Ograniczony transfer, zrywanie połączenia, mulący internet

**Posty:** 99 · przez **The Game** 12 Maj 2010, 00:29

Problemy jw. Dodaje tylko logi z OTL i Hijacka bo Gmer nie chciał działać na win 7 x64.

Kod: Zaznacz wszystko: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 00:16:22, on 2010-05-12 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files (x86)\hicjack\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVP] "E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O8 - Extra context menu item: Dodaj do blokowanych banerów - E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O20 - AppInit_DLLs: E:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,E:\PROGRA~1\KASPER~1\KASPER~1\sbhook.dll O23 - Service: Eset Trial Reset (.EsetTrialReset) - Unknown owner - C:\Windows\reset.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Dragon Age: Początek - Aktualizator zawartości (DAUpdaterSvc) - BioWare - E:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7722 bytes

Dodano 11.05.2010 23:35:58:

Kod: Zaznacz wszystko: OTL logfile created on: 2010-05-12 00:11:44 - Run 1 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Lukas\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 72,00% Memory free 8,00 Gb Paging File | 7,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 46,58 Gb Total Space | 14,88 Gb Free Space | 31,95% Space Free | Partition Type: NTFS Drive D: | 103,75 Gb Total Space | 17,56 Gb Free Space | 16,93% Space Free | Partition Type: NTFS Drive E: | 149,41 Gb Total Space | 28,04 Gb Free Space | 18,76% Space Free | Partition Type: NTFS Drive F: | 166,02 Gb Total Space | 42,45 Gb Free Space | 25,57% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LUKAS-KOMPUTER Current User Name: Lukas Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-05-12 00:11:04 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Lukas\Desktop\OTL.exe PRC - [2010-05-11 12:25:22 | 000,215,104 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe PRC - [2010-04-28 13:45:50 | 000,835,952 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe PRC - [2010-04-03 16:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010-03-04 01:49:22 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2009-09-23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2009-07-30 17:51:02 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-05-12 00:11:04 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Lukas\Desktop\OTL.exe MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2009-07-14 03:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc) SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc) SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService) SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power) SRV:[b]64bit:[/b] - [2009-07-14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes) SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify) SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc) SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc) SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc) SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc) SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider) SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper) SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener) SRV:[b]64bit:[/b] - [2009-07-14 03:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache) SRV:[b]64bit:[/b] - [2009-07-14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp) SRV:[b]64bit:[/b] - [2009-07-14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc) SRV:[b]64bit:[/b] - [2009-07-14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService) SRV:[b]64bit:[/b] - [2009-07-14 03:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv) SRV:[b]64bit:[/b] - [2009-07-14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC) SRV:[b]64bit:[/b] - [2009-07-14 03:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc) SRV:[b]64bit:[/b] - [2009-07-14 03:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine) SRV:[b]64bit:[/b] - [2009-07-14 03:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc) SRV:[b]64bit:[/b] - [2009-07-14 03:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax) SRV - [2010-05-11 12:25:22 | 000,215,104 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB) SRV - [2010-04-03 16:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-03-04 01:49:22 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2009-10-20 20:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP) SRV - [2009-09-23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009-09-17 11:33:26 | 000,651,776 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009-09-03 19:51:00 | 003,347,280 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc) SRV - [2009-07-30 17:51:02 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service) SRV - [2009-07-26 07:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- E:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc) SRV - [2009-07-16 18:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009-07-14 05:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS) SRV - [2009-07-14 05:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC) SRV - [2009-07-14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider) SRV - [2009-07-14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp) SRV - [2009-07-13 22:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds) SRV - [2009-06-10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64) SRV - [2009-03-20 15:56:57 | 000,357,182 | ---- | M] () [Auto | Stopped] -- C:\Windows\reset.exe -- (.EsetTrialReset) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2010-03-19 21:46:17 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:[b]64bit:[/b] - [2010-03-19 21:46:16 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:[b]64bit:[/b] - [2010-03-06 17:45:23 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:[b]64bit:[/b] - [2009-12-11 12:29:27 | 000,153,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg) DRV:[b]64bit:[/b] - [2009-10-14 21:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG) DRV:[b]64bit:[/b] - [2009-10-06 12:54:18 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt) DRV:[b]64bit:[/b] - [2009-10-06 12:53:56 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64) DRV:[b]64bit:[/b] - [2009-10-06 12:53:56 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:[b]64bit:[/b] - [2009-10-06 12:53:54 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64) DRV:[b]64bit:[/b] - [2009-10-02 19:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:[b]64bit:[/b] - [2009-09-26 08:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol) DRV:[b]64bit:[/b] - [2009-09-14 14:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:[b]64bit:[/b] - [2009-09-01 15:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy) DRV:[b]64bit:[/b] - [2009-07-14 03:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 03:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 03:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost) DRV:[b]64bit:[/b] - [2009-07-14 03:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw) DRV:[b]64bit:[/b] - [2009-07-14 03:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG) DRV:[b]64bit:[/b] - [2009-07-14 02:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus) DRV:[b]64bit:[/b] - [2009-07-14 02:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP) DRV:[b]64bit:[/b] - [2009-07-14 02:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV:[b]64bit:[/b] - [2009-07-14 02:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf) DRV:[b]64bit:[/b] - [2009-07-14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap) DRV:[b]64bit:[/b] - [2009-07-14 02:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt) DRV:[b]64bit:[/b] - [2009-07-14 02:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus) DRV:[b]64bit:[/b] - [2009-07-14 02:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci) DRV:[b]64bit:[/b] - [2009-07-14 02:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService) DRV:[b]64bit:[/b] - [2009-07-14 02:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass) DRV:[b]64bit:[/b] - [2009-07-14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:[b]64bit:[/b] - [2009-07-14 02:06:28 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winusb.sys -- (WinUsb) DRV:[b]64bit:[/b] - [2009-07-14 02:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf) DRV:[b]64bit:[/b] - [2009-07-14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf) DRV:[b]64bit:[/b] - [2009-07-14 02:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig) DRV:[b]64bit:[/b] - [2009-07-14 02:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus) DRV:[b]64bit:[/b] - [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep) DRV:[b]64bit:[/b] - [2009-07-14 01:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID) DRV:[b]64bit:[/b] - [2009-07-14 01:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter) DRV:[b]64bit:[/b] - [2009-07-14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap) DRV:[b]64bit:[/b] - [2009-07-14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID) DRV:[b]64bit:[/b] - [2009-07-14 01:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache) DRV:[b]64bit:[/b] - [2009-07-14 01:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt) DRV:[b]64bit:[/b] - [2009-07-14 01:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt) DRV:[b]64bit:[/b] - [2009-07-14 01:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi) DRV:[b]64bit:[/b] - [2009-07-14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC) DRV:[b]64bit:[/b] - [2009-07-14 01:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM) DRV:[b]64bit:[/b] - [2009-06-10 22:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-04-29 17:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV:[b]64bit:[/b] - [2009-03-01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2008-08-28 13:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:[b]64bit:[/b] - [2007-05-01 16:05:32 | 000,171,144 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiHFF04.sys -- (SaiHFF04) DRV:[b]64bit:[/b] - [2007-05-01 16:05:32 | 000,020,608 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiIFF04.sys -- (SaiIFF04) Immersion's HID USB Driver (FF04) DRV - [2010-05-12 00:03:26 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2009-09-19 10:49:05 | 000,000,000 | ---D | M] [Kernel | System | Running] -- C:\Windows\CSC -- (CSC) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\winusb.dll -- (WinUsb) DRV - [2009-07-14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS) DRV - [2009-06-10 23:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv) DRV - [2009-06-10 23:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip) DRV - [2007-02-07 20:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan) DRV - [2004-12-30 23:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-425703845-1820755913-1311727684-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search" FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=" FF - prefs.js..browser.search.order.1: "Fast Browser Search" FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search" FF - prefs.js..browser.startup.homepage: "www.wp.pl" FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.1.1.389 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.2.1 FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2009-12-17 17:23:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010-03-06 17:14:51 | 000,000,000 | ---D | M] [2009-11-02 17:17:56 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\mozilla\Extensions [2009-12-27 22:01:09 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\mozilla\Firefox\Profiles\c7o0qa3s.default\extensions [2009-12-27 22:01:08 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Lukas\AppData\Roaming\mozilla\Firefox\Profiles\c7o0qa3s.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\ievkbd.dll (Kaspersky Lab) O2:[b]64bit:[/b] - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AVP] E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-425703845-1820755913-1311727684-1001..\Run: [] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-425703845-1820755913-1311727684-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:[b]64bit:[/b] - Extra context menu item: E&ksport do programu Microsoft Excel - E:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: E&ksport do programu Microsoft Excel - E:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9:[b]64bit:[/b] - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab) O9:[b]64bit:[/b] - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.8.168.244 157.25.5.18 O18:[b]64bit:[/b] - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - AppInit_DLLs: (E:\PROGRA~1\KASPER~1\KASPER~1\x64\sbhook64.dll) - E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\sbhook64.dll (Kaspersky Lab) O20 - AppInit_DLLs: (E:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (E:\PROGRA~1\KASPER~1\KASPER~1\sbhook.dll) - E:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\sbhook.dll (Kaspersky Lab) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-05-12 00:11:02 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\Lukas\Desktop\OTL.exe [2010-05-12 00:01:50 | 001,056,240 | ---- | C] (Duplex Secure Ltd.) -- C:\Users\Lukas\Desktop\SPTDinst-v169-x64.exe [2010-05-11 23:44:26 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\Malwarebytes [2010-05-11 23:44:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010-05-11 23:44:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010-05-11 23:44:19 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010-05-11 