Witam,otóż mam znany problem ze stroną startową qooqle. Próbowałem odpalić CCleanera,ale włącza się na 1 sek i się wyłącza ;/,to samo jest z OTL gdy chciałem wykonać skany rejestru. Wykonałem skan całego systemu,jest czysty. Co mam zrobić?
Nie mam jak wkleić tego tekstu,bo OTL włącza się na 1 sek i zaraz wyłącza. Zdążyłem jednak nacisnąć enter i zaczęło się skanowanie,być może to coś pomoże.
Plik Extras
OTL Extras logfile created on: 2011-08-24 19:51:46 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Karol\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1023,48 Mb Total Physical Memory | 352,50 Mb Available Physical Memory | 34,44% Memory free
2,40 Gb Paging File | 1,90 Gb Available in Paging File | 78,94% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 10,74 Gb Total Space | 2,04 Gb Free Space | 18,95% Space Free | Partition Type: NTFS
Drive D: | 39,22 Gb Total Space | 31,08 Gb Free Space | 79,24% Space Free | Partition Type: NTFS
Drive F: | 26,36 Gb Total Space | 7,66 Gb Free Space | 29,05% Space Free | Partition Type: NTFS
Computer Name: KAROL-0B32C6FEA | User Name: Karol | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- F:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Karol\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Karol\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[color=#E56717]========== System Restore Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- (MusicLab, LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"F:\Nowe Gadu-Gadu\gg.exe" = F:\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu -- (GG Network S.A.)
"F:\Metin2\metin2.bin" = F:\Metin2\metin2.bin:*:Enabled:metin2
"F:\Metin2\metin2client.bin" = F:\Metin2\metin2client.bin:*:Enabled:metin2client
"D:\Drukarka HP\Digital Imaging\bin\hpqtra08.exe" = D:\Drukarka HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"D:\Drukarka HP\Digital Imaging\bin\hpqste08.exe" = D:\Drukarka HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"D:\Drukarka HP\Digital Imaging\bin\hpofxm08.exe" = D:\Drukarka HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"D:\Drukarka HP\Digital Imaging\bin\hposfx08.exe" = D:\Drukarka HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"D:\Drukarka HP\Digital Imaging\bin\hposid01.exe" = D:\Drukarka HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"D:\Drukarka HP\Digital Imaging\bin\hpqscnvw.exe" = D:\Drukarka HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"D:\Drukarka HP\Digital Imaging\bin\hpqkygrp.exe" = D:\Drukarka HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"D:\Drukarka HP\Digital Imaging\bin\hpqCopy.exe" = D:\Drukarka HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"D:\Drukarka HP\Digital Imaging\bin\hpfccopy.exe" = D:\Drukarka HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"D:\Drukarka HP\Digital Imaging\bin\hpzwiz01.exe" = D:\Drukarka HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"D:\Drukarka HP\Digital Imaging\Unload\HpqPhUnl.exe" = D:\Drukarka HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"D:\Drukarka HP\Digital Imaging\Unload\HpqDIA.exe" = D:\Drukarka HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"D:\Drukarka HP\Digital Imaging\bin\hpoews01.exe" = D:\Drukarka HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Documents and Settings\Karol\Pulpit\DragonMT2\DragonMT2.exe" = C:\Documents and Settings\Karol\Pulpit\DragonMT2\DragonMT2.exe:*:Enabled:DragonMT2
