Skocz do zawartości
Zamknięcie Forum PC LAB

Szanowny Użytkowniku,

Informujemy, że za 30 dni tj. 30 listopada 2024 r. serwis internetowy Forum PC LAB zostanie zamknięty.

Administrator Serwisu Forum PC LAB - Ringier Axel Springer Polska sp. z o.o. z siedzibą w Warszawie: wypowiada całość usług Serwisu Forum PC LAB z zachowaniem miesięcznego okresu wypowiedzenia.

Administrator Serwisu Forum PC LAB informuje, że:

  1. Z dniem 29 listopada 2024 r. zakończy się świadczenie wszystkich usług Serwisu Forum PC LAB. Ważną przyczyną uzasadniającą wypowiedzenie jest zamknięcie Serwisu Forum PC LAB
  2. Dotychczas zamowione przez Użytkownika usługi Serwisu Forum PC LAB będą świadczone w okresie wypowiedzenia tj. do dnia 29 listopada 2024 r.
  3. Po ogłoszeniu zamknięcia Serwisu Forum od dnia 30 października 2024 r. zakładanie nowych kont w serwisie Forum PC LAB nie będzie możliwe
  4. Wraz z zamknięciem Serwisu Forum PC LAB, tj. dnia 29 listopada 2024 r. nie będzie już dostępny katalog treści Forum PC LAB. Do tego czasu Użytkownicy Forum PC LAB mają dostęp do swoich treści w zakładce "Profil", gdzie mają możliwość ich skopiowania lub archiwizowania w formie screenshotów.
  5. Administrator danych osobowych Użytkowników - Ringier Axel Springer Polska sp. z o.o. z siedzibą w Warszawie zapewnia realizację praw podmiotów danych osobowych przez cały okres świadczenia usług Serwisu Forum PC LAB. Szczegółowe informacje znajdziesz w Polityce Prywatności

Administrator informuje, iż wraz z zamknięciem Serwisu Forum PC LAB, dane osobowe Użytkowników Serwisu Forum PC LAB zostaną trwale usunięte ze względu na brak podstawy ich dalszego przetwarzania. Proces trwałego usuwania danych z kopii zapasowych może przekroczyć termin zamknięcia Forum PC LAB o kilka miesięcy. Wyjątek może stanowić przetwarzanie danych użytkownika do czasu zakończenia toczących się postepowań.

Temat został przeniesiony do archiwum

Ten temat przebywa obecnie w archiwum. Dodawanie nowych odpowiedzi zostało zablokowane.

jj09

Wirus 'Antivirus Soft'

dodany przez jj09, w Windows

Rekomendowane odpowiedzi

Robson23    0

Robson23
Napisano
Do okna Custom Scans/Fixes wklej:

:OTL
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O4 - HKLM..\Run: [iockdlbi] C:\Documents and Settings\Robi\Ustawienia lokalne\Dane aplikacji\ufvkbg\bgvcsftav.exe ()
O4 - HKU\S-1-5-21-1060284298-789336058-682003330-1003..\Run: [iockdlbi] C:\Documents and Settings\Robi\Ustawienia lokalne\Dane aplikacji\ufvkbg\bgvcsftav.exe ()
O33 - MountPoints2\{49aac3ed-9d3d-11de-950b-000e50aeaa0e}\Shell\AutoRun\command - "" = E:\
O33 - MountPoints2\{49aac3ed-9d3d-11de-950b-000e50aeaa0e}\Shell\explore\Command - "" = E:\RECYCLER\INFO.exe -- File not found
O33 - MountPoints2\{49aac3ed-9d3d-11de-950b-000e50aeaa0e}\Shell\open\Command - "" = E:\RECYCLER\INFO.exe -- File not found
O33 - MountPoints2\{89206076-98d5-11de-94fd-000e50aeaa0e}\Shell\verb1\command - "" = desktop.exe
O33 - MountPoints2\{89206077-98d5-11de-94fd-000e50aeaa0e}\Shell\verb1\command - "" = desktop.exe
O33 - MountPoints2\{d7c42e3c-a0ee-11de-9514-000e50aeaa0e}\Shell\verb1\command - "" = desktop.exe
O33 - MountPoints2\D\Shell - "" = AutoRun

:Files
C:\Documents and Settings\Robi\Ustawienia lokalne\Dane aplikacji\ufvkbg

:Commands
[emptytemp]
[Reboot]

Kliknij Run Fix i zatwierdź restart.

Pokaż nowy log Run Scan

 

 

 

 

http://wklej.org/id/288661/

Już chyba po problemie :) Jesteś wielki!!!Bardzo ci dziękuje!!!Ps.Jak najlepiej się zabezpieczyć przed tego rodzaju badziewiem?Jakiś program antywirusowy+coś???Poradź mi coś proszę...Pozdrawiam

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

tehawanka    0

tehawanka
Napisano

Nie istnieje program który zagwarantuje bezpieczeństwo.

