ComboFix mi nie dziala, nie wiem czemu. Dlatego daje log z dss.
Zawartosc main.txt :
Deckard's System Scanner v20071014.68
Run by JA on 2008-07-03 13:31:24
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Unable to create WMI object; Operacja ukończona pomyślnie.
Backed up registry hives.
Performed disk cleanup.
[color=red]System Drive C: has 3 GiB (less than 15%) free.[/color]
-- HijackThis (run as JA.exe) --------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 13:33:30, on 2008-07-03
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20696)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LClock\LClock.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\NEOSTR~1\TaskBarIcon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\PSIService.exe
C:\PROGRA~1\NEOSTR~1\neostradatp.exe
C:\PROGRA~1\NEOSTR~1\ComComp.exe
C:\PROGRA~1\NEOSTR~1\Toaster.exe
C:\PROGRA~1\NEOSTR~1\Inactivity.exe
C:\PROGRA~1\NEOSTR~1\PollingModule.exe
C:\PROGRA~1\NEOSTR~1\Watch.exe
C:\Documents and Settings\JA\Pulpit\dss.exe
C:\DOCUME~1\JA\Pulpit\HIJACK~1\JA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = neostrada tp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Ulubione
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Pro\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Pro\Add_AllO.htm
O9 - Extra button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DBB9270C-25DC-40B2-A37C-F79FD01216F4}: NameServer = 194.204.159.1 217.98.63.164
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" -r (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
-- HijackThis Fixed Entries (C:\DOCUME~1\JA\Pulpit\HIJACK~1\backups\) ----------
backup-20080703-080910-150 O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)
backup-20080703-080910-266 O2 - BHO: PK IE Plugin - {1E1B2879-88FF-11D3-8D96-D7ACAC95951A} - C:\WINDOWS\system32\Java(TM) Platform SEwb.dll
backup-20080703-080910-349 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/pl/
backup-20080703-081900-445 O4 - HKCU\..\Run: [Patched] C:\WINDOWS\patched.exe
-- File Associations -----------------------------------------------------------
[COLOR=red].bat - batfile - DefaultIcon - C:\Program Files\Stardock\Object Desktop\IconPackager\Themes\ShinyBlack\Mad-B ShinyBlack.icl,50[/COLOR]
[COLOR=red].cmd - cmdfile - DefaultIcon - C:\Program Files\Stardock\Object Desktop\IconPackager\Themes\ShinyBlack\Mad-B ShinyBlack.icl,50[/COLOR]
[COLOR=red].chm - chm.file - DefaultIcon - C:\Program Files\Stardock\Object Desktop\IconPackager\Themes\ShinyBlack\Mad-B ShinyBlack.icl,60[/COLOR]
[COLOR=red].cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*[/COLOR]
[COLOR=red].cpl - cplfile - shell\runas\command - unable to read value[/COLOR]
[COLOR=red].hlp - hlpfile - DefaultIcon - C:\Program Files\Stardock\Object Desktop\IconPackager\Themes\ShinyBlack\Mad-B ShinyBlack.icl,65[/COLOR]
[COLOR=red].inf - inffile - DefaultIcon - C:\Program Files\Stardock\Object Desktop\IconPackager\Themes\ShinyBlack\Mad-B ShinyBlack.icl,85[/COLOR]
[COLOR=red].ini - inifile - DefaultIcon - C:\Program Files\Stardock\Object Desktop\IconPackager\Themes\ShinyBlack\Mad-B ShinyBlack.icl,40[/COLOR]
[COLOR=red].js - JSFile - DefaultIcon - C:\Program Files\Stardock\Object Desktop\IconPackager\Themes\ShinyBlack\Mad-B ShinyBlack.icl,69[/COLOR]
[COLOR=red].reg - regfile - DefaultIcon - C:\Program Files\Stardock\Object Desktop\IconPackager\Themes\ShinyBlack\Mad-B ShinyBlack.icl,97[/COLOR]
[COLOR=red].reg - regfile - shell\open\command - "regedit.exe" "%1"[/COLOR]
[COLOR=red].txt - txtfile - DefaultIcon - C:\Program Files\Stardock\Object Desktop\IconPackager\Themes\ShinyBlack\Mad-B ShinyBlack.icl,51[/COLOR]
[COLOR=red].vbs - VBSFile - DefaultIcon - C:\Program Files\Stardock\Object Desktop\IconPackager\Themes\ShinyBlack\Mad-B ShinyBlack.icl,99[/COLOR]
