Avast wykrył wirusa i takie cos

Dla specjalistów Bezpieczeństwo
#1

Odwiedzając pewną strone avast wykrył mi wirusa jakiegoś trojana i zaczeło się szalenie coś tak jak by mi sie instalowało czy co . niewiem czy nie jest zainfekowany . Przesyłam link ze screnem - http://yfrog.com/1avirusjj

Prosze o pomoc . Co mam robic ?

#2

Wyjdź jak najszybciej z tej strony to fake antywirus który będzie cię prosił o instalowanie różnych śmieci i będzie zamulał kompa. zrób pełny skan malwarebytes antimalware i daj loga z otl bo może już za póżno i załapałeś sie na syfa z tej strony.

#3

aha wkrótce prześle LOGI

Dodane 12.08.2010 (Cz) 21:28

A co wykryje malwarebytes antimalware to usunąć czy co?

Dodane 12.08.2010 (Cz) 21:40

OTL logfile created on: 2010-08-12 21:29:02 - Run 1

OTL by OldTimer - Version 3.2.9.1 Folder = D:\Rychu

Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd


511,00 Mb Total Physical Memory | 116,00 Mb Available Physical Memory | 23,00% Memory free

1,00 Gb Paging File | 1,00 Gb Available in Paging File | 51,00% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]


%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 29,30 Gb Total Space | 11,89 Gb Free Space | 40,56% Space Free | Partition Type: NTFS

Drive D: | 22,61 Gb Total Space | 18,96 Gb Free Space | 83,86% Space Free | Partition Type: NTFS

Drive E: | 22,64 Gb Total Space | 22,14 Gb Free Space | 97,77% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded


Computer Name: ŁU

Current User Name: Dom

Logged in as Administrator.


Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard


[color=#E56717]========== Processes (SafeList) ==========[/color]


PRC - [2010-08-12 21:28:45 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Rychu\OTL.exe

PRC - [2010-07-24 13:40:28 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Programy użytkowe\Mozilla Firefox\plugin-container.exe

PRC - [2010-07-24 13:40:21 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Programy użytkowe\Mozilla Firefox\firefox.exe

PRC - [2009-08-17 18:07:23 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Programy użytkowe\Alwil Software\Avast4\ashDisp.exe

PRC - [2009-08-17 18:07:17 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Programy użytkowe\Alwil Software\Avast4\ashServ.exe

PRC - [2009-08-17 18:07:01 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Programy użytkowe\Alwil Software\Avast4\ashMaiSv.exe

PRC - [2009-08-17 18:04:21 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Programy użytkowe\Alwil Software\Avast4\ashWebSv.exe

PRC - [2009-08-17 17:58:55 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Programy użytkowe\Alwil Software\Avast4\aswUpdSv.exe

PRC - [2008-12-15 20:04:10 | 000,887,808 | ---- | M] (Ares Development Group) -- C:\Program Files\Programy użytkowe\Ares\Ares.exe

PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007-01-16 13:42:20 | 000,950,272 | ---- | M] ( ) -- C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE

PRC - [2004-07-28 16:39:28 | 000,962,661 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

PRC - [2003-12-08 17:35:14 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\Programy użytkowe\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

PRC - [2003-10-16 18:07:10 | 000,024,576 | ---- | M] () -- C:\Program Files\Neostrada TP\CnxMon.exe



[color=#E56717]========== Modules (SafeList) ==========[/color]


MOD - [2010-08-12 21:28:45 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Rychu\OTL.exe

MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx



[color=#E56717]========== Win32 Services (SafeList) ==========[/color]


SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)

SRV - [2009-08-17 18:07:17 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Programy użytkowe\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)

SRV - [2009-08-17 18:07:01 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Programy użytkowe\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)

SRV - [2009-08-17 18:04:21 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Programy użytkowe\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)

SRV - [2009-08-17 17:58:55 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Programy użytkowe\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)

SRV - [2009-03-04 11:25:12 | 000,621,056 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2008-12-15 20:08:48 | 000,419,840 | ---- | M] (Ares Development Group) [On_Demand | Stopped] -- C:\Program Files\Programy użytkowe\Ares\chatServer.exe -- (AresChatServer)

SRV - [2003-03-09 21:31:02 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)



[color=#E56717]========== Driver Services (SafeList) ==========[/color]


DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\ZDPNDIS5.SYS -- (ZDPNDIS5)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\ZDCndis5.SYS -- (ZDCndis5)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\VcommMgr.sys -- (VcommMgr)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\VComm.sys -- (VComm)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\cmuda.sys -- (cmuda)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\BTHport.sys -- (BTHPORT)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\blueletaudio.sys -- (BlueletAudio)

DRV - [2009-12-06 15:03:27 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

DRV - [2009-08-17 18:06:43 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2009-08-17 18:05:52 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2009-08-17 18:05:37 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2009-08-17 18:04:40 | 000,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2009-08-17 18:04:29 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2009-08-17 18:03:21 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2009-06-24 14:52:53 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)

DRV - [2009-03-31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)

DRV - [2009-03-20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)

DRV - [2009-03-20 11:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)

DRV - [2009-03-20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)

DRV - [2009-02-09 07:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)

DRV - [2009-02-09 07:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)

DRV - [2009-02-09 07:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)

DRV - [2009-02-09 07:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)

DRV - [2009-01-08 00:39:36 | 000,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BtHidBus.sys -- (BtHidBus)

DRV - [2008-12-07 13:44:54 | 000,030,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs)

DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2008-07-02 15:58:48 | 000,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs)

DRV - [2008-04-14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)

DRV - [2007-01-16 13:52:20 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)

DRV - [2007-01-10 10:14:34 | 000,450,560 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WlanBZXP.sys -- (SG762_XP)

DRV - [2005-10-16 08:00:00 | 000,012,928 | ---- | M] (Bo Brantén) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\filedisk.sys -- (FileDisk)

DRV - [2005-05-17 14:48:21 | 000,050,176 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)

DRV - [2005-05-16 15:23:38 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)

DRV - [2005-05-16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)

DRV - [2005-04-30 15:50:20 | 000,011,860 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\vbtenum.sys -- (BTHidEnum)

DRV - [2005-04-30 15:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)

DRV - [2005-02-23 04:36:04 | 000,986,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2004-08-04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)

DRV - [2004-01-09 17:17:02 | 000,601,100 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)

DRV - [2003-12-11 17:54:14 | 000,391,424 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)

DRV - [2003-09-06 15:37:22 | 000,062,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)

DRV - [2003-09-06 14:27:06 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)

DRV - [2003-09-06 14:25:52 | 000,051,744 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)

DRV - [2003-09-06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)

DRV - [2003-08-13 09:27:22 | 000,065,280 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023)

DRV - [2003-07-01 22:42:00 | 000,027,904 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)

DRV - [2003-06-12 12:31:46 | 000,075,904 | R--- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viasraid.sys -- (viasraid)

DRV - [2001-10-26 16:45:20 | 000,042,560 | ---- | M] (Digi International, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\digirlpt.sys -- (DIGIRPS)



[color=#E56717]========== Standard Registry (SafeList) ==========[/color]



[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.1.11:80

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = 192.168.1.11


[color=#E56717]========== FireFox ==========[/color]


FF - prefs.js..browser.search.defaultengine: ""

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.defaultthis.engineName: ""

FF - prefs.js..browser.search.defaulturl: ""

FF - prefs.js..browser.search.order.1: ""

FF - prefs.js..browser.search.selectedEngine: "Wyszukiwanie filmĂłw wideo w YouTube"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"

FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:3.0.3

FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.1

FF - prefs.js..extensions.enabledItems: YoutubeDownloader@PeterOlayev.com:1.4

FF - prefs.js..extensions.enabledItems: chromifox@altmusictv.com:3.6.5

FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.90

FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="



FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Programy użytkowe\Mozilla Firefox\components [2010-07-26 14:36:33 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Programy użytkowe\Mozilla Firefox\plugins [2010-07-24 13:40:41 | 000,000,000 | ---D | M]


[2010-08-03 11:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Extensions

[2010-08-03 11:09:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2010-08-12 09:28:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\xdx93wz4.default\extensions

[2010-05-19 15:41:51 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\xdx93wz4.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}

[2010-05-19 15:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\xdx93wz4.default\extensions\chromifox@altmusictv.com

[2010-04-07 19:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\xdx93wz4.default\extensions\de-DE@dictionaries.addons.mozilla.org

[2009-09-13 12:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\xdx93wz4.default\extensions\en-US@dictionaries.addons.mozilla.org

[2010-07-15 20:40:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\xdx93wz4.default\extensions\YoutubeDownloader@PeterOlayev.com

[2010-05-19 15:41:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\xdx93wz4.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}\chrome\mozapps\extensions

[2010-06-03 11:45:12 | 000,001,728 | ---- | M] () -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\xdx93wz4.default\searchplugins\google-pl.xml