W FAQ poczytaj o programach zabezpieczających.

Użyj opcji CleanUp.

Wyłącz na chwilę przywracanie systemu (punkt 19) - Klik

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

matiers    0

matiers
Napisano

Czesc mam taki sam problem jak jj09 i robilem tak jak bylo w linku w ktorym podal SplinT i nie pomoglo tehawanka tez mi nie pomogl ten sposob wie moze ktos jak inaczej moge jeszcze to cos usunac?

 

BARDZO prosze o pomoc i szybko odpowiedz

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

qq69    0

qq69
Napisano

OTL logfile created on: 2010-03-14 19:33:04 - Run 1

OTL by OldTimer - Version 3.1.37.1 Folder = C:\Documents and Settings\Administrator\Pulpit

Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

1 014,00 Mb Total Physical Memory | 783,00 Mb Available Physical Memory | 77,00% Memory free

4,00 Gb Paging File | 4,00 Gb Available in Paging File | 97,00% Paging File free

Paging file location(s): C:\pagefile.sys 3048 6096 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 232,88 Gb Total Space | 161,72 Gb Free Space | 69,44% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

Drive F: | 3,72 Gb Total Space | 3,63 Gb Free Space | 97,64% Space Free | Partition Type: FAT32

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: LAPTOP

Current User Name: Administrator

Logged in as Administrator.

 

Current Boot Mode: SafeMode with Networking

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 

========== Processes (SafeList) ==========

 

PRC - [2010-03-14 18:59:34 | 000,555,008 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe

PRC - [2009-11-20 19:01:18 | 000,832,296 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe

PRC - [2007-06-13 14:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010-03-14 18:59:34 | 000,555,008 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe

MOD - [2006-08-25 07:51:14 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2010-03-14 16:44:01 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)

SRV - [2010-03-14 16:43:57 | 000,298,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)

SRV - [2010-01-08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)

SRV - [2007-11-21 16:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\TODDSrv.exe -- (TODDSrv)

SRV - [2007-06-05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)

SRV - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)

SRV - [2007-04-10 07:45:20 | 000,035,840 | ---- | M] (TOSHIBA Corp.) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)

SRV - [2006-10-05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)

SRV - [2005-11-14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)

SRV - [2005-01-17 16:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2010-03-14 16:44:15 | 000,325,640 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)

DRV - [2010-03-14 16:44:15 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)

DRV - [2010-03-14 16:44:13 | 000,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)

DRV - [2010-01-07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)

DRV - [2009-10-23 16:52:21 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

DRV - [2008-12-01 18:51:37 | 000,022,368 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)

DRV - [2008-12-01 18:51:37 | 000,010,976 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)

DRV - [2008-01-30 11:28:36 | 004,725,760 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2008-01-03 22:10:16 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - [2007-12-26 10:20:18 | 000,288,000 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8187B.sys -- (RTL8187B)

DRV - [2007-12-17 10:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\UVCFTR_S.SYS -- (UVCFTR)

DRV - [2007-12-06 17:41:42 | 000,220,032 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)

DRV - [2007-10-25 09:08:18 | 000,046,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTSTOR.sys -- (RTSTOR)

DRV - [2007-09-29 22:03:12 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)

DRV - [2007-05-25 11:27:04 | 005,761,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)

DRV - [2007-04-04 07:56:48 | 000,005,888 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FwLnk.sys -- (FwLnk)

DRV - [2007-03-26 11:22:18 | 000,105,856 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\tdudf.sys -- (tdudf)

DRV - [2007-02-22 14:10:30 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tdcmdpst.sys -- (tdcmdpst)

DRV - [2007-02-19 11:15:32 | 000,134,016 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\trudf.sys -- (trudf)

DRV - [2006-11-28 14:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2006-09-24 14:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)

DRV - [2006-09-18 14:59:08 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)

DRV - [2006-09-18 14:59:02 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex)

DRV - [2006-09-18 14:59:00 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)

DRV - [2006-09-18 14:58:58 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)

DRV - [2006-09-18 14:58:54 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm)

DRV - [2006-09-18 14:58:52 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl)

DRV - [2006-09-18 14:58:48 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM)

DRV - [2005-01-07 16:07:18 | 000,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)

DRV - [2003-01-29 14:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)

DRV - [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-3495124412-3354086585-1482034856-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2010-03-14 16:43:57 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-27 23:10:34 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-10-13 22:58:00 | 000,000,000 | ---D | M]

 

[2010-03-08 23:36:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2009-09-27 23:10:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org

[2009-09-27 23:10:15 | 000,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll

[2009-09-27 23:10:15 | 000,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll

[2009-09-27 23:10:15 | 000,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll

[2009-09-27 23:10:17 | 000,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll

[2009-09-27 23:10:17 | 000,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll

[2008-11-24 15:45:52 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll

[2009-01-28 19:46:00 | 000,307,200 | ---- | M] (ESKA) -- C:\Program Files\Mozilla Firefox\plugins\npOggX.dll

[2009-09-27 23:10:29 | 000,000,904 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml

[2009-09-27 23:10:29 | 000,001,419 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml

[2009-09-27 23:10:29 | 000,000,926 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml

[2009-09-27 23:10:29 | 000,000,866 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml

[2009-09-27 23:10:29 | 000,001,198 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml

[2009-09-27 23:10:29 | 000,001,693 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

 

O1 HOSTS File: ([2008-01-15 13:49:27 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)

O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\User\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)

O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)

O4 - HKLM..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe ()

O4 - HKLM..\Run: [igtkhong] C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\rmgvpi\raovsftav.exe ()

O4 - HKLM..\Run: [jgajnhjp] C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\nhhtof\rscnsftav.exe ()

O4 - HKLM..\Run: [Resume copy] C:\WINDOWS\COPYFSTQ.EXE ()

O4 - HKLM..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe (Spigot, Inc.)

O4 - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [THotkey] C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe (TOSHIBA)

O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)

O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\Winampa.exe ()

O4 - HKU\S-1-5-21-3495124412-3354086585-1482034856-500..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-3495124412-3354086585-1482034856-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)

O16 - DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} http://www.eska.pl/streamplayers/OggX.ocx (OggX Control)

O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2...78f/wvc1dmo.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} https://www.bph.pl/sezam/components/SignActivX.cab (SignActivX Control)

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.241.79.37 83.238.255.76

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: C:\WINDOWS\TOSHIBA1280x0800.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\TOSHIBA1280x0800.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008-04-11 11:01:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 - File not found

NetSvcs: Ias - C:\WINDOWS\system32\ias [2008-04-11 11:00:43 | 000,000,000 | ---D | M]

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010-03-14 19:32:31 | 000,555,008 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe

[2010-03-14 18:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Opera

[2010-03-14 18:55:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera

[2010-03-14 17:08:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes

[2010-03-14 17:08:00 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010-03-14 17:07:58 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010-03-14 17:07:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010-03-14 17:07:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes

[2010-03-14 17:03:54 | 005,061,512 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Pulpit\mbam-setup.exe

[2010-03-14 16:59:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia

[2010-03-14 16:55:20 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE

[2010-03-14 16:55:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache

[2010-03-14 16:54:48 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC

[2010-03-14 16:44:15 | 000,325,640 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys

[2010-03-14 16:44:15 | 000,108,552 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys

[2010-03-14 16:44:15 | 000,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll

[2010-03-14 16:44:13 | 000,027,656 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys

[2010-03-14 16:44:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg

[2010-03-14 16:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2010-03-14 16:25:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft

[2010-03-14 16:25:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft

[2010-03-14 16:25:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2010-03-10 23:22:38 | 003,555,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe

[2009-11-26 01:52:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google

[2009-11-26 01:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google

[2009-01-29 18:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple

[2008-04-11 11:58:07 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll

 

========== Files - Modified Within 30 Days ==========

 

[2010-03-14 19:31:49 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010-03-14 19:30:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010-03-14 19:29:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010-03-14 19:27:17 | 000,069,552 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

[2010-03-14 19:26:23 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2010-03-14 19:25:39 | 000,271,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010-03-14 19:24:46 | 001,048,576 | ---- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT

[2010-03-14 19:24:46 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini

[2010-03-14 18:59:34 | 000,555,008 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe

[2010-03-14 17:44:31 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk

[2010-03-14 17:02:08 | 005,061,512 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Pulpit\mbam-setup.exe

[2010-03-14 16:57:56 | 000,363,008 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\rkill.com

[2010-03-14 16:44:20 | 034,395,507 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm

[2010-03-14 16:44:15 | 006,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg

[2010-03-14 16:44:15 | 000,401,372 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg

[2010-03-14 16:44:15 | 000,325,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys

[2010-03-14 16:44:15 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys

[2010-03-14 16:44:15 | 000,057,798 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg

[2010-03-14 16:44:15 | 000,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll

[2010-03-14 16:44:15 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG Free 8.5.lnk

[2010-03-14 16:44:13 | 000,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys

[2010-03-14 16:39:00 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3495124412-3354086585-1482034856-1005UA.job

[2010-03-14 15:57:02 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2010-03-13 21:04:59 | 000,000,630 | ---- | M] () -- C:\WINDOWS\win.ini

[2010-03-13 21:04:59 | 000,000,257 | ---- | M] () -- C:\WINDOWS\system.ini

[2010-03-13 20:28:58 | 000,000,132 | ---- | M] () -- C:\WINDOWS\winamp.ini

[2010-03-13 13:39:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3495124412-3354086585-1482034856-1005Core.job