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R3 Stmatm (ATM/ADSL miniport) - c:\windows\system32\drivers\stmatm.sys
R3 TaurusUsb (ADSL Modem USB Service) - c:\windows\system32\drivers\torususb.sys
S3 PCAMPR5 (PCAMPR5 NDIS Protocol Driver) - c:\windows\system32\pcampr5.sys (file missing)
S3 PCANDIS5 (PCANDIS5 NDIS Protocol Driver) - c:\windows\system32\pcandis5.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 FTRTSVC (France Telecom Routing Table Service) - c:\windows\system32\ftrtsvc.exe
R2 ProtexisLicensing - c:\windows\system32\psiservice.exe
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Files created between 2008-06-03 and 2008-07-03 -----------------------------
2008-07-03 13:29:45 394240 --a------ C:\WINDOWS\system32\CF12355.exe
2008-07-03 13:29:14 394240 --a------ C:\WINDOWS\system32\CF12250.exe
2008-07-03 13:29:10 0 d-------- C:\327882R2FWJFW
2008-06-28 20:51:32 0 d-------- C:\Program Files\ASIO4ALL v2
2008-06-27 06:40:53 0 d-------- C:\Program Files\DAEMON Tools Lite
2008-06-26 14:11:31 0 d-------- C:\Automap
2008-06-26 09:54:43 0 d-------- C:\Program Files\Tibia
2008-06-26 07:20:28 0 d-------- C:\Program Files\MSBuild
2008-06-26 07:20:24 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-06-26 07:20:19 0 d-------- C:\Program Files\Reference Assemblies
2008-06-23 14:23:38 0 d-------- C:\WINDOWS\DF5A03CCD5AA43D8B948D9903F2AF94A.TMP
2008-06-19 14:01:16 0 d-------- C:\Program Files\Asprate
2008-06-17 19:48:39 0 d--h----- C:\WINDOWS\PIF
2008-06-17 18:50:59 0 d-------- C:\WINDOWS\WindowsAdministration
2008-06-14 17:24:06 96966 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-06-14 17:24:06 88774 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-06-14 17:23:43 507936 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-14 17:23:43 3143200 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-14 17:23:43 0 d-------- C:\Program Files\Kaspersky Lab
2008-06-14 15:03:12 0 d-------- C:\Program Files\Aston
2008-06-11 18:54:19 0 d-------- C:\Program Files\RME
2008-06-11 09:29:59 86016 -----n--- C:\WINDOWS\unvise32.exe
2008-06-09 18:29:03 0 d-------- C:\Program Files\Hamachi
2008-06-07 15:50:47 0 d-------- C:\Program Files\Graffiti Studio 2.0
2008-06-06 18:38:42 0 d-------- C:\Program Files\Xilisoft
2008-06-05 16:19:11 0 d-------- C:\Program Files\Belt Generator
2008-06-05 08:17:54 0 d-------- C:\download
2008-06-05 07:56:55 0 d-------- C:\Program Files\Offline Explorer Pro
2008-06-04 17:42:35 0 d-------- C:\Program Files\Robster Productions
2008-06-03 19:58:39 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-03 19:57:33 0 d-------- C:\WINDOWS\Cache
-- Find3M Report ---------------------------------------------------------------
2008-07-03 13:29:33 0 d-------- C:\Program Files\neostrada tp
2008-07-03 12:52:06 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Hamachi
2008-07-03 06:10:06 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\uTorrent
2008-07-02 16:28:15 0 d-------- C:\Program Files\AIMP2
2008-07-02 11:56:16 5018 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-07-02 11:56:16 168 -r-hs---- C:\WINDOWS\system32\61A95D1343.sys
2008-07-01 07:38:56 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\FileZilla
2008-06-30 23:58:22 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Thinstall
2008-06-30 23:38:07 0 d-------- C:\Program Files\VstPlugins
2008-06-30 12:04:22 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Tibia
2008-06-29 12:21:33 0 d-------- C:\Program Files\Image-Line
2008-06-29 12:18:11 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Juce VST Host
2008-06-27 06:38:18 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\DAEMON Tools
2008-06-26 07:20:51 471010 --a------ C:\WINDOWS\system32\perfh015.dat
2008-06-26 07:20:51 76116 --a------ C:\WINDOWS\system32\perfc015.dat
2008-06-25 10:22:24 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Offline Explorer
