinkPad UltraNav Driver "ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}" = RICOH R5U230 Media Driver ver.2.06.02.02 "{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav Utility "{193CA6A6-E735-40B1-AA92-F611B291792C}" = Verizon Wireless Mobile Broadband Self Activation "{25C64847-B900-48AD-A164-1B4F9B774650}" = Lenovo System Update "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{666C9123-1AEC-446F-8AA8-28256B1953D4}" = Qualcomm Gobi 2000 Package for Lenovo "{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}" = ThinkVantage GPS "{8E537894-A559-4D60-B3CB-F4485E3D24E3}" = ThinkVantage Access Connections "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}" = Lenovo Mobile Broadband Activation "{C3CD17B4-08B0-492D-8A4C-81716D33E520}" = Integrated Camera Driver Installer Package Ver.1.1.0.48 "{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = Power Manager "{DDAA788F-52E6-44EA-ADB8-92837B11BF26}" = Metric Collection SDK "{E8F27ADF-B1ED-41AF-A7EF-D5E71778480C}" = Lenovo Patch Utility "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin "Avast" = avast! Free Antivirus "Google Chrome" = Google Chrome "Mozilla Firefox 29.0.1 (x86 pl)" = Mozilla Firefox 29.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "WinRAR archiver" = WinRAR 5.01 (32-bitowy) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-989173570-2452618996-1951653105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "uTorrent" = µTorrent [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-06-15 08:44:48 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Desktop\picasa39-setup.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Desktop\picasa39-setup.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 08:44:49 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Desktop\picasa39-setup.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Desktop\picasa39-setup.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 08:45:42 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Desktop\picasa39-setup.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Desktop\picasa39-setup.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 08:50:06 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Desktop\picasa39-setup.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Desktop\picasa39-setup.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 08:50:17 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Desktop\picasa39-setup.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Desktop\picasa39-setup.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 08:54:33 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Desktop\picasa39-setup.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Desktop\picasa39-setup.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 10:39:34 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Downloads\Lightroom_5_LS11_win_5_4.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Downloads\Lightroom_5_LS11_win_5_4.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 10:39:36 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Downloads\Lightroom_5_LS11_win_5_4.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Downloads\Lightroom_5_LS11_win_5_4.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 10:40:46 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Desktop\Lightroom_5_LS11_win_5_4.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Desktop\Lightroom_5_LS11_win_5_4.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 10:40:53 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Desktop\Lightroom_5_LS11_win_5_4.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Desktop\Lightroom_5_LS11_win_5_4.exe" w wierszu 0. Nieprawidłowa składnia XML. [ System Events ] Error - 2014-06-12 14:40:29 | Computer Name = user-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error - 2014-06-12 16:30:19 | Computer Name = user-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi eakbojhl z powodu następującego błędu: %%2 Error - 2014-06-12 18:15:09 | Computer Name = user-Komputer | Source = BTHUSB | ID = 327696 Description = Uwierzytelnianie wzajemne między lokalnym adapterem Bluetooth a urządzeniem o adresie adaptera Bluetooth (34:31:11:8c:36:8e) nie powiodło się. Error - 2014-06-12 18:34:03 | Computer Name = user-Komputer | Source = DCOM | ID = 10010 Description = Error - 2014-06-13 18:53:13 | Computer Name = user-Komputer | Source = BROWSER | ID = 8032 Description = Error - 2014-06-14 15:50:05 | Computer Name = user-Komputer | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0. Error - 2014-06-14 15:50:05 | Computer Name = user-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 z powodu