"C:\Documents and Settings\Karol\Pulpit\DragonMT2\metin2mod_2011sf.exe" = C:\Documents and Settings\Karol\Pulpit\DragonMT2\metin2mod_2011sf.exe:*:Enabled:Metin2Mod
"C:\Documents and Settings\Karol\Pulpit\EliteMt2+Kamer Mod\metin2mod_2011sf.exe" = C:\Documents and Settings\Karol\Pulpit\EliteMt2+Kamer Mod\metin2mod_2011sf.exe:*:Enabled:Metin2Mod
"C:\Documents and Settings\Karol\Pulpit\EliteMT2\EliteMT2.exe" = C:\Documents and Settings\Karol\Pulpit\EliteMT2\EliteMT2.exe:*:Enabled:EliteMT2
"C:\Documents and Settings\Karol\Pulpit\EliteMt2+Kamer Mod\DragonMT2.exe" = C:\Documents and Settings\Karol\Pulpit\EliteMt2+Kamer Mod\DragonMT2.exe:*:Enabled:DragonMT2
"F:\Metin2\metin2mod_2011sf.exe" = F:\Metin2\metin2mod_2011sf.exe:*:Enabled:Metin2Mod
"F:\Metin2\DolionMt2 dawidek00 Mpc.exe" = F:\Metin2\DolionMt2 dawidek00 Mpc.exe:*:Enabled:DolionMt2 dawidek00 Mpc
"F:\Metin2\DorlionMt2 By AntonioxBazzaR.exe" = F:\Metin2\DorlionMt2 By AntonioxBazzaR.exe:*:Enabled:DorlionMt2 By AntonioxBazzaR
"F:\Metin2\VipMt2.exe" = F:\Metin2\VipMt2.exe:*:Enabled:VipMt2
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- (MusicLab, LLC)
"F:\uTorrent\uTorrent.exe" = F:\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"F:\Speedway Liga\Speedway_DLC.exe" = F:\Speedway Liga\Speedway_DLC.exe:*:Enabled:Speedway League DLC
"F:\Metin2\Venise.exe" = F:\Metin2\Venise.exe:*:Enabled:Venise
"F:\Metin2\Newskyworldmt2.exe" = F:\Metin2\Newskyworldmt2.exe:*:Enabled:Newskyworldmt2
"F:\Metin2\nswmt2.exe" = F:\Metin2\nswmt2.exe:*:Enabled:nswmt2
"F:\Metin2\SirBaldur By Zarobek.exe" = F:\Metin2\SirBaldur By Zarobek.exe:*:Enabled:SirBaldur By Zarobek
"F:\Metin2\Metin2ModUnited.exe" = F:\Metin2\Metin2ModUnited.exe:*:Enabled:Metin2ModUnited
"F:\Metin2\Metin2ModShenlong.exe" = F:\Metin2\Metin2ModShenlong.exe:*:Enabled:Metin2ModShenlong
"F:\Metin2\XenoXmt2.exe" = F:\Metin2\XenoXmt2.exe:*:Enabled:XenoXmt2
"F:\Metin2 2008\XenoXmt2.exe" = F:\Metin2 2008\XenoXmt2.exe:*:Enabled:XenoXmt2
"F:\WapSter\WapSter AQQ\AQQ.exe" = F:\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger
"F:\Metin2 2008\metin2client.bin" = F:\Metin2 2008\metin2client.bin:*:Enabled:metin2client
"F:\Metin2 2008\XenoXMT2Launcher.exe" = F:\Metin2 2008\XenoXMT2Launcher.exe:*:Enabled:Customizable 2010 Client Launcher
"F:\Metin 2\XenoXMT2Launcher.exe" = F:\Metin 2\XenoXMT2Launcher.exe:*:Enabled:Customizable 2010 Client Launcher
"F:\XenoxMt2\Klient_XenoXmt2\XenoXmt2.exe" = F:\XenoxMt2\Klient_XenoXmt2\XenoXmt2.exe:*:Enabled:XenoXmt2
"F:\XenoxMt2\Klient_XenoXmt2\XenoXMT2Launcher.exe" = F:\XenoxMt2\Klient_XenoXmt2\XenoXMT2Launcher.exe:*:Enabled:Customizable 2010 Client Launcher
"F:\Metin 2\metin2client.bin" = F:\Metin 2\metin2client.bin:*:Enabled:metin2client
"F:\Soldat\Soldat.exe" = F:\Soldat\Soldat.exe:*:Enabled:Soldat
"F:\Hamachi\hamachi.exe" = F:\Hamachi\hamachi.exe:*:Enabled:Hamachi Client -- (LogMeIn Inc.)