[2010-03-11 18:03:07 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2010-03-09 16:35:42 | 000,002,828 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2010-02-25 01:21:12 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

 

========== Files Created - No Company Name ==========

 

[2010-03-14 17:08:03 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk

[2010-03-14 16:58:21 | 000,363,008 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\rkill.com

[2010-03-14 16:44:15 | 034,395,507 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm

[2010-03-14 16:44:15 | 006,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg

[2010-03-14 16:44:15 | 000,401,372 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg

[2010-03-14 16:44:15 | 000,057,798 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg

[2010-03-14 16:44:15 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AVG Free 8.5.lnk

[2009-12-20 20:11:59 | 000,000,092 | ---- | C] () -- C:\WINDOWS\mp3wavcon.ini

[2009-12-20 20:10:39 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll

[2009-10-23 16:52:21 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2009-10-10 19:16:18 | 000,000,697 | ---- | C] () -- C:\WINDOWS\scummvm.ini

[2009-09-20 17:09:46 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2009-04-17 06:01:28 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Dane aplikacji\$_hpcst$.hpc

[2009-02-13 15:36:08 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2008-12-06 21:51:47 | 000,000,246 | ---- | C] () -- C:\WINDOWS\disney.ini

[2008-12-06 21:51:38 | 000,000,387 | ---- | C] () -- C:\WINDOWS\disneysy.ini

[2008-11-18 17:40:43 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\98682D9E01.sys

[2008-11-18 17:35:47 | 000,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2008-11-12 12:22:34 | 000,000,053 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2008-11-12 12:22:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI

[2008-10-03 11:26:17 | 000,000,132 | ---- | C] () -- C:\WINDOWS\winamp.ini

[2008-10-03 10:55:27 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2008-10-03 10:55:27 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

[2008-10-03 10:55:25 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2008-10-03 10:55:25 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2008-10-03 10:55:25 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2008-10-03 10:55:24 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2008-10-03 10:55:24 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2008-10-03 10:49:02 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini

[2008-10-03 10:49:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll

[2008-10-03 10:49:02 | 000,010,132 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini

[2008-10-03 10:49:02 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini

[2008-04-11 12:46:09 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2008-04-11 12:12:33 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll

[2008-04-11 12:12:33 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll

[2008-04-11 12:12:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll

[2008-04-11 12:12:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll

[2008-04-11 12:12:33 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll

[2008-04-11 12:12:33 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll

[2008-04-11 12:07:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI

[2008-04-11 11:58:07 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll

[2008-04-11 11:48:08 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4833.dll

[2008-04-11 11:48:07 | 000,910,464 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll

[2008-04-11 11:19:54 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat

[2008-04-11 11:17:06 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll

[2008-04-11 11:16:18 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2003-04-08 10:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[2002-05-04 11:04:45 | 000,094,636 | ---- | C] () -- C:\WINDOWS\dropcpyr.dll

[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

 

========== LOP Check ==========

 

[2010-03-14 18:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera

[2008-10-03 19:20:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\toshiba

[2009-01-12 00:44:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca

[2008-11-12 12:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\The Learning Company

[2008-11-18 16:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Wru

[2008-10-03 19:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}

[2008-10-03 19:20:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\toshiba

[2009-02-28 00:24:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Disney Interactive Studios

[2008-10-04 18:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Gadu-Gadu

[2009-02-22 01:25:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\GanymedeNet

[2008-11-18 17:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\MakeUpPilot

[2009-06-14 13:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Nowe Gadu-Gadu

[2008-10-04 18:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Opera

[2009-01-20 22:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Retriever

[2010-01-10 20:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Search Settings

[2009-01-20 00:39:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Teleca

[2008-10-03 19:20:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\toshiba

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %systemdrive%\*.* >

[2008-04-11 11:01:03 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2008-10-03 10:48:37 | 000,000,211 | RHS- | M] () -- C:\boot.ini

[2008-01-15 13:41:15 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin

[2008-04-11 11:01:03 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2008-04-11 11:01:03 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2008-04-11 11:01:03 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2008-01-15 14:03:25 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2008-01-15 14:03:32 | 000,250,624 | RHS- | M] () -- C:\ntldr

[2010-03-14 19:30:34 | 3196,059,648 | -HS- | M] () -- C:\pagefile.sys

[2008-12-27 20:25:06 | 000,025,707 | ---- | M] () -- C:\Program1.RPT

[2010-03-14 19:32:11 | 000,000,384 | ---- | M] () -- C:\rkill.log

[2008-04-11 22:36:36 | 000,000,070 | -H-- | M] () -- C:\SWSTAMP.TXT

[2008-12-27 20:27:18 | 000,000,032 | ---- | M] () -- C:\VDFS.DMP

< End of report >

 