[2009-03-26 19:15:05 | 000,002,826 | ---- | M] () -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\xdx93wz4.default\searchplugins\nasza-klasapl.xml

[2010-08-11 17:18:11 | 000,002,039 | ---- | M] () -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\xdx93wz4.default\searchplugins\torrentyorg.xml

[2009-12-31 11:38:30 | 000,001,987 | ---- | M] () -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\xdx93wz4.default\searchplugins\wolframalpha.xml

[2009-06-29 14:53:16 | 000,001,972 | ---- | M] () -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\xdx93wz4.default\searchplugins\wrzuta.xml

[2009-06-28 15:15:07 | 000,000,963 | ---- | M] () -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\xdx93wz4.default\searchplugins\wyszukiwanie-filmw-wideo-w-youtube.xml

[2010-08-07 22:20:30 | 000,002,546 | ---- | M] () -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\xdx93wz4.default\searchplugins\wyszukiwarka-you-mppl.xml


O1 HOSTS File: ([2004-08-04 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O4 - HKLM..\Run: [avast!] C:\Program Files\Programy użytkowe\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)

O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)

O4 - HKLM..\Run: [RemoteControl] C:\Program Files\Programy użytkowe\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.)

O4 - HKLM..\Run: [WooCnxMon] C:\Program Files\Neostrada TP\CnxMon.exe ()

O4 - HKLM..\Run: [WOOTASKBARICON] C:\Program Files\Neostrada TP\TaskBarIcon.exe (France Télécom R&D)

O4 - HKCU..\Run: [ares] C:\Program Files\Programy użytkowe\Ares\Ares.exe (Ares Development Group)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe ()

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk = C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE ( )

O4 - Startup: C:\Documents and Settings\Dom\Menu Start\Programy\Autostart\MUZA [2010-05-04 11:27:22 | 000,000,000 | R--D | M]

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Programy użytkowe\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)

O15 - HKCU\..Trusted Domains: neostrada.pl ([www] http in Lokalny intranet)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1276936863859 (WUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [1998-09-30 14:14:38 | 000,000,606 | ---- | M] () - C:\AUTOEXEC.BAT -- [NTFS]

O33 - MountPoints2\{1175807a-1bd3-11de-9c91-0060b33cf7c6}\Shell - "" = AutoRun

O33 - MountPoints2\{e66ce964-ff8d-11de-a467-000d61bbc5bc}\Shell\AutoRun\command - "" = ngp8l.exe

O33 - MountPoints2\{e66ce964-ff8d-11de-a467-000d61bbc5bc}\Shell\open\Command - "" = ngp8l.exe

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*


[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]


[2010-08-11 21:45:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Dane aplikacji\Tonbrand

[2010-08-11 21:44:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations

[2010-08-09 09:17:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight

[2010-08-08 19:59:41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dom\Recent

[2010-07-30 22:32:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Pulpit\Gothic3_1.8 [PL]

[2010-07-29 18:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Pulpit\Nowa silver najnowsza [29.07.2010]

[2010-07-23 17:49:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Dom\Pulpit\Projekty stron

[2010-07-23 12:52:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Banner Maker Pro for Flash

[2010-07-18 10:47:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Moje dokumenty\Pobieranie

[2010-07-17 16:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter

[4 C:\Documents and Settings\Dom\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Dom\Moje dokumenty\*.tmp ->]


[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]


[2010-08-12 21:25:09 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8770FA42-DDFC-4D4D-843D-6E58A4F7C424}.job

[2010-08-12 19:19:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010-08-12 19:19:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010-08-12 18:35:48 | 000,889,832 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Zdjęcie2906.jpg

[2010-08-12 18:35:08 | 000,531,551 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Zdjęcie2905.jpg

[2010-08-12 18:34:54 | 000,559,100 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Zdjęcie2904.jpg

[2010-08-12 17:29:34 | 000,634,702 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Zdjęcie2903.jpg

[2010-08-12 17:05:12 | 008,126,464 | ---- | M] () -- C:\Documents and Settings\Dom\ntuser.dat

[2010-08-12 17:05:12 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Dom\ntuser.ini

[2010-08-12 16:46:57 | 000,100,374 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\virus.JPG

[2010-08-11 21:54:12 | 000,100,352 | ---- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010-08-09 12:48:08 | 000,018,345 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\tlo.JPG

[2010-08-09 12:24:06 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2010-08-09 12:17:38 | 000,022,528 | -H-- | M] () -- C:\Documents and Settings\Dom\Pulpit\photothumb.db