2008-06-21 10:51:03 0 d-------- C:\Program Files\Common Files
2008-06-20 15:27:15 0 d-------- C:\Program Files\Mozilla Thunderbird
2008-06-14 15:54:03 0 --a------ C:\Program Files\AstonWriteTest.txt
2008-06-14 15:54:03 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Aston
2008-06-14 12:45:01 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Nero
2008-06-13 21:29:24 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Corel
2008-06-13 15:50:31 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-06-12 10:45:48 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Mozilla
2008-06-12 10:45:47 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Thunderbird
2008-06-07 10:58:46 0 d-------- C:\Program Files\Silkroad
2008-06-03 19:58:58 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Adobe
2008-05-31 16:40:59 0 d-------- C:\Program Files\OpenAL
2008-05-31 16:25:08 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-31 16:24:27 0 d-------- C:\Program Files\Codemasters
2008-05-29 22:56:35 1424 --a------ C:\WINDOWS\mozver.dat
2008-05-29 22:56:32 0 d-------- C:\Program Files\DivX
2008-05-29 13:29:20 0 d-------- C:\Program Files\WebServ
2008-05-29 09:11:21 0 d-------- C:\Program Files\windows nt
2008-05-29 09:11:21 0 d-------- C:\Program Files\msn gaming zone
2008-05-29 09:11:21 0 d-------- C:\Program Files\movie maker
2008-05-29 09:11:21 0 d-------- C:\Program Files\microsoft frontpage
2008-05-29 09:11:21 0 d-------- C:\Program Files\Common Files\speechengines
2008-05-28 15:07:49 20898 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
2008-05-28 15:07:49 164352 --a------ C:\WINDOWS\system32\SpoonUninstall.exe
2008-05-28 15:07:47 0 d-------- C:\Program Files\Illustrate
2008-05-28 07:19:15 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Dev-Cpp
2008-05-26 07:38:13 0 d-------- C:\Program Files\Banner Maker Pro 7
2008-05-25 11:12:37 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Sony
2008-05-25 10:05:24 0 d-------- C:\Program Files\Common Files\Stardock
2008-05-25 10:05:22 0 d-------- C:\Program Files\Stardock
2008-05-24 21:35:11 0 d-------- C:\Program Files\QT Lite
2008-05-24 21:34:53 0 d-------- C:\Program Files\Apple Software Update
2008-05-24 13:50:17 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Reallusion
2008-05-24 12:29:54 0 d-------- C:\Program Files\VirtualDJ
2008-05-23 21:52:06 0 d-------- C:\Program Files\Gadu-Gadu
2008-05-22 07:12:21 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Touchstone
2008-05-21 23:46:21 0 d-------- C:\Program Files\Touchstone
2008-05-21 23:13:43 0 d-------- C:\Program Files\AGEIA Technologies
2008-05-21 23:13:15 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-21 14:04:21 0 d-------- C:\Program Files\NAPI-PROJEKT
2008-05-20 18:30:22 0 d-------- C:\Program Files\FileZilla FTP Client
2008-05-20 18:23:40 0 d-------- C:\Program Files\Total Commander
2008-05-20 18:16:41 0 d-------- C:\Program Files\PhotoFiltre
2008-05-18 16:15:17 0 d-------- C:\Program Files\Sony
2008-05-17 13:31:11 0 d-------- C:\Program Files\SubEdit-Player
2008-05-17 09:43:16 14 --a------ C:\WINDOWS\system32\systeminfo.dll
2008-05-15 20:22:10 0 d-------- C:\Program Files\BearShare
2008-05-15 13:33:06 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\InstallShield
2008-05-15 13:31:37 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Ubisoft
2008-05-15 10:03:11 0 d-------- C:\Program Files\Syncrosoft
2008-05-15 09:35:57 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Steinberg
2008-05-14 06:08:27 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Publish Providers
2008-05-13 21:24:39 0 d-------- C:\Program Files\XN Resource Editor
2008-05-13 21:21:48 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\PE Explorer
2008-05-13 19:48:02 0 d-------- C:\Program Files\Common Files\Thraex Software