"F:\HoolyMT2\HoolyMT2.exe" = F:\HoolyMT2\HoolyMT2.exe:*:Enabled:HoolyMT2
"F:\BezduchMT2\DvixMT2.exe" = F:\BezduchMT2\DvixMT2.exe:*:Enabled:DvixMT2
"F:\DvixMt2\DvixMT2.exe" = F:\DvixMt2\DvixMT2.exe:*:Enabled:DvixMT2
"F:\Metin 2 na privy\starter.exe" = F:\Metin 2 na privy\starter.exe:*:Enabled:starter
"F:\Counter Strike\cstrike.exe" = F:\Counter Strike\cstrike.exe:*:Enabled:Half-Life Launcher
"F:\Metin 2 na privy\RealisticMT2.exe" = F:\Metin 2 na privy\RealisticMT2.exe:*:Enabled:RealisticMT2
"F:\Client do privow\Klient_XenoXmt2\RealisticMT2.exe" = F:\Client do privow\Klient_XenoXmt2\RealisticMT2.exe:*:Enabled:RealisticMT2
"F:\Client do privow\Klient_XenoXmt2\Xeon.exe" = F:\Client do privow\Klient_XenoXmt2\Xeon.exe:*:Enabled:Xeon
"F:\NFS Carbon\NFSC.exe" = F:\NFS Carbon\NFSC.exe:*:Enabled:NFSC
"F:\Client do privow\Klient_XenoXmt2\Dark-mt2 By Zarobek.exe" = F:\Client do privow\Klient_XenoXmt2\Dark-mt2 By Zarobek.exe:*:Enabled:Dark-mt2 By Zarobek
"F:\Client do privow\Klient_XenoXmt2\metin2mod_2011sf.exe" = F:\Client do privow\Klient_XenoXmt2\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf
"F:\World of Planets\Starter.exe" = F:\World of Planets\Starter.exe:*:Enabled:Starter
"F:\Client do privow\Klient_XenoXmt2\EpicMt2 by kasa.exe" = F:\Client do privow\Klient_XenoXmt2\EpicMt2 by kasa.exe:*:Enabled:EpicMt2 by kasa
"F:\Client do privow\Klient_XenoXmt2\mt2.exe" = F:\Client do privow\Klient_XenoXmt2\mt2.exe:*:Enabled:mt2
"F:\Client do privow\Klient_XenoXmt2\oldyt2.bin" = F:\Client do privow\Klient_XenoXmt2\oldyt2.bin:*:Enabled:oldyt2
"F:\Client do privow\Klient_XenoXmt2\Akwatras.exe" = F:\Client do privow\Klient_XenoXmt2\Akwatras.exe:*:Enabled:Akwatras
"F:\Client do privow\Klient_XenoXmt2\Spolszczenie.exe.exe" = F:\Client do privow\Klient_XenoXmt2\Spolszczenie.exe.exe:*:Enabled:Spolszczenie.exe
"F:\Client do privow\Klient_XenoXmt2\ScotchMt2.exe" = F:\Client do privow\Klient_XenoXmt2\ScotchMt2.exe:*:Enabled:ScotchMt2
"F:\Client do privow\Klient_XenoXmt2\4FunMT2.exe" = F:\Client do privow\Klient_XenoXmt2\4FunMT2.exe:*:Enabled:4FunMT2
"F:\Client do privow\Klient_XenoXmt2\ArcaniumMT2.exe" = F:\Client do privow\Klient_XenoXmt2\ArcaniumMT2.exe:*:Enabled:ArcaniumMT2
"F:\Wertive\wertive.exe" = F:\Wertive\wertive.exe:*:Enabled:wertive
"F:\Client do privow\Klient_XenoXmt2\MinaroMT2.exe" = F:\Client do privow\Klient_XenoXmt2\MinaroMT2.exe:*:Enabled:MinaroMT2
"C:\Program Files\Common Files\aol\acs\AOLDial.exe" = C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer
"C:\Program Files\Common Files\aol\acs\AOLacsd.exe" = C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service
"C:\Program Files\Common Files\aol\1308417074\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1308417074\ee\aolsoftware.exe:*:Enabled:AOL Shared Components
"F:\AOL\waol.exe" = F:\AOL\waol.exe:*:Enabled:AOL
"F:\Client do privow\Klient_XenoXmt2\SrsMt2.exe" = F:\Client do privow\Klient_XenoXmt2\SrsMt2.exe:*:Enabled:SrsMt2
"F:\Client do privow\Klient_XenoXmt2\ObisMT2 by HajTeR.exe" = F:\Client do privow\Klient_XenoXmt2\ObisMT2 by HajTeR.exe:*:Enabled:ObisMT2 by HajTeR
"C:\Program Files\Common Files\aol\1309463139\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1309463139\ee\aolsoftware.exe:*:Enabled:AOL Shared Components
"F:\AOL 9.5\waol.exe" = F:\AOL 9.5\waol.exe:*:Enabled:AOL
"C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed
"C:\Program Files\Common Files\aol\Loader\aolload.exe" = C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader
"C:\Program Files\Common Files\aol\System Information\sinf.exe" = C:\Program Files\Common Files\aol\System Information\sinf.exe:*:Enabled:AOL System Information
"F:\Aspyr Media, Inc\THAW\Game\THAW - NoName Mod 0.2.exe" = F:\Aspyr Media, Inc\THAW\Game\THAW - NoName Mod 0.2.exe:*:Enabled:Tony Hawk's American Wasteland
"F:\Aspyr Media, Inc\THAW\Game\THAW.exe" = F:\Aspyr Media, Inc\THAW\Game\THAW.exe:*:Disabled:Tony Hawk's American Wasteland
"F:\Aspyr Media, Inc\THAW\Game\BaLaNcE mOd by $KEJT23.exe" = F:\Aspyr Media, Inc\THAW\Game\BaLaNcE mOd by $KEJT23.exe:*:Enabled:Tony Hawk's American Wasteland