[2010-08-09 12:17:28 | 000,036,264 | ---- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

[2010-08-08 21:11:41 | 000,153,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010-08-07 11:24:40 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010-08-06 17:23:21 | 000,043,688 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\trawa_z_kaczka.JPG

[2010-08-03 15:27:42 | 000,094,441 | ---- | M] () -- C:\Documents and Settings\Dom\Moje dokumenty\mna1g-.gif

[2010-08-03 14:02:31 | 000,491,010 | ---- | M] () -- C:\Documents and Settings\Dom\Moje dokumenty\main.exe

[2010-08-03 10:21:08 | 000,000,262 | ---- | M] () -- C:\WINDOWS\RtlRack.ini

[2010-08-03 10:05:47 | 000,004,017 | ---- | M] () -- C:\Documents and Settings\Dom\.recently-used.xbel

[2010-08-02 13:58:02 | 000,680,901 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Zdjęcie2818.jpg

[2010-08-02 13:44:40 | 000,628,827 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Zdjęcie2817.jpg

[2010-08-02 13:44:32 | 000,625,447 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Zdjęcie2816.jpg

[2010-07-31 13:16:41 | 000,000,752 | ---- | M] () -- C:\WINDOWS\win.ini

[2010-07-30 22:31:57 | 000,145,810 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Gothic_3_[PL]_[DVD]_[Crack][Torrenty.org].torrent

[2010-07-23 15:58:28 | 000,645,624 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\n_v14.swf

[2010-07-23 12:44:26 | 000,075,776 | ---- | M] () -- C:\WINDOWS\cadkasdeinst01e.exe

[2010-07-23 11:51:58 | 007,464,338 | -H-- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2010-07-18 13:33:53 | 000,000,854 | ---- | M] () -- C:\WINDOWS\system.ini

[2010-07-18 13:33:53 | 000,000,211 | -HS- | M] () -- C:\boot.ini

[4 C:\Documents and Settings\Dom\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Dom\Moje dokumenty\*.tmp ->]


[color=#E56717]========== Files Created - No Company Name ==========[/color]


[2010-08-12 20:37:10 | 000,889,832 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Zdjęcie2906.jpg

[2010-08-12 20:37:09 | 000,531,551 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Zdjęcie2905.jpg

[2010-08-12 20:37:07 | 000,559,100 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Zdjęcie2904.jpg

[2010-08-12 20:37:05 | 000,634,702 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Zdjęcie2903.jpg

[2010-08-12 16:46:57 | 000,100,374 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\virus.JPG

[2010-08-09 12:17:15 | 000,018,345 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\tlo.JPG

[2010-08-06 17:23:21 | 000,043,688 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\trawa_z_kaczka.JPG

[2010-08-03 15:27:42 | 000,094,441 | ---- | C] () -- C:\Documents and Settings\Dom\Moje dokumenty\mna1g-.gif

[2010-08-03 14:01:48 | 000,491,010 | ---- | C] () -- C:\Documents and Settings\Dom\Moje dokumenty\main.exe

[2010-08-03 10:05:47 | 000,004,017 | ---- | C] () -- C:\Documents and Settings\Dom\.recently-used.xbel

[2010-08-02 20:03:21 | 000,680,901 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Zdjęcie2818.jpg

[2010-08-02 20:03:20 | 000,628,827 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Zdjęcie2817.jpg

[2010-08-02 20:03:20 | 000,625,447 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Zdjęcie2816.jpg

[2010-07-30 22:31:56 | 000,145,810 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Gothic_3_[PL]_[DVD]_[Crack][Torrenty.org].torrent

[2010-07-23 15:58:28 | 000,645,624 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\n_v14.swf

[2010-07-23 12:44:26 | 000,075,776 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01e.exe

[2010-07-09 14:00:38 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2010-06-07 22:20:22 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\aces.ini

[2010-06-03 11:26:11 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll

[2010-03-21 18:55:32 | 000,000,125 | ---- | C] () -- C:\WINDOWS\FlashDecompiler.INI

[2010-01-20 11:06:40 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2010-01-20 11:06:39 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2010-01-03 22:56:01 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2010-01-02 12:54:50 | 000,207,360 | ---- | C] () -- C:\WINDOWS\System32\evrprop.dll