2008-05-13 17:35:41 378416 --a------ C:\WINDOWS\system32\decrypter.exe
2008-05-13 14:55:13 8 --a------ C:\WINDOWS\system32\nvModes.dat
2008-05-13 12:38:49 0 --a------ C:\WINDOWS\nsreg.dat
2008-05-13 10:58:31 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Gadu-Gadu
2008-05-13 10:50:11 0 d-------- C:\Program Files\Outsim
2008-05-13 10:30:23 0 d-------- C:\Program Files\Common Files\ODBC
2008-05-13 10:30:09 62 --ahs---- C:\Documents and Settings\JA\Dane aplikacji\desktop.ini
2008-05-13 10:27:00 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Media Player Classic
2008-05-13 10:20:47 0 d-------- C:\Program Files\uTorrent
2008-05-13 10:17:50 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Talkback
2008-05-13 10:08:43 0 d-------- C:\Program Files\VS Revo Group
2008-05-13 10:04:18 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Creative
2008-05-13 09:41:13 0 d-------- C:\Program Files\ZTE ZXDSL 852
2008-05-13 09:40:55 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Macromedia
2008-05-13 09:34:54 0 d-------- C:\Program Files\Alcohol Soft
2008-05-13 09:32:55 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\GRETECH
2008-05-13 09:19:14 0 d-------- C:\Program Files\Creative
2008-05-13 09:17:54 0 d-------- C:\Program Files\Common Files\InstallShield
2008-05-13 09:15:24 0 d-------- C:\Program Files\Intel
2008-05-13 08:42:23 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Identities
2008-05-13 08:41:06 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-05-13 08:41:06 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\SUPERAntiSpyware.com
2008-05-13 08:40:58 0 d-------- C:\Program Files\OO Software
2008-05-13 08:40:36 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-05-13 08:40:34 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Real
2008-05-13 08:40:31 0 d-------- C:\Program Files\Java
2008-05-13 08:40:20 0 d-------- C:\Program Files\Common Files\Java
2008-05-13 08:40:10 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\Sun
2008-05-13 08:40:04 0 d-------- C:\Program Files\GRETECH
2008-05-13 08:38:58 0 d-------- C:\Program Files\Nero
2008-05-13 08:38:57 0 d-------- C:\Program Files\Common Files\Nero
2008-05-13 08:38:44 0 d-------- C:\Program Files\Foxit Reader
2008-05-13 08:38:18 0 d-------- C:\Program Files\MSXML 4.0
2008-05-13 08:38:14 0 d-------- C:\Program Files\MSXML 6.0
2008-05-13 08:37:54 0 -rahs---- C:\MSDOS.SYS
2008-05-13 08:37:54 0 -rahs---- C:\IO.SYS
2008-05-13 08:37:54 0 --a------ C:\CONFIG.SYS
2008-05-13 08:37:54 0 --a------ C:\AUTOEXEC.BAT
2008-05-13 08:37:15 0 d--h----- C:\Program Files\WindowsUpdate
2008-05-13 08:37:04 0 d-------- C:\Program Files\Common Files\MSSoap
2008-05-13 08:36:48 21856 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-05-13 08:35:55 0 d-------- C:\Documents and Settings\JA\Dane aplikacji\WinRAR
2008-05-13 08:35:50 0 d-------- C:\Program Files\Utilities
2008-05-13 08:35:47 0 d-------- C:\Program Files\Windows Sidebar
2008-05-13 08:35:46 0 d-------- C:\Program Files\CCleaner
2008-05-13 08:35:44 0 d-------- C:\Program Files\LClock
2008-05-13 08:35:44 0 d-------- C:\Program Files\Desktop
2008-05-13 08:35:16 0 d-------- C:\Program Files\Windows Media Connect 2
2008-05-04 11:11:32 2482176 --a------ C:\WINDOWS\system32\FerOTS.exe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
-- End of Deckard's System Scanner: finished at 2008-07-03 13:33:44 ------------
Zawartosc extra.txt :
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: Polish
CPU 0: Intel(R) Core(TM)2 CPU 4300 @ 1.80GHz
CPU 1: Intel(R) Core(TM)2 CPU 4300 @ 1.80GHz
Percentage of Memory in Use: 16%
Physical Memory (total/avail): 2046.42 MiB / 1710.82 MiB
Pagefile Memory (total/avail): 4001.3 MiB / 3750.43 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1925.15 MiB
C: is Fixed (NTFS) - 27.35 GiB total, 3 GiB free.