następującego błędu: %%1053 Error - 2014-06-14 15:56:50 | Computer Name = user-Komputer | Source = Service Control Manager | ID = 7022 Description = Usługa Windows Update zawiesiła się podczas uruchamiania. Error - 2014-06-14 18:40:31 | Computer Name = user-Komputer | Source = BTHUSB | ID = 327685 Description = Sterownik Bluetooth oczekiwał zdarzenia HCI o określonym rozmiarze, ale go nie otrzymał. Error - 2014-06-14 19:27:50 | Computer Name = user-Komputer | Source = BTHUSB | ID = 327685 Description = Sterownik Bluetooth oczekiwał zdarzenia HCI o określonym rozmiarze, ale go nie otrzymał. < End of report > OTL.txt: OTL Extras logfile created on: 2014-06-15 16:31:44 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17126) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,80 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 46,29% Memory free 7,60 Gb Paging File | 4,66 Gb Available in Paging File | 61,27% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 384,26 Gb Free Space | 82,52% Space Free | Partition Type: NTFS Computer Name: USER-KOMPUTER | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_USERS\S-1-5-21-989173570-2452618996-1951653105-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00C5AAEB-0B36-400A-B442-0E91BEA126E3}" = lport=139 | protocol=6 | dir=in | app=system | "{02A01203-D4B4-47B3-B496-60A792EC8552}" = rport=10243 | protocol=6 | dir=out | app=system | "{1226AB1F-90D1-47BD-8BBE-D1797FB9AC32}" = rport=139 | protocol=6 | dir=out | app=system | "{1A921347-4A80-4ECA-9233-825B5A95BA53}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2505C5E7-F995-44D5-9A30-ABE8AE5AB6AB}" = lport=10243 | protocol=6 | dir=in | app=system | "{3B824FEB-03C7-4EBD-892E-E555399B648F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{5036EEC8-5907-412E-8FD1-5A40634FD506}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{596FB307-09F0-42AB-A06D-B23EF7AF9CFA}" = lport=2869 | protocol=6 | dir=in | app=system | "{5F86F023-469E-4BD8-BE24-70C96B70A1E4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{98E16F43-9808-4186-8496-14744DB0F6AF}" = lport=137 | protocol=17 | dir=in | app=system | "{B794E04C-B874-4011-A5B7-B61620C9B94D}" = lport=445 | protocol=6 | dir=in | app=system | "{C0EA88DD-5FCB-4DDE-A7A2-8B527AB884DE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CA70AE16-A934-40BA-B317-4A743F7722AE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{DC7622CF-726E-40DA-BA28-02327A647DC4}" = lport=138 | protocol=17 | dir=in | app=system | "{DEDA6331-C14D-4E47-AD9F-6EB80B809B7F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E27B979F-F8BB-476E-ADD4-0C3F81E4ABAF}" = rport=445 | protocol=6 | dir=out | app=system | "{EB180CAF-7AC7-435B-A6FD-59B61A47E7EB}" = rport=138 | protocol=17 | dir=out | app=system | "{EE78B6DF-30AC-4917-827B-EE9B15B21D9D}" = rport=137 | protocol=17 | dir=out | app=system | "{EE8D5439-33D7-4E07-A5C0-DADD9E3AB3E9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F522FEBE-1B09-4AB7-9C81-6F2B65E86CD6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F9B87FF6-F4F3-4FBB-AC98-89AA406D5CE3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{03362AB0-893C-460F-B5D2-408B737481AE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{034CEBE6-EA9B-43B8-A810-68D8E37AD27B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{05238306-1B42-428B-82AE-F4CA9B0E7BB2}" = protocol=17 | dir=in | app=uncserver.exe | "{09ECA5E5-2E42-45F7-AC5D-BDD06EAA6B27}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{0DDE8042-469B-4DA5-9C70-8F92D93D526B}" = protocol=17 | dir=in | app=uncserver.exe | "{15DDB434-0606-4898-927B-850FCCBF7E04}" = protocol=6 | dir=in | app=uncserver.exe | "{1A9A1C98-3728-4F9A-86C1-27BAE256EE84}" = protocol=17 | dir=in | app=uncserver.exe | "{1ABD62B5-0715-4BAF-99B3-861F7B6A9518}" = protocol=6 | dir=in | app=uncserver.exe | "{1E1F2547-C4A6-4A78-9515-55706BAE39D2}" = protocol=17 | dir=in | app=uncserver.exe | "{1E4E687E-7A7F-42E9-BFBE-87E9BA38A086}" = protocol=6 | dir=in | app=uncserver.exe | "{243E2299-58BE-4740-B1AB-151E425DDAD5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{3344B15A-A188-42AC-96D1-7C13AE43C371}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{33FE6B90-8903-482D-A612-DE5A7580EA44}" = protocol=17 | dir=in | app=uncserver.exe | "{41B1E9CA-289B-46DB-B7CC-31094CE0B539}" = protocol=6 | dir=in | app=uncserver.exe | "{436D756D-479E-4AA0-9C8D-28C301911CB9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{4A650610-1335-4541-8C8A-6CF157D15C59}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{58DE1F01-061F-4F13-B667-84780EFA5070}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{5C221CF6-B426-4FA7-83ED-469C9FEEE8FB}" = protocol=17 | dir=in | app=uncserver.exe | "{5D0B1063-196A-49D5-9B97-5193BDF583E4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{668F3DBE-7728-46C2-A1CA-5D048D8D42B1}" = protocol=6 | dir=in | app=uncserver.exe | "{6D108D6C-1FE5-4E77-8725-EB651845C711}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\utorrent\utorrent.exe | "{77352B07-DC40-42E9-A723-4E3774E3AF4A}" = protocol=17 | dir=in | app=uncserver.exe | "{78038694-994B-4A50-8E22-0F738C02B543}" = protocol=6 | dir=in | app=uncserver.exe | "{7A575D9A-8F0C-4BFE-8123-AE984B29D3F1}" = protocol=17 | dir=in | app=uncserver.exe | "{91B41033-0CE6-465F-A738-1E32C4128B50}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9F275E9A-FB58-43B3-8366-C828C0645070}" = protocol=6 | dir=in | app=uncserver.exe | "{A3BD8CC7-670E-4B3B-A182-C02A4AAF7D6E}" = protocol=17 | dir=in | app=uncserver.exe | "{A60C1A0B-A9E0-4486-86E1-C817D8B90263}" = protocol=6 | dir=in | app=uncserver.exe | "{A8219337-4885-4C33-AD48-41E5974D8477}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{A9A2D550-514B-41EE-8B27-F5E24BAFED27}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\utorrent\utorrent.exe | "{AB89051B-85B6-4B0D-8AF6-952E3C444AC3}" = protocol=6 | dir=in | app=uncserver.exe | "{B79BCD68-86B5-4F0B-A8BC-3658936DF01C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{C719FD28-8F65-4BEB-A720-CA12D1AB4717}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{D39B1492-8519-4B0A-9318-F6E39B2EAF6B}" = protocol=6 | dir=in | app=uncserver.exe | "{D5A88CFD-1EC3-4087-A78A-86D20E771948}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{D8630700-DAF8-42A9-A7EA-23A6919AC717}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{DE4CD161-8D8B-44A2-9281-6550FFA993C7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{E03FCFFD-0B30-4D96-AF32-FA9E800031FE}" = protocol=6 | dir=in | app=uncserver.exe | "{E34980F4-2907-433F-A250-05D5879A9AB8}" = protocol=17 | dir=in | app=uncserver.exe | "{F5421610-60EB-44C6-848F-A91652849BE4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{FAA15337-CB71-41C0-A3B2-AD4EEC91B198}" = protocol=6 | dir=out | app=system | "{FBDC3DB5-A451-4377-AF5C-A18962E885D2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{FD33BB11-D4C5-4B6E-86CC-22F5F3966DC4}" = protocol=17 | dir=in | app=uncserver.exe | "TCP Query User{0BFC39D0-D23D-4155-A138-51DEDAC747EA}C:\program files (x86)\lenovo\system update\uncserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe | "UDP Query User{EC411B8A-07D6-4B9A-8926-A10DBE8096D1}C:\program files (x86)\lenovo\system update\uncserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{053ACA98-6B07-4DD0-9DB3-F51E3EB1780C}" = Lenovo Patch Utility 64 bit "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{45F1F774-38B4-3CC3-BAAF-051E6D19E48E}" = Microsoft .NET Framework 4.5.1 (PLK) "{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1 "{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski) "{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = ThinkPad Bluetooth with Enhanced Data Rate Software "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 312.69 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 312.69 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.24.2 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "CNXT_AUDIO_HDA" = Conexant 20585 SmartAudio HD "CNXT_MODEM_HDA_HSF" = ThinkPad Modem Adapter "Greener Web" = Greener Web "LENOVO.SMIIF" = Lenovo System Interface Driver "OnScreenDisplay" = On Screen Display "Power Management Driver" = Lenovo Power Management Driver "PROSet" = Intel(R) Network Connections Drivers "SynTPDeinstKey" = ThinkPad UltraNav Driver "ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}" = RICOH R5U230 Media Driver ver.2.06.02.02 "{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav Utility "{193CA6A6-E735-40B1-AA92-F611B291792C}" = Verizon Wireless Mobile Broadband Self Activation "{25C64847-B900-48AD-A164-1B4F9B774650}" = Lenovo System Update "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{666C9123-1AEC-446F-8AA8-28256B1953D4}" = Qualcomm Gobi 2000 Package for Lenovo "{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}" = ThinkVantage GPS "{8E537894-A559-4D60-B3CB-F4485E3D24E3}" = ThinkVantage Access Connections "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}" = Lenovo Mobile Broadband Activation "{C3CD17B4-08B0-492D-8A4C-81716D33E520}" = Integrated Camera Driver Installer Package Ver.1.1.0.48 "{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = Power Manager "{DDAA788F-52E6-44EA-ADB8-92837B11BF26}" = Metric Collection SDK "{E8F27ADF-B1ED-41AF-A7EF-D5E71778480C}" = Lenovo Patch Utility "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin "Avast" = avast! Free Antivirus "Google Chrome" = Google Chrome "Mozilla Firefox 29.0.1 (x86 pl)" = Mozilla Firefox 29.