 

 

 

OTL Extras logfile created on: 2010-03-14 19:33:04 - Run 1

OTL by OldTimer - Version 3.1.37.1 Folder = C:\Documents and Settings\Administrator\Pulpit

Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

1 014,00 Mb Total Physical Memory | 783,00 Mb Available Physical Memory | 77,00% Memory free

4,00 Gb Paging File | 4,00 Gb Available in Paging File | 97,00% Paging File free

Paging file location(s): C:\pagefile.sys 3048 6096 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 232,88 Gb Total Space | 161,72 Gb Free Space | 69,44% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

Drive F: | 3,72 Gb Total Space | 3,63 Gb Free Space | 97,64% Space Free | Partition Type: FAT32

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: LAPTOP

Current User Name: Administrator

Logged in as Administrator.

 

Current Boot Mode: SafeMode with Networking

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)

Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)

Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 1

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)

"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)

"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe" = C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe:*:Enabled:ConfigFree Tray -- (TOSHIBA CORPORATION)

"C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.)

"C:\Program Files\Opera\Opera.exe" = C:\Program Files\Opera\Opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)

"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)

"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)

"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

"C:\Program Files\RealVNC\VNC4\vncviewer.exe" = C:\Program Files\RealVNC\VNC4\vncviewer.exe:*:Enabled:vncviewer -- File not found

"C:\Program Files\RealVNC\VNC4\winvnc4.exe" = C:\Program Files\RealVNC\VNC4\winvnc4.exe:*:Enabled:winvnc4 -- File not found

"C:\Program Files\Metin2_PL\metin2.bin" = C:\Program Files\Metin2_PL\metin2.bin:*:Enabled:metin2 -- File not found

"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)

"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)

"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)

"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR

"{0143CF89-5CF2-4F2D-80D5-BFAE64E1BA00}" = MITs Wizard 3.0 for Device

"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III

"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player

"{07F58BB0-50D4-4477-B491-A97B2AD059B6}" = TOSHIBA Hotkey Utility

"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist

"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 18

"{2792F12C-3515-4D69-8083-B557AF35F06F}" = LightScribe 1.4.89.1

"{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Diagnostic Tool

"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth

"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3

"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba

"{400830CA-F056-4BBE-80A3-9DF9CA4FB889}" = TOSHIBA Direct Disc Writer

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{55BDC5EB-A3CF-46D6-9F23-3144436AECAE}" = Podreczniki TOSHIBA

"{5AF71003-1797-4D93-9F37-4F2125CBF539}" = Microsoft .NET Framework 2.0 Language Pack - PLK

"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator

"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3

"{61B84435-7A82-4F5C-87EC-1071EC28D72D}" = TOSHIBA Utilities

"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = Program narzędziowy TOSHIBA Zooming Utility

"{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack

"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com

"{895722FE-25FE-4854-95AC-B0C42F9DBEDA}" = REALTEK RTL8187B Wireless LAN Driver

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8F7AC250-4D7D-431D-AC4E-94FB78EA3F8B}" = Program firmy TOSHIBA do oszczędzania energii

"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA

"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync

"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Wyciszacz napędu CD/DVD

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9

"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree

"{C02A6D5F-0FE1-46DE-B483-2BD33A226BCF}" = TOSHIBA TouchPad ON/Off Utility

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C5C649A8-1D21-4C83-9B08-7B3752E580F4}" = Safari

"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime

"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver

"{CB06F376-7A6C-4118-83FC-8047B7143128}_is1" = RGB MonoStudio 1.3

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner

"{F6C05B70-3972-11DE-AA67-005056806466}" = Google Earth Pro

"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10

"{FC906D5C-91F9-4DA4-A765-6DCBB669F317}" = Sony Ericsson PC Suite

"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Asystent Magazyn_is1" = Asystent Magazyn 2009 (v3.1.18)

"AVG8Uninstall" = AVG Free 8.5

"Batman - Sprawiedliwość ponad wszystko" = Batman - Sprawiedliwość ponad wszystko

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"Cool Edit Pro 2.1" = Cool Edit Pro 2.1

"Cool FLV To 3GP Converter_is1" = Cool FLV To 3GP Converter 1.0

"Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.6.1

"Flv Audio Video Extractor_is1" = Flv Audio Video Extractor 2.0

"Gadu-Gadu" = Gadu-Gadu 7.7

"GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker

"HDMI" = Intel® Graphics Media Accelerator Driver

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie8" = Windows Internet Explorer 8

"InstallShield_{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Narzędzie diagnostyczne

"InstallShield_{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls

"IrfanView" = IrfanView (remove only)

"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.7 (Full)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 2.0 Language Pack - PLK" = Microsoft .NET Framework 2.0 — pakiet języka polskiego