D: is Fixed (NTFS) - 82.63 GiB total, 9.92 GiB free.
E: is Fixed (NTFS) - 39.07 GiB total, 11.15 GiB free.
F: is CDROM (No Media)
G: is CDROM (No Media)
H: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - ST3160811AS - 149.05 GiB - 3 partitions
\PARTITION0 (bootable) - Instalowalny system plików - 27.35 GiB - C:
\PARTITION1 - Rozszerzona z rozszerzonym przerwaniem 13 - 121.7 GiB - D: - E:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\JA\Dane aplikacji
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_04\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=SPEED_XP
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\JA
LOGONSERVER=\\SPEED_XP
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QT Lite\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 2, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f02
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_04\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\JA\USTAWI~1\Temp
TMP=C:\DOCUME~1\JA\USTAWI~1\Temp
USERDOMAIN=SPEED_XP
USERNAME=JA
USERPROFILE=C:\Documents and Settings\JA
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
JA [I](admin)[/I]
Marcin [I](admin)[/I]
-- Add/Remove Programs ---------------------------------------------------------
-- Application Event Log -------------------------------------------------------
Event Record #/Type2055 / Warning
Event Submitted/Written: 07/03/2008 01:06:16 PM
Event ID/Source: 60 / WinMgmt
Event Description:
Protokół WMI ADAP nie mógł przetworzyć bibliotek wydajności: 0x80041001.
Event Record #/Type2053 / Error
Event Submitted/Written: 07/03/2008 01:02:06 PM
Event ID/Source: 1007 / Userenv
Event Description:
System Windows nie może określić skojarzonej lokacji dla tego komputera. (Serwer RPC jest niedostępny. ). Przetwarzanie zasad grupy zostało przerwane.
Event Record #/Type2052 / Error
Event Submitted/Written: 07/03/2008 01:02:06 PM
Event ID/Source: 1007 / Userenv
Event Description:
System Windows nie może określić skojarzonej lokacji dla tego komputera. (Serwer RPC jest niedostępny. ). Przetwarzanie zasad grupy zostało przerwane.
Event Record #/Type2050 / Error
Event Submitted/Written: 07/03/2008 00:03:59 PM
Event ID/Source: 1007 / Userenv
Event Description:
System Windows nie może określić skojarzonej lokacji dla tego komputera. (Serwer RPC jest niedostępny. ). Przetwarzanie zasad grupy zostało przerwane.
Event Record #/Type2049 / Error
Event Submitted/Written: 07/03/2008 11:44:00 AM
Event ID/Source: 1007 / Userenv
Event Description:
System Windows nie może określić skojarzonej lokacji dla tego komputera. (Serwer RPC jest niedostępny. ). Przetwarzanie zasad grupy zostało przerwane.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type3253 / Warning
Event Submitted/Written: 06/30/2008 10:06:54 AM
Event ID/Source: 1073 / USER32
Event Description:
Próba wyłączenie zasilania SPEED_XP nie powiodła się
Event Record #/Type3108 / Error
Event Submitted/Written: 06/26/2008 09:22:58 PM
Event ID/Source: 59 / SideBySide
Event Description:
Generate Activation Context nie powiodło się dla D:\Program Files\Tibia810\TibiaTekBot Injected DLL.dll.
Odpowiedni komunikat o błędzie: Operacja ukończona pomyślnie.
.
Event Record #/Type3107 / Error
Event Submitted/Written: 06/26/2008 09:22:58 PM
Event ID/Source: 59 / SideBySide
Event Description:
Resolve Partial Assembly nie powiodło się dla Microsoft.VC90.DebugCRT.
Odpowiedni komunikat o błędzie: Odnośny zestaw nie jest zainstalowany w tym systemie.
.
Event Record #/Type3106 / Error
Event Submitted/Written: 06/26/2008 09:22:57 PM
Event ID/Source: 32 / SideBySide
Event Description:
Nie można odnaleźć zestawu zależnego Microsoft.VC90.DebugCRT; ostatni błąd: Odnośny zestaw nie jest zainstalowany w tym systemie.
Event Record #/Type2386 / Error
Event Submitted/Written: 06/14/2008 04:50:00 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Nie można uruchomić usługi Kaspersky Internet Security 7.0 z powodu następującego błędu:
%%3
-- End of Deckard's System Scanner: finished at 2008-07-03 13:33:44 ------------