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "WinRAR archiver" = WinRAR 5.01 (32-bitowy) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-989173570-2452618996-1951653105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "uTorrent" = µTorrent [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-06-15 08:44:48 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Desktop\picasa39-setup.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Desktop\picasa39-setup.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 08:44:49 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Desktop\picasa39-setup.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Desktop\picasa39-setup.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 08:45:42 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Desktop\picasa39-setup.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Desktop\picasa39-setup.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 08:50:06 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Desktop\picasa39-setup.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Desktop\picasa39-setup.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 08:50:17 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Desktop\picasa39-setup.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Desktop\picasa39-setup.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 08:54:33 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Desktop\picasa39-setup.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Desktop\picasa39-setup.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 10:39:34 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Downloads\Lightroom_5_LS11_win_5_4.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Downloads\Lightroom_5_LS11_win_5_4.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 10:39:36 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Downloads\Lightroom_5_LS11_win_5_4.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Downloads\Lightroom_5_LS11_win_5_4.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 10:40:46 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Desktop\Lightroom_5_LS11_win_5_4.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Desktop\Lightroom_5_LS11_win_5_4.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 2014-06-15 10:40:53 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Users\user\Desktop\Lightroom_5_LS11_win_5_4.exe". Błąd w pliku manifestu lub w pliku zasad "C:\Users\user\Desktop\Lightroom_5_LS11_win_5_4.exe" w wierszu 0. Nieprawidłowa składnia XML. [ System Events ] Error - 2014-06-12 14:40:29 | Computer Name = user-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error - 2014-06-12 16:30:19 | Computer Name = user-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi eakbojhl z powodu następującego błędu: %%2 Error - 2014-06-12 18:15:09 | Computer Name = user-Komputer | Source = BTHUSB | ID = 327696 Description = Uwierzytelnianie wzajemne między lokalnym adapterem Bluetooth a urządzeniem o adresie adaptera Bluetooth (34:31:11:8c:36:8e) nie powiodło się. Error - 2014-06-12 18:34:03 | Computer Name = user-Komputer | Source = DCOM | ID = 10010 Description = Error - 2014-06-13 18:53:13 | Computer Name = user-Komputer | Source = BROWSER | ID = 8032 Description = Error - 2014-06-14 15:50:05 | Computer Name = user-Komputer | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0. Error - 2014-06-14 15:50:05 | Computer Name = user-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 z powodu następującego błędu: %%1053 Error - 2014-06-14 15:56:50 | Computer Name = user-Komputer | Source = Service Control Manager | ID = 7022 Description = Usługa Windows Update zawiesiła się podczas uruchamiania. Error - 2014-06-14 18:40:31 | Computer Name = user-Komputer | Source = BTHUSB | ID = 327685 Description = Sterownik Bluetooth oczekiwał zdarzenia HCI o określonym rozmiarze, ale go nie otrzymał. Error - 2014-06-14 19:27:50 | Computer Name = user-Komputer | Source = BTHUSB | ID = 327685 Description = Sterownik Bluetooth oczekiwał zdarzenia HCI o określonym rozmiarze, ale go nie otrzymał. < End of report > O takie cos mi wyskoczylo po przeskanowaniu i co dalej?
Zayfi komentarz 15 czerwca 2014 komentarz 15 czerwca 2014 Załoz swój temat a nie podpinaj sie pod innych
MGSniper komentarz 15 czerwca 2014 Autor komentarz 15 czerwca 2014 (edytowane) Czekam na odpowiedź :) Coś już wiadomo na temat tego co z moim kompem? ;p
MGSniper komentarz 17 czerwca 2014 Autor komentarz 17 czerwca 2014 po co miałem wstawiać te logi skoro nikt nie potrafi mi pomóc?
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.