"F:\Client do privow\Klient_XenoXmt2\UtenMT2.exe" = F:\Client do privow\Klient_XenoXmt2\UtenMT2.exe:*:Enabled:UtenMT2
"C:\Program Files\Common Files\aol\1310294346\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1310294346\ee\aolsoftware.exe:*:Enabled:AOL Shared Components
"F:\Alien Nations\Bin\AN.exe" = F:\Alien Nations\Bin\AN.exe:*:Enabled:DV
"F:\New_Klient_XenoXmt2_by_Pawemol\XenoXMT2client.exe" = F:\New_Klient_XenoXmt2_by_Pawemol\XenoXMT2client.exe:*:Enabled:XenoXMT2client
"F:\Metin2 - Kopia\metin2mod_2011sf.exe" = F:\Metin2 - Kopia\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf
"F:\SevenHevenMT2\metin2.bin" = F:\SevenHevenMT2\metin2.bin:*:Enabled:metin2 -- ()
"F:\Metin 2 na privy\TysonKO2.exe" = F:\Metin 2 na privy\TysonKO2.exe:*:Enabled:TysonKO2
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{193DB24F-9A66-4896-8404-22D53EA89075}" = 1400_Help
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{266959FA-0AEE-41D0-A88E-F1EAC10A7C14}" = 1400
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Po zmroku
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{58B785A2-D2CA-40AA-AE89-FCC49326CDC4}" = OpenOffice.org 3.2
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{5F624839-947D-46EA-BD63-FD847C1AC6F1}" = BearShare
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{90850415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{9B4E6CB9-E54D-47F7-A414-E2D5740E1045}" = Nero 7 Essentials
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.5 - Polish
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C510CA36-98D6-4F07-8AFF-81E7399A075B}" = 1400Trb
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE3B8E96-B0AF-4871-9178-1519B58E3A93}" = Vimicro USB PC Camera (ZC0301PLH)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"avast" = avast! Free Antivirus
"BearShare" = BearShare
"CCleaner" = CCleaner
"Cheat Engine 6.0_is1" = Cheat Engine 6.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"foobar2000" = foobar2000 v1.1.5
"Hamachi" = Hamachi 1.0.3.0
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.2.0 Full
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 6.0 (x86 pl)" = Mozilla Firefox 6.0 (x86 pl)
"MySSID_is1" = Vtune 7.12
"Nowe Gadu-Gadu" = Nowe Gadu-Gadu
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Odkurzacz 12.6_is1" = Odkurzacz 12.6
"Origin" = Origin
"PIT 2010 z Gazetą Wyborczą_is1" = PIT 2010 z Gazetą Wyborczą ver. 7.0.1.3
"Pizza Syndicate" = Pizza Syndicate
"Speedway Liga" = Speedway Liga
"Speedway Liga 1.4.0.0" = Speedway Liga 1.4.0.0
"Speedway Liga Dodatek Drużynowy 2010" = Speedway Liga Dodatek Drużynowy 2010
"uTorrent" = µTorrent
"ViewpointMediaPlayer" = Viewpoint Media Player
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinRAR archiver" = Archiwizator WinRAR
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[Application Events]
Error - 2011-04-27 15:28:33 | Computer Name = KAROL-0B32C6FEA | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca XenoXmt2.exe, wersja 0.0.0.0, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2011-04-30 15:02:33 | Computer Name = KAROL-0B32C6FEA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 5.1.0.112, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x00000000.
Error - 2011-04-30 15:02:39 | Computer Name = KAROL-0B32C6FEA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 5.1.0.112, moduł powodujący
błąd skype.exe, wersja 5.1.0.112, adres błędu 0x00a224dc.
Error - 2011-05-10 15:10:33 | Computer Name = KAROL-0B32C6FEA | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca metin2client.bin, wersja 0.0.0.0, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2011-05-12 14:15:49 | Computer Name = KAROL-0B32C6FEA | Source = ESENT | ID = 490
Description = svchost (1156) Próba otwarcia pliku "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
w trybie odczytu lub zapisu zakończyła się niepomyślnie z błędem systemowym 32
(0x00000020): "Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany
przez inny proces. ". Operacja otwierania pliku zostanie zakończona z błędem -1032
(0xfffffbf8).