[2010-01-02 12:54:37 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll

[2010-01-02 12:53:28 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll

[2010-01-02 12:53:26 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll

[2009-12-17 20:19:12 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll

[2009-12-17 20:19:12 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys

[2009-12-11 22:00:57 | 000,000,016 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2009-06-28 22:18:54 | 000,000,040 | ---- | C] () -- C:\WINDOWS\pipeta.INI

[2009-03-29 00:12:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\graphedit.INI

[2009-03-20 19:53:40 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll

[2009-03-20 19:53:39 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll

[2009-03-01 19:27:40 | 000,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\VBTEnum.sys

[2009-01-09 22:46:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\lgfwup.ini

[2008-12-27 17:15:50 | 000,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2008-12-27 17:15:50 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\23314D8C54.sys

[2008-12-07 13:44:54 | 000,030,088 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys

[2008-10-14 15:28:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqemlsz.INI

[2008-10-12 21:32:12 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI

[2008-10-05 13:58:56 | 000,000,078 | ---- | C] () -- C:\WINDOWS\TMASTER.INI

[2008-08-25 15:32:34 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\WLANUTL.dll

[2008-08-21 21:06:08 | 000,000,049 | ---- | C] () -- C:\WINDOWS\iltwain.ini

[2008-08-07 17:46:29 | 000,000,072 | ---- | C] () -- C:\WINDOWS\MediaManager.INI

[2008-07-30 18:46:16 | 000,000,772 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2008-07-18 20:32:32 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2008-07-12 12:35:37 | 000,000,262 | ---- | C] () -- C:\WINDOWS\RtlRack.ini

[2008-07-10 22:56:20 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2008-07-10 15:58:14 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2008-07-10 14:02:48 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini

[2008-07-10 14:02:47 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll

[2008-07-10 12:28:41 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini

[2008-07-10 12:28:41 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini

[2008-07-10 12:28:40 | 000,000,342 | ---- | C] () -- C:\WINDOWS\adiras.ini

[2008-07-10 12:28:38 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll

[2008-07-10 12:28:38 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll

[2008-07-10 12:28:14 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll

[2007-10-25 18:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2003-03-09 21:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll

[2003-02-18 19:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll

[2002-03-17 02:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000011.DLL


[color=#E56717]========== Alternate Data Streams ==========[/color]


@Alternate Data Stream - 229 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:8FF81EB0

@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:F4CA4D70

@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A9662AE0

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:18DB21EC

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DF462FF6

< End of report >

OTL Extras logfile created on: 2010-08-12 21:29:02 - Run 1

OTL by OldTimer - Version 3.2.9.1 Folder = D:\Rychu

Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd


511,00 Mb Total Physical Memory | 116,00 Mb Available Physical Memory | 23,00% Memory free

1,00 Gb Paging File | 1,00 Gb Available in Paging File | 51,00% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]


%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 29,30 Gb Total Space | 11,89 Gb Free Space | 40,56% Space Free | Partition Type: NTFS

Drive D: | 22,61 Gb Total Space | 18,96 Gb Free Space | 83,86% Space Free | Partition Type: NTFS

Drive E: | 22,64 Gb Total Space | 22,14 Gb Free Space | 97,77% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded


Computer Name: ŁU

Current User Name: Dom

Logged in as Administrator.


Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard


[color=#E56717]========== Extra Registry (SafeList) ==========[/color]



[color=#E56717]========== File Associations ==========[/color]


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

.js [@ = js_file] -- Reg Error: Key error. File not found


[color=#E56717]========== Shell Spawning ==========[/color]


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- "C:\Program Files\Programy użytkowe\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Programy użytkowe\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)

http [open] -- Reg Error: Key error.

https [open] -- Reg Error: Key error.

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)


[color=#E56717]========== Security Center Settings ==========[/color]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 1

"FirewallOverride" = 0


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"8461:TCP" = 8461:TCP:*:Enabled:GoD High Port

"8462:TCP" = 8462:TCP:*:Enabled:GoD Low Port

"13366:TCP" = 13366:TCP:*:Enabled:AresChatServer

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"17112:TCP" = 17112:TCP:*:Enabled:BitComet 17112 TCP

"17112:UDP" = 17112:UDP:*:Enabled:BitComet 17112 UDP

"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

"22951:TCP" = 22951:TCP:*:Enabled:BitComet 22951 TCP

"22951:UDP" = 22951:UDP:*:Enabled:BitComet 22951 UDP


[color=#E56717]========== Authorized Applications List ==========[/color]


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Programy użytkowe\Ares\Ares.exe" = C:\Program Files\Programy użytkowe\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group)

"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Kreator transferu plików i ustawień -- (Microsoft Corporation)

"E:\Program Files\Nowe Gadu-Gadu\gg.exe" = E:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu beta -- (GG Network S.A.)