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox (2.0.0.20)" = Mozilla Firefox (2.0.0.20)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2

"NeroMultiInstaller!UninstallKey" = Nero Suite

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"Ram Cleaner" = Ram Cleaner 1.40 XP

"RealAlt_is1" = Real Alternative 1.8.4

"ScummVM_is1" = ScummVM 0.9.1

"SpeedFan" = SpeedFan (remove only)

"SubEdit-Player_is1" = SubEdit-Player

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"Testy B 2009_is1" = Testy B 2009

"TOSHIBA Software Modem" = TOSHIBA Software Modem

"TotalCopy_1.2_(Luki_Edition)_English" = TotalCopy 1.2 (Luki Edition)

"Update Service" = Update Service

"WAV MP3 Converter_is1" = WAV MP3 Converter 1.30

"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

"WIC" = Windows Imaging Component

"Winamp" = Winamp (remove only)

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"WinRAR archiver" = Archiwizator WinRAR

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 2009-11-21 12:04:41 | Computer Name = LAPTOP | Source = Application Hang | ID = 1002

Description = Aplikacja zawieszająca iexplore.exe, wersja 8.0.6001.18702, moduł

zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

 

Error - 2009-11-24 15:33:36 | Computer Name = LAPTOP | Source = Application Hang | ID = 1002

Description = Aplikacja zawieszająca iexplore.exe, wersja 8.0.6001.18702, moduł

zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

 

Error - 2009-11-25 16:06:51 | Computer Name = LAPTOP | Source = Google Update | ID = 20

Description =

 

Error - 2009-11-27 12:06:15 | Computer Name = LAPTOP | Source = Application Hang | ID = 1002

Description = Aplikacja zawieszająca iexplore.exe, wersja 8.0.6001.18702, moduł

zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

 

Error - 2009-11-28 07:51:35 | Computer Name = LAPTOP | Source = Application Hang | ID = 1002

Description = Aplikacja zawieszająca googleearth.exe, wersja 5.1.3533.1731, moduł

zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

 

Error - 2009-12-07 11:34:10 | Computer Name = LAPTOP | Source = Application Hang | ID = 1002

Description = Aplikacja zawieszająca iexplore.exe, wersja 8.0.6001.18702, moduł

zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

 

Error - 2009-12-15 15:33:35 | Computer Name = LAPTOP | Source = Application Hang | ID = 1002

Description = Aplikacja zawieszająca iexplore.exe, wersja 8.0.6001.18702, moduł

zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

 

Error - 2009-12-16 12:54:55 | Computer Name = LAPTOP | Source = Application Error | ID = 1000

Description = Aplikacja powodująca błąd iexplore.exe, wersja 8.0.6001.18702, moduł

powodujący błąd flash10c.ocx, wersja 10.0.32.18, adres błędu 0x0003cdea.

 

Error - 2009-12-20 14:52:06 | Computer Name = LAPTOP | Source = Google Update | ID = 20

Description =

 

Error - 2009-12-20 15:04:31 | Computer Name = LAPTOP | Source = Google Update | ID = 20

Description =

 

[ System Events ]

Error - 2010-03-14 14:01:55 | Computer Name = LAPTOP | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi

StiSvc z argumentami „” w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

 

Error - 2010-03-14 14:02:51 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7026

Description = Nie można załadować następujących sterowników startu rozruchowego

lub systemowego: AvgLdx86 AvgMfx86 Fips intelppm

 

Error - 2010-03-14 14:17:14 | Computer Name = LAPTOP | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi

EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}

 

Error - 2010-03-14 14:18:51 | Computer Name = LAPTOP | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi

EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}

 

Error - 2010-03-14 14:18:55 | Computer Name = LAPTOP | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi

StiSvc z argumentami „” w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

 

Error - 2010-03-14 14:19:39 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7026

Description = Nie można załadować następujących sterowników startu rozruchowego

lub systemowego: AvgLdx86 AvgMfx86 Fips intelppm

 

Error - 2010-03-14 14:24:46 | Computer Name = LAPTOP | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi

EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}

 

Error - 2010-03-14 14:32:08 | Computer Name = LAPTOP | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi

EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}

 

Error - 2010-03-14 14:32:19 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7026

Description = Nie można załadować następujących sterowników startu rozruchowego

lub systemowego: AvgLdx86 AvgMfx86 Fips intelppm

 

Error - 2010-03-14 14:32:23 | Computer Name = LAPTOP | Source = DCOM | ID = 10005

Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi

StiSvc z argumentami „” w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

 

 

< End of report >

 

 

 

Proszę o pomoc! ;)

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

tehawanka    0

tehawanka
Napisano

Do okna Custom Scans/Fixes wklej:

:OTL
O4 - HKLM..\Run: [igtkhong] C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\rmgvpi\raovsftav.exe ()
O4 - HKLM..\Run: [jgajnhjp] C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\nhhtof\rscnsftav.exe ()

:Files
C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\rmgvpi
C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\nhhtof

:Commands
[emptytemp]
[Reboot]

Kliknij Run Fix i zatwierdź restart.