Error - 2011-05-17 13:36:57 | Computer Name = KAROL-0B32C6FEA | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca LomaxMT2.exe, wersja 3.3.6.1, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2011-05-17 16:01:38 | Computer Name = KAROL-0B32C6FEA | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca firefox.exe, wersja 1.9.2.4127, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2011-05-18 07:52:03 | Computer Name = KAROL-0B32C6FEA | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca AQQ.exe, wersja 2.2.4.70, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2011-05-19 15:24:01 | Computer Name = KAROL-0B32C6FEA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 5.1.0.112, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x00000000.
Error - 2011-05-19 15:24:05 | Computer Name = KAROL-0B32C6FEA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 5.1.0.112, moduł powodujący
błąd skype.exe, wersja 5.1.0.112, adres błędu 0x00a224dc.
[System Events]
Error - 2011-08-23 02:42:20 | Computer Name = KAROL-0B32C6FEA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183
Error - 2011-08-23 12:37:52 | Computer Name = KAROL-0B32C6FEA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183
Error - 2011-08-23 15:02:22 | Computer Name = KAROL-0B32C6FEA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183
Error - 2011-08-23 15:51:15 | Computer Name = KAROL-0B32C6FEA | Source = Service Control Manager | ID = 7034
Description = Usługa Office Source Engine niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.
Error - 2011-08-23 16:14:49 | Computer Name = KAROL-0B32C6FEA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183
Error - 2011-08-23 16:17:56 | Computer Name = KAROL-0B32C6FEA | Source = Dhcp | ID = 1000
Description = Komputer utracił połączenie dla swojego adresu IP 5.176.87.22 na karcie
sieciowej
o adresie sieciowym 7A7905B05716.
Error - 2011-08-24 03:18:21 | Computer Name = KAROL-0B32C6FEA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183
Error - 2011-08-24 05:31:17 | Computer Name = KAROL-0B32C6FEA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183
Error - 2011-08-24 05:41:41 | Computer Name = KAROL-0B32C6FEA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183
Error - 2011-08-24 12:44:04 | Computer Name = KAROL-0B32C6FEA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183
< End of report >
Plik OTL
OTL logfile created on: 2011-08-24 19:51:46 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Karol\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1023,48 Mb Total Physical Memory | 352,50 Mb Available Physical Memory | 34,44% Memory free
2,40 Gb Paging File | 1,90 Gb Available in Paging File | 78,94% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 10,74 Gb Total Space | 2,04 Gb Free Space | 18,95% Space Free | Partition Type: NTFS
Drive D: | 39,22 Gb Total Space | 31,08 Gb Free Space | 79,24% Space Free | Partition Type: NTFS
Drive F: | 26,36 Gb Total Space | 7,66 Gb Free Space | 29,05% Space Free | Partition Type: NTFS
Computer Name: KAROL-0B32C6FEA | User Name: Karol | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2011-08-24 19:32:12 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Karol\Moje dokumenty\Pobieranie\OTL(1).exe
PRC - [2011-08-20 14:03:35 | 000,331,776 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Documents and Settings\All Users\winloqon.exe
PRC - [2011-08-20 14:03:31 | 000,339,968 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Documents and Settings\All Users\csrs.exe
PRC - [2011-08-12 08:32:21 | 000,924,632 | ---- | M] (Mozilla Corporation) -- F:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2010-07-30 16:11:56 | 002,158,592 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe
PRC - [2009-10-28 14:44:08 | 011,539,048 | ---- | M] (GG Network S.A.) -- F:\Nowe Gadu-Gadu\gg.exe
PRC - [2009-10-28 13:43:06 | 000,077,824 | ---- | M] () -- F:\Nowe Gadu-Gadu\spellchecker_gg.exe
PRC - [2006-08-02 23:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2005-05-12 01:40:38 | 000,204,800 | ---- | M] (Hewlett-Packard Co.) -- D:\Drukarka HP\Digital Imaging\bin\hpqste08.exe
PRC - [2005-05-12 00:23:26 | 000,282,624 | ---- | M] (Hewlett-Packard Co.) -- D:\Drukarka HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2005-05-12 00:16:22 | 000,077,824 | ---- | M] (Hewlett-Packard Co.) -- D:\Drukarka HP\Digital Imaging\Product Assistant\bin\hprblog.exe
PRC - [2005-05-12 00:12:54 | 000,049,152 | ---- | M] (Hewlett-Packard Co.) -- D:\Drukarka HP\HP Software Update\hpwuSchd2.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2011-08-24 14:33:59 | 001,288,704 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11082401\algo.dll
MOD - [2011-08-23 16:54:58 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11082401\aswRep.dll
MOD - [2011-08-12 08:32:21 | 001,846,232 | ---- | M] () -- F:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011-04-30 12:00:58 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll
MOD - [2011-04-27 18:22:05 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll
MOD - [2011-04-27 18:21:55 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll
MOD - [2011-04-27 18:21:20 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll
MOD - [2011-04-27 18:20:25 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\50130ef751b98a4a11bd4ab73af7cab5\System.Data.ni.dll
MOD - [2011-04-27 13:31:54 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011-04-27 13:29:02 | 007,949,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
MOD - [2011-04-27 12:01:16 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
MOD - [2010-07-30 16:11:56 | 002,158,592 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe
MOD - [2009-10-28 13:43:06 | 000,077,824 | ---- | M] () -- F:\Nowe Gadu-Gadu\spellchecker_gg.exe
MOD - [2009-10-20 19:15:24 | 000,212,992 | ---- | M] () -- F:\Nowe Gadu-Gadu\gglog.dll
MOD - [2009-10-20 19:15:24 | 000,023,040 | ---- | M] () -- F:\Nowe Gadu-Gadu\ggcrypto.dll
MOD - [2009-10-20 19:15:24 | 000,012,800 | ---- | M] () -- F:\Nowe Gadu-Gadu\ggipc.dll
MOD - [2009-10-20 19:15:22 | 000,352,256 | ---- | M] () -- F:\Nowe Gadu-Gadu\ggcommon.dll
MOD - [2009-10-20 19:15:22 | 000,118,784 | ---- | M] () -- F:\Nowe Gadu-Gadu\ggipcradioproxy.dll
MOD - [2009-09-23 16:05:02 | 000,970,752 | ---- | M] () -- F:\Nowe Gadu-Gadu\QtNetwork4.dll
MOD - [2009-09-23 16:04:58 | 002,195,456 | ---- | M] () -- F:\Nowe Gadu-Gadu\QtCore4.dll
MOD - [2009-09-23 16:04:56 | 011,677,696 | ---- | M] () -- F:\Nowe Gadu-Gadu\QtWebKit4.dll
MOD - [2009-09-23 16:04:52 | 008,024,064 | ---- | M] () -- F:\Nowe Gadu-Gadu\QtGui4.dll
MOD - [2009-09-23 16:04:50 | 000,393,216 | ---- | M] () -- F:\Nowe Gadu-Gadu\QtXml4.dll
MOD - [2009-09-23 16:04:50 | 000,299,008 | ---- | M] () -- F:\Nowe Gadu-Gadu\QtSvg4.dll
MOD - [2009-09-23 16:04:14 | 000,303,104 | ---- | M] () -- F:\Nowe Gadu-Gadu\imageformats\qtiff4.dll
MOD - [2009-09-23 16:04:14 | 000,018,432 | ---- | M] () -- F:\Nowe Gadu-Gadu\imageformats\qsvg4.dll
MOD - [2009-09-23 16:04:12 | 000,274,432 | ---- | M] () -- F:\Nowe Gadu-Gadu\imageformats\qmng4.dll
MOD - [2009-09-23 16:04:12 | 000,143,360 | ---- | M] () -- F:\Nowe Gadu-Gadu\imageformats\qjpeg4.dll
MOD - [2009-09-23 16:04:12 | 000,023,552 | ---- | M] () -- F:\Nowe Gadu-Gadu\imageformats\qgif4.dll
MOD - [2009-09-23 16:04:00 | 000,059,904 | ---- | M] () -- F:\Nowe Gadu-Gadu\zlib1.dll
MOD - [2009-02-27 20:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL
MOD - [2009-02-03 04:15:28 | 003,771,296 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2007-01-31 12:33:24 | 000,032,768 | ---- | M] () -- C:\Program Files\Vtune\TBPanelExt.dll
MOD - [2004-08-04 00:44:04 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [1998-10-31 05:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files\Vtune\TBMANAGE.DLL
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2004-09-29 13:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-07-04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-07-04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011-05-26 19:33:27 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2011-03-23 21:05:41 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2007-03-16 11:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007-03-16 11:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2006-08-18 07:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005-09-30 06:52:22 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005-09-30 06:52:20 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005-08-18 10:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb&sysid=2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb&sysid=2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb&sysid=2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.selectedEngine: "qooqlle"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..keyword.URL: "http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q="
FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ftp_port: 9666
FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.backup.gopher_port: 9666
FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"
FF - prefs.js..network.proxy.backup.socks_port: 9666
FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ssl_port: 9666
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 9666
FF - prefs.js..network.proxy.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.gopher_port: 9666
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9666
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-22 22:09:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: F:\Program Files\Mozilla Firefox\components [2011-08-24 11:11:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: F:\Program Files\Mozilla Firefox\plugins
[2011-04-02 09:26:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Extensions
[2010-09-14 14:48:25 | 000,002,506 | ---- | M] () -- C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\pgtvlwdj.default\searchplugins\BearShareWebSearch.xml
[2011-08-24 18:43:22 | 000,001,860 | ---- | M] () -- C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\pgtvlwdj.default\searchplugins\search.xml
[2011-08-24 11:07:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-06-04 12:44:26 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011-06-16 13:16:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011-06-16 13:15:49 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-04-30 12:03:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011-06-16 13:15:48 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010-09-14 14:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