"C:\Program Files\Programy użytkowe\Mozilla Firefox\firefox.exe" = C:\Program Files\Programy użytkowe\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)

"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)

"C:\Program Files\Programy użytkowe\Microsoft Office\Office10\WINWORD.EXE" = C:\Program Files\Programy użytkowe\Microsoft Office\Office10\WINWORD.EXE:*:Enabled:Microsoft Word -- (Microsoft Corporation)

"E:\Program Files\BitTornado\btdownloadgui.exe" = E:\Program Files\BitTornado\btdownloadgui.exe:*:Enabled:btdownloadgui -- ()

"E:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = E:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- File not found

"E:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = E:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- File not found

"E:\Program Files\Gadu-Gadu 10\gg.exe" = E:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- File not found



[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime

"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel

"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher

"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86

"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 17

"{2ED60C17-4568-4CD5-830A-03C4688B09A1}" = Sagem Wi-Fi 11g USB adapter (driver)

"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840

"{4B892137-6FB6-4622-B568-488E38F2E727}" = ATI Catalyst Control Center

"{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones

"{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon

"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = Nawigator obrazów i fotografii HP 2.0 - All-in-One Sterowniki

"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0

"{760B29F2-8663-419B-A025-5A55066E130B}" = Ulead Photo Express 6


"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver

"{82427977-8776-4087-90CA-9F65174D3C4D}" = Nokia Connectivity Cable Driver

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90280415-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional z programem FrontPage

"{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}" = VIA Integrated Setup Wizard

"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver

"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = Nawigator obrazów i fotografii HP 2.0 - All-in-One

"{9D2A93AF-1EA6-42C1-9D04-68EB51FD167B}" = PowerArchiver 2007 Polish - KomputerSWIAT

"{AAFD22B6-A6C7-4134-AF4E-080BCBCD3493}" = Sagem Wi-Fi 11g USB adapter (utility)

"{AC1E4C93-C1E7-11D6-9D10-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.0_03

"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.3 - Polish

"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer

"{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}" = PC Connectivity Solution

"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution

"{C900EF06-2E76-49C7-8DB0-41F629B21DC5}" = hp psc 1200 series

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt

"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio

"{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}" = livebox tp

"{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl

"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)

"6A630DCEC5EEC912115F2FF59D8C2C769798D930" = Pakiet sterowników systemu Windows - Nokia Modem (10/12/2007 3.6)

"819D45A9F73817F5B6D7C71A33ADAB88C5DA1765" = Pakiet sterowników systemu Windows - Nokia Modem (08/03/2007 6.84.0.2)

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI

"ALLConverter to 3GP_is1" = ALLConverter to 3GP

"ALLPlayer_is1" = ALLPlayer V4.X

"Ares" = Ares 2.1.1

"ATI Display Driver" = ATI Display Driver

"Audacity_is1" = Audacity 1.2.6

"avast!" = avast! Antivirus

"BitTornado" = BitTornado 0.3.18

"CCleaner" = CCleaner

"C-Media Audio Driver" = C-Media WDM Audio Driver

"Enable S3 for USB Device" = Enable S3 for USB Device

"HP PSC 1200 Series" = Nawigator obrazów i fotografii HP 2.0 - hp psc 1200 series

"ie8" = Windows Internet Explorer 8

"InstallShield_{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}" = VIA Integrated Setup Wizard

"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer

"Java Web Start" = Java Web Start

"kED_is1" = kED 2.1.4.0

"KLiteCodecPack_is1" = K-Lite Codec Pack 5.6.1 (Full)

"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0

"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)

"Nero - Burning Rom!UninstallKey" = Nero OEM

"Nowe Gadu-Gadu" = Nowe Gadu-Gadu

"PhotoScape" = PhotoScape

"RealAlt_is1" = Real Alternative 2.0.1 Lite

"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software

"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set

"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software

"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software

"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software

"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software

"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software

"wcmdmgr.exe" = WildTangent Updater

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"WinGimp-2.0_is1" = GIMP 2.6.7

"wtwav" = WildTangent Winamp Visualizer

"wtwebdriver" = WildTangent Web Driver


[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"WinImage" = WinImage


[color=#E56717]========== Last 10 Event Log Errors ==========[/color]


[Antivirus Events]

Error - 2010-04-03 02:48:57 | Computer Name = ŁUKASIEWICZ | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

 C:\DOCUMENTS AND SETTINGS\DOM\USTAWIENIA LOKALNE\DANE APLIKACJI\MICROSOFT\FEEDS\FEEDSSTORE.FEEDSDB-MS

 failed, 00000005.  