Pokaż nowy log Run Scan.

Log umieść tutaj i podaj link.

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

tehawanka    0

tehawanka
Napisano

Do okna Custom Scans/Fixes wklej:

:OTL
FF - HKLM\software\mozilla\Firefox\Extensions\\{872A1C39-DF0B-4c8b-AD84-12BA24A3B781}: C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\FFToolbar [2009/08/29 19:35:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF [2009/08/29 19:35:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Program Files\Media Access Startup\1.5.6.910\FF [2009/08/29 19:35:20 | 000,000,000 | ---D | M]
IE - HKU\S-1-5-21-747641948-1361881765-4037221430-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-747641948-1361881765-4037221430-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-747641948-1361881765-4037221430-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
O2 - BHO: (Media Access Startup) - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.5.6.910\HPIEAddOn.dll ()
O2 - BHO: (System Search Dispatcher) - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.0.970\ssd.dll ()
O3 - HKLM\..\Toolbar: (GamingHarbor Toolbar) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\stb0.dll ()
O3 - HKU\S-1-5-21-747641948-1361881765-4037221430-1000\..\Toolbar\WebBrowser: (GamingHarbor Toolbar) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\stb0.dll ()
O4 - HKLM..\Run: [cfFncEnabler.exe]  File not found
O4 - HKLM..\Run: [jswtrayutil] C:\Program Files\Jumpstart\jswtrayutil.exe File not found
O4 - HKU\S-1-5-21-747641948-1361881765-4037221430-1000..\Run: [tasfmedw] C:\Users\Agusia\AppData\Local\sywbaa\ewulsftav.exe ()

:Files
C:\Users\Agusia\AppData\Local\sywbaa
C:\Program Files\DoubleD
C:\Program Files\System Search Dispatcher
C:\Program Files\Media Access Startup

:Commands
[emptytemp]
[Reboot]

Kliknij Run Fix i zatwierdź restart.

Pokaż nowy log Run Scan.

Dysk przeskanuj Malwarebytes' Anti-Malware

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

mtep    0

mtep
Napisano

zrobilem , no i niema go juz, log :http://wklej.org/id/304598/

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

tehawanka    0

tehawanka
Napisano

Do okna Custom Scans/Fixes wklej:

:OTL
FF - HKLM\software\mozilla\Firefox\Extensions\\{872A1C39-DF0B-4c8b-AD84-12BA24A3B781}: C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\FFToolbar
FF - HKLM\software\mozilla\Firefox\Extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF [2009/08/29 19:35:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Program Files\Media Access Startup\1.5.6.910\FF
IE - HKU\S-1-5-21-747641948-1361881765-4037221430-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-747641948-1361881765-4037221430-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-747641948-1361881765-4037221430-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
O2 - BHO: (NP Helper Class) - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.0.4550\NPIEAddOn.dll ()

:Files
C:\Program Files\DoubleD
C:\Program Files\System Search Dispatcher
C:\Program Files\Media Access Startup
C:\Program Files\Mozilla Firefox\searchplugins\sukoku119.xml
C:\Program Files\Internet Saving Optimizer

Kliknij Run Fix

Później kliknij CleanUp.

Wyłącz na chwilę przywracanie systemu (punkt 19) - Klik

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

tehawanka    0

tehawanka
Napisano

Do okna Custom Scans/Fixes wklej:

:OTL
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKU\S-1-5-21-2075531304-1055984380-193261873-1000..\Run: [ocmjhngs] C:\Users\hp\AppData\Local\afxiymxoy\jghqoqhedrt.exe ()
O33 - MountPoints2\{53e3eaca-1649-11df-a9ba-001e684818bb}\Shell - "" = AutoRun
O33 - MountPoints2\{53e3eaca-1649-11df-a9ba-001e684818bb}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
O33 - MountPoints2\{9f9f065d-1494-11df-bc6c-001e684818bb}\Shell\AutoRun\command - "" = F:\0fpdq2dw.exe -- File not found
O33 - MountPoints2\{9f9f065d-1494-11df-bc6c-001e684818bb}\Shell\open\Command - "" = F:\0fpdq2dw.exe -- File not found

:Files
C:\Users\hp\AppData\Local\afxiymxoy
C:\Users\hp\AppData\Local\Temp*.html

:Commands
[emptytemp]
[Reboot]

Kliknij Run Fix i zatwierdź restart.

Pokaż nowy log Run Scan.

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

Marcin77777    0

Marcin77777
Napisano

All processes killed

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.

Registry value HKEY_USERS\S-1-5-21-2075531304-1055984380-193261873-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ocmjhngs deleted successfully.