O1 HOSTS File: ([2001-10-26 19:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [csrs] C:\Documents and Settings\All Users\csrs.exe (Created with WinAutomation (http://www.WinAutomation.com))
O4 - HKLM..\Run: [HP Software Update] D:\Drukarka HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [svhost] C:\Program Files\Common Files\svhost.exe ()
O4 - HKLM..\Run: [winloqon] C:\Documents and Settings\All Users\winloqon.exe (Created with WinAutomation (http://www.WinAutomation.com))
O4 - HKCU..\Run: [DAEMON Tools Lite] F:\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EA Core] File not found
O4 - HKCU..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = D:\Drukarka HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-03-04 19:25:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [NTFS]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011-08-23 21:45:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011-08-23 21:24:19 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconfig.exe
[2011-08-20 14:03:54 | 000,331,776 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Documents and Settings\All Users\winloqon.exe
[2011-08-20 14:03:51 | 000,339,968 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Documents and Settings\All Users\csrs.exe
[2011-08-19 19:25:15 | 000,000,000 | ---D | C] -- C:\Program Files\Software2000
[2011-08-19 19:22:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\WINDOWS
[2011-08-15 21:13:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Moje dokumenty\My Cheat Tables
[2011-08-14 13:33:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Pulpit\Crusader zamki
[2011-08-12 15:58:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011-08-05 17:12:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Pulpit\plik zastępczy do fify
[2011-08-05 16:18:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Moje dokumenty\FIFA 08
[2011-08-05 16:01:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA Sports
[2011-08-05 11:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FarmFrenzy_Rome
[2011-08-05 11:38:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\AlawarWrapper
[2011-08-05 11:37:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper
[2011-08-02 21:44:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DivX
[2011-07-28 17:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011-07-28 17:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011-07-27 16:16:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011-08-24 18:42:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-08-24 11:11:10 | 000,000,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2011-08-23 21:45:32 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2011-08-20 16:31:52 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011-08-20 16:28:01 | 006,855,168 | RHS- | M] () -- C:\Program Files\Common Files\svhost.exe
[2011-08-20 14:03:35 | 000,331,776 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Documents and Settings\All Users\winloqon.exe
[2011-08-20 14:03:31 | 000,339,968 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Documents and Settings\All Users\csrs.exe
[2011-08-17 13:30:33 | 000,245,177 | ---- | M] () -- C:\Documents and Settings\Karol\Pulpit\EminemSkinbyFolt3k.ggskin
[2011-08-15 19:18:30 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-08-08 10:28:49 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-08-05 16:17:13 | 002,656,256 | ---- | M] () -- C:\Documents and Settings\Karol\Pulpit\FIFA08.exe
[2011-08-04 20:25:33 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2011-07-28 17:21:15 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011-08-24 11:11:10 | 000,000,613 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2011-08-23 21:45:32 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2011-08-20 14:03:52 | 006,855,168 | RHS- | C] () -- C:\Program Files\Common Files\svhost.exe
[2011-08-17 13:30:31 | 000,245,177 | ---- | C] () -- C:\Documents and Settings\Karol\Pulpit\EminemSkinbyFolt3k.ggskin
[2011-08-05 16:16:57 | 002,656,256 | ---- | C] () -- C:\Documents and Settings\Karol\Pulpit\FIFA08.exe
[2011-07-28 17:20:04 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader 9.lnk
[2011-07-28 17:20:04 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2011-07-28 09:25:29 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk
[2011-06-20 12:42:47 | 000,000,006 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2011-06-10 18:21:19 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011-06-06 20:23:14 | 000,000,040 | ---- | C] () -- C:\WINDOWS\nfsc_patch.ini
[2011-03-10 18:01:40 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011-03-08 22:12:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\VMPipe.dll