Error - 2010-04-03 05:09:12 | Computer Name = ŁUKASIEWICZ | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

 http://software.effectmatrix.com/total-video-converter/tvc361.exe failed, 00000084.



Error - 2010-04-07 04:01:43 | Computer Name = ŁUKASIEWICZ | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

 C:\DOCUMENTS AND SETTINGS\DOM\PULPIT\ISO3.DOC failed, 00000005.  


Error - 2010-04-24 14:20:51 | Computer Name = ŁUKASIEWICZ | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

 H:\nowe\17-konopians _ slodki sen.mp3 failed, 0000001E.  


Error - 2010-06-18 14:31:54 | Computer Name = ŁUKASIEWICZ | Source = avast! | ID = 33554522

Description = AAVM - scanning error: Aavm: FetchGlobalCounters cannot open mapping

 - server DOWN???, 00000002.  


Error - 2010-06-18 14:50:14 | Computer Name = ŁUKASIEWICZ | Source = avast! | ID = 33554522

Description = AAVM - scanning error: Aavm: FetchGlobalCounters cannot open mapping

 - server DOWN???, 00000002.  


Error - 2010-06-18 15:27:59 | Computer Name = ŁUKASIEWICZ | Source = avast! | ID = 33554522

Description = AAVM - scanning error: Aavm: FetchGlobalCounters cannot open mapping

 - server DOWN???, 00000002.  


Error - 2010-07-08 12:54:55 | Computer Name = ŁUKASIEWICZ | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

 C:\DOCUMENTS AND SETTINGS\DOM\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\XDX93WZ4.DEFAULT\PREFS.JS

 failed, 00000005.  


Error - 2010-07-08 12:54:55 | Computer Name = ŁUKASIEWICZ | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

 C:\DOCUMENTS AND SETTINGS\DOM\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\XDX93WZ4.DEFAULT\USER.JS

 failed, 00000005.  


Error - 2010-07-09 07:07:00 | Computer Name = ŁUKASIEWICZ | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

 C:\DOCUMENTS AND SETTINGS\DOM\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\XDX93WZ4.DEFAULT\PREFS.JS

 failed, 00000005.  


[Application Events]

Error - 2010-07-18 07:19:50 | Computer Name = ŁUKASIEWICZ | Source = WmiAdapter | ID = 4099

Description = Otwarcie usługi nie powiodło się.


Error - 2010-07-19 09:46:55 | Computer Name = ŁUKASIEWICZ | Source = Application Hang | ID = 1002

Description = Aplikacja zawieszająca wmplayer.exe, wersja 11.0.5721.5145, moduł 

zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.


Error - 2010-07-19 09:46:56 | Computer Name = ŁUKASIEWICZ | Source = Application Hang | ID = 1002

Description = Aplikacja zawieszająca wmplayer.exe, wersja 11.0.5721.5145, moduł 

zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.


Error - 2010-07-19 09:46:57 | Computer Name = ŁUKASIEWICZ | Source = Application Hang | ID = 1002

Description = Aplikacja zawieszająca wmplayer.exe, wersja 11.0.5721.5145, moduł 

zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.


Error - 2010-07-19 09:46:58 | Computer Name = ŁUKASIEWICZ | Source = Application Hang | ID = 1002

Description = Aplikacja zawieszająca wmplayer.exe, wersja 11.0.5721.5145, moduł 

zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.


Error - 2010-07-19 09:47:02 | Computer Name = ŁUKASIEWICZ | Source = Application Hang | ID = 1002

Description = Aplikacja zawieszająca wmplayer.exe, wersja 11.0.5721.5145, moduł 

zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.


Error - 2010-07-20 12:15:18 | Computer Name = ŁUKASIEWICZ | Source = Application Hang | ID = 1002

Description = Aplikacja zawieszająca ALLPlayer.exe, wersja 4.4.6.9, moduł zawieszenia

 hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.


Error - 2010-07-29 11:32:31 | Computer Name = ŁUKASIEWICZ | Source = Application Hang | ID = 1002

Description = Aplikacja zawieszająca gg.exe, wersja 8.0.0.10102, moduł zawieszenia

 hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.