C:\Users\hp\AppData\Local\afxiymxoy\jghqoqhedrt.exe moved successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53e3eaca-1649-11df-a9ba-001e684818bb}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53e3eaca-1649-11df-a9ba-001e684818bb}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53e3eaca-1649-11df-a9ba-001e684818bb}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53e3eaca-1649-11df-a9ba-001e684818bb}\ not found.

File G:\setup.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9f9f065d-1494-11df-bc6c-001e684818bb}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9f9f065d-1494-11df-bc6c-001e684818bb}\ not found.

File F:\0fpdq2dw.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9f9f065d-1494-11df-bc6c-001e684818bb}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9f9f065d-1494-11df-bc6c-001e684818bb}\ not found.

File F:\0fpdq2dw.exe not found.

========== FILES ==========

C:\Users\hp\AppData\Local\afxiymxoy folder moved successfully.

C:\Users\hp\AppData\Local\TempaXc828.html moved successfully.

C:\Users\hp\AppData\Local\Tempdf4372.html moved successfully.

C:\Users\hp\AppData\Local\TempDP4372.html moved successfully.

C:\Users\hp\AppData\Local\TempgmI828.html moved successfully.

C:\Users\hp\AppData\Local\Templs4632.html moved successfully.

C:\Users\hp\AppData\Local\Tempnv2148.html moved successfully.

C:\Users\hp\AppData\Local\TempTK4632.html moved successfully.

C:\Users\hp\AppData\Local\TempYw2148.html moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: hp

->Temp folder emptied: 865343183 bytes

->Temporary Internet Files folder emptied: 55472739 bytes

->Java cache emptied: 2236731 bytes

->Google Chrome cache emptied: 229362109 bytes

->Flash cache emptied: 67693 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 1463808 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 39838396 bytes

RecycleBin emptied: 60708347 bytes

 

Total Files Cleaned = 1 196,00 mb

 

 

OTL by OldTimer - Version 3.1.37.3 log created on 03302010_140935

 

Files\Folders moved on Reboot...

 

Registry entries deleted on Reboot...

 

 

 

 

 

 

 

 

 

 

 

 

Dzięki za pomoc:)

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

tehawanka    0

tehawanka
Napisano

Uruchom OTL i kliknij CleanUp.

Wyłącz na chwilę przywracanie systemu (punkt 19) - Klik

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

tehawanka    0

tehawanka
Napisano

Do okna Custom Scans/Fixes wklej:

:OTL
O4 - HKCU..\Run: [bukavadw] C:\Users\Praktyka Lekarska\AppData\Local\yatpricnx\qjlvgqetssd.exe ()
O32 - AutoRun File - [2010-04-30 15:45:46 | 000,000,134 | ---- | M] () - G:\autorun.inf -- [ FAT ]

:Files
C:\Users\Praktyka Lekarska\AppData\Local\yatpricnx
C:\Users\Praktyka Lekarska\AppData\Local\Temp*.html

:Commands
[emptytemp]
[Reboot]

Kliknij Run Fix i zatwierdź restart.

Pokaż nowy log Run Scan.

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

tehawanka    0

tehawanka
Napisano

Log wygląda OK.

Uruchom OTL i kliknij CleanUp.

Wyłącz na chwilę przywracanie systemu (punkt 19) - Klik

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

Gibon2000    0

Gibon2000
Napisano

Bardzo dziękuję za pomoc

Wszytko wydaje sie być OK

jeszcze raz dzięki

:lol2: :lol2: :lol2:

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

tehawanka    0

tehawanka
Napisano

Do okna Custom Scans/Fixes wklej:

:OTL
DRV - [2010-03-30 23:40:03 | 000,000,000 | ---- | M] () [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\lrqwiy.sys -- (lrqwiy)
O2 - BHO: (no name) - {AF4A780E-5663-4A37-B6B4-2D7BC2263492} - C:\WINDOWS\System32\sstqn.dll File not found
O4 - HKU\S-1-5-21-436374069-1482476501-839522115-1003..\Run: [hpbkmpgo] C:\Documents and Settings\F2oka\Ustawienia lokalne\Dane aplikacji\katnxtogd\hjdenrstssd.exe ()
O20 - Winlogon\Notify\nnnnopo: DllName - nnnnopo.dll -  File not found
O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\sstqn.dll) - C:\WINDOWS\System32\sstqn.dll File not found

:Files
C:\Documents and Settings\F2oka\Ustawienia lokalne\Dane aplikacji\katnxtogd

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

:Commands
[emptytemp]
[Reboot]

Kliknij Run Fix i zatwierdź restart.

Pokaż nowy log Run Scan.

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach
Przejdź do listy tematów

  • Ostatnio przeglądający   0 użytkowników

    Brak zarejestrowanych użytkowników przeglądających tę stronę.

×
×
  • Dodaj nową pozycję...