[2011-03-08 21:34:10 | 000,113,588 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2011-03-08 21:34:10 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2011-03-07 22:07:31 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011-03-07 19:48:16 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2011-03-07 17:39:17 | 000,011,776 | ---- | C] () -- C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-03-07 17:14:25 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011-03-07 17:13:53 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2011-03-07 17:13:33 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011-03-07 16:22:08 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2011-03-07 16:22:08 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-03-07 16:22:08 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-03-07 16:22:07 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011-03-07 16:18:32 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011-03-07 16:09:45 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011-03-07 16:09:43 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011-03-07 16:09:43 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011-03-04 19:28:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-03-04 19:21:45 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-08-05 12:15:08 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2005-01-02 07:02:55 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005-01-02 07:01:38 | 000,289,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004-08-04 00:56:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004-08-02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001-10-26 20:15:16 | 000,493,532 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 20:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 20:15:16 | 000,084,724 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 20:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-08-23 17:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 17:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-18 01:30:24 | 000,435,396 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-18 01:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-18 01:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-18 01:30:22 | 000,068,292 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-18 01:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-22 02:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 02:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-22 02:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001-07-06 16:30:02 | 000,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF
< End of report >
Uruchom managera zadań (ctrl+alt+del) przejdź do procesów znajdź csrs.exe kliknij zakończ proces. Następnie uruchom otl, w własne opcje skanowania wklej:
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
FF - prefs.js..browser.search.selectedEngine: "qooqlle"
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - File not found
O4 - HKLM..\Run: [svhost] C:\Program Files\Common Files\svhost.exe ()
[2011-08-20 14:03:51 | 000,339,968 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Documents and Settings\All Users\csrs.exe
O4 - HKCU..\Run: [DAEMON Tools Lite] F:\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EA Core] File not found
O4 - HKCU..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe ()
:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
:Commands
[emptytemp]
Następnie kliknij wykonaj skrypt. Po uruchomieniu komputera utworzy się log, który wkleisz na forum, razem z nowym logiem (należy kliknąć skan)
MeDe , proszę zapoznaj się z tą stroną oraz tym tematem, a następnie popraw tytuł tematu, używając przycisku
Log, który wyświetlił się zaraz przy uruchomieniu systemu
http://wklej.to/bFCyJ
Log(skan)
http://wklej.to/QCWFn
Edit:
Kolejny raz połknąłem nagłówek podczas kopiowania -> wybacz, niestety musisz to wykonać jeszcze raz ;/
:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
FF - prefs.js..browser.search.selectedEngine: "qooqlle"
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - File not found
O4 - HKLM..\Run: [svhost] C:\Program Files\Common Files\svhost.exe ()
[2011-08-20 14:03:51 | 000,339,968 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Documents and Settings\All Users\csrs.exe
O4 - HKCU..\Run: [DAEMON Tools Lite] F:\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EA Core] File not found
O4 - HKCU..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe ()
:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
:Commands
[emptytemp]
Log
http://wklej.to/MzdUj
Skan
http://wklej.to/WyGSr
W własne opcje skanowania wklej:
:OTL
PRC - [2011-08-20 14:03:35 | 000,331,776 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Documents and Settings\All Users\winloqon.exe
O4 - HKLM..\Run: [csrs] File not found
O4 - HKLM..\Run: [winloqon] C:\Documents and Settings\All Users\winloqon.exe (Created with WinAutomation (http://www.WinAutomation.com))
[2011-08-20 14:03:35 | 000,331,776 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Documents and Settings\All Users\winloqon.exe
:Commands
[emptytemp]
I kliknij wykonaj skrypt.
Chyba się o czymś zapomniało.
Log:
http://wklej.to/uQPiK
Strona startowa zniknęła,a programy uruchamiają się normalnie. Czy coś jeszcze zrobić?
Kliknij czyszczenie w otl, i przeczyść system ccleanerem: http://www.filehippo.com/download_ccleaner/
Wszystko zrobione. Dzięki za pomoc,naprawdę robisz dobrą robotę =D> .