Error - 2010-08-02 15:07:50 | Computer Name = ŁUKASIEWICZ | Source = Application Hang | ID = 1002

Description = Aplikacja zawieszająca rundll32.exe, wersja 5.1.2600.5512, moduł zawieszenia

 hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.


Error - 2010-08-12 08:58:17 | Computer Name = ŁUKASIEWICZ | Source = Application Hang | ID = 1002

Description = Aplikacja zawieszająca RunHttpCfg.exe, wersja 1.0.0.1, moduł zawieszenia

 hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.


[System Events]

Error - 2010-08-05 06:13:35 | Computer Name = ŁUKASIEWICZ | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd „%1055” podczas próby uruchomienia usługi 

winmgmt z argumentami „” w celu uruchomienia serwera: {8BC3F05E-D86B-11D0-A075-00C04FB68820}


Error - 2010-08-06 10:05:38 | Computer Name = ŁUKASIEWICZ | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd „%1055” podczas próby uruchomienia usługi 

winmgmt z argumentami „” w celu uruchomienia serwera: {8BC3F05E-D86B-11D0-A075-00C04FB68820}


Error - 2010-08-08 09:38:02 | Computer Name = ŁUKASIEWICZ | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd „%1055” podczas próby uruchomienia usługi 

winmgmt z argumentami „” w celu uruchomienia serwera: {8BC3F05E-D86B-11D0-A075-00C04FB68820}


Error - 2010-08-09 05:32:02 | Computer Name = ŁUKASIEWICZ | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd „%1055” podczas próby uruchomienia usługi 

winmgmt z argumentami „” w celu uruchomienia serwera: {8BC3F05E-D86B-11D0-A075-00C04FB68820}


Error - 2010-08-09 05:32:02 | Computer Name = ŁUKASIEWICZ | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd „%1055” podczas próby uruchomienia usługi 

SENS z argumentami „” w celu uruchomienia serwera: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}


Error - 2010-08-11 06:21:02 | Computer Name = ŁUKASIEWICZ | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd „%1055” podczas próby uruchomienia usługi 

SENS z argumentami „” w celu uruchomienia serwera: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}


Error - 2010-08-11 06:21:02 | Computer Name = ŁUKASIEWICZ | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd „%1055” podczas próby uruchomienia usługi 

winmgmt z argumentami „” w celu uruchomienia serwera: {8BC3F05E-D86B-11D0-A075-00C04FB68820}


Error - 2010-08-12 04:24:52 | Computer Name = ŁUKASIEWICZ | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd „%1055” podczas próby uruchomienia usługi 

winmgmt z argumentami „” w celu uruchomienia serwera: {8BC3F05E-D86B-11D0-A075-00C04FB68820}


Error - 2010-08-12 04:24:52 | Computer Name = ŁUKASIEWICZ | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd „%1055” podczas próby uruchomienia usługi 

EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}


Error - 2010-08-12 10:08:04 | Computer Name = ŁUKASIEWICZ | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd „%1055” podczas próby uruchomienia usługi 

winmgmt z argumentami „” w celu uruchomienia serwera: {8BC3F05E-D86B-11D0-A075-00C04FB68820}



< End of report >
#4

Oczywiście że usunąć i daj z niego loga.

Następnie daj nowe logi z OTL

Zawartość logów ( otl.txt i extras.txt ) wklej na http://www.wklej.org lub http://www.wklej.to, nie na forum ale ręcznie kopiuj > wklej z notatnika w pole do wklejania tekstu a w poście daj link.

#5

malwarebytes antimalware nic nie wykrył zaraz będą logi.

Dodane 13.08.2010 (Pt) 9:56

extras.txt coś mi nie pokazało.

http://www.wklej.org/id/376071/

#6

No a gdzie ważniejszy OTL.txt ?

#7

http://www.wklej.org/id/376071/

no dałem otl

#8

W OTL w dolne okienko , Własne opcje skanowania / skrypt " wklej:

Kliknij : Wykonaj Skrypt, Zrestartuj komputer

Potem daj raport który wyskoczy po usuwaniu, oraz wykonaj nowy log OTLem

#9

Sory za opóźnienie…

http://www.wklej.org/id/379829/

Dodane 20.08.2010 (Pt) 21:32

http://www.wklej.org/id/379833/

#10

Log ogólnie jest czysty

W OTL kliknij na przycisk , CleanUp " Sprzątanie - to usunie OTL i wszystkie resztki po nim.

#11

Dziękuję bardzo…