23:44:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010-05-11 23:35:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\hicjack [2010-05-06 21:02:17 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2010-05-06 20:54:04 | 004,503,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2010-05-06 20:54:04 | 000,064,616 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2010-05-06 20:54:04 | 000,056,424 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2010-05-06 20:54:04 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd [2010-05-06 20:54:02 | 021,005,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2010-05-06 20:54:02 | 015,227,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2010-05-06 20:54:02 | 003,215,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvencodemft.dll [2010-05-06 20:54:02 | 002,907,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvencodemft.dll [2010-05-06 20:54:02 | 000,384,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll [2010-05-06 20:54:02 | 000,316,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll [2010-05-06 20:54:01 | 011,906,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2010-05-06 20:54:01 | 009,386,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2010-05-06 20:54:01 | 002,893,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2010-05-06 20:54:01 | 002,646,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2010-05-06 20:54:01 | 002,106,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2010-05-06 20:54:01 | 002,009,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2010-05-06 20:53:59 | 016,061,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2010-05-06 20:53:59 | 011,647,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2010-05-06 20:53:59 | 005,444,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2010-05-06 20:53:59 | 004,029,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2010-05-06 20:53:59 | 001,296,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2010-05-06 20:53:59 | 000,254,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod1914.dll [2010-05-06 20:53:59 | 000,254,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod.dll [2010-05-06 20:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2010-05-06 19:50:01 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2010-05-06 19:50:01 | 000,153,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksecpkg.sys [2010-05-06 19:49:59 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2010-05-06 19:49:59 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll [2010-05-06 19:49:59 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2010-05-06 19:49:59 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll [2010-05-06 19:49:59 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll [2010-05-06 19:49:59 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll [2010-05-06 19:49:57 | 000,223,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fvevol.sys [2010-05-06 19:49:47 | 005,509,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2010-05-06 19:49:47 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2010-05-06 19:49:47 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-05-12 00:11:04 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Lukas\Desktop\OTL.exe [2010-05-12 00:10:40 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010-05-12 00:10:40 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010-05-12 00:08:38 | 003,145,728 | -HS- | M] () -- C:\Users\Lukas\NTUSER.DAT [2010-05-12 00:07:45 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010-05-12 00:07:45 | 000,687,590 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2010-05-12 00:07:45 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010-05-12 00:07:45 | 000,131,176 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2010-05-12 00:07:45 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010-05-12 00:06:22 | 000,293,376 | ---- | M] () -- C:\Users\Lukas\Desktop\slj56sgb.exe [2010-05-12 00:03:26 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys [2010-05-12 00:03:23 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-05-12 00:03:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-05-12 00:03:14 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys [2010-05-12 00:02:26 | 003,039,629 | -H-- | M] () -- C:\Users\Lukas\AppData\Local\IconCache.db [2010-05-12 00:01:52 | 001,056,240 | ---- | M] (Duplex Secure Ltd.) -- C:\Users\Lukas\Desktop\SPTDinst-v169-x64.exe [2010-05-11 23:44:23 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010-05-11 23:35:20 | 000,002,991 | ---- | M] () -- C:\Users\Lukas\Desktop\HiJackThis.lnk [2010-05-11 19:59:16 | 000,000,128 | ---- | M] () -- C:\Users\Lukas\AppData\Roaming\default.rss [2010-05-11 19:59:11 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2010-05-11 19:19:08 | 000,417,479 | ---- | M] () -- C:\Users\Lukas\Desktop\238c7074ab.jpeg [2010-05-11 12:25:22 | 000,215,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2010-05-11 12:25:22 | 000,215,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010-05-11 11:26:09 | 000,005,120 | ---- | M] () -- C:\Users\Lukas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-05-06 19:51:13 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2010-05-06 19:48:17 | 000,149,773 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat [2010-05-06 19:48:17 | 000,106,765 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat [2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010-04-29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010-04-12 17:29:27 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010-04-12 17:29:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010-04-12 17:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-05-12 00:06:22 | 000,293,376 | ---- | C] () -- C:\Users\Lukas\Desktop\slj56sgb.exe [2010-05-11 23:44:23 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010-05-11 23:35:20 | 000,002,991 | ---- | C] () -- C:\Users\Lukas\Desktop\HiJackThis.lnk [2010-05-11 19:19:08 | 000,417,479 | ---- | C] () -- C:\Users\Lukas\Desktop\238c7074ab.jpeg [2010-05-06 22:08:42 | 000,000,228 | ---- | C] () -- C:\Users\Lukas\Desktop\Pro Evolution Soccer 2010.lnk [2010-05-06 22:08:30 | 000,000,602 | ---- | C] () -- C:\Users\Lukas\Desktop\Tropico 3.lnk [2010-05-06 22:06:58 | 000,000,206 | ---- | C] () -- C:\Users\Lukas\Desktop\DiRT2.lnk [2010-05-06 22:03:39 | 000,000,196 | ---- | C] () -- C:\Users\Lukas\Desktop\Anno 1404.lnk [2010-05-06 20:54:04 | 000,009,832 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2010-02-15 12:11:15 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini [2009-12-18 20:26:43 | 000,000,023 | ---- | C] () -- C:\Windows\sign.ini [2009-11-06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2009-10-28 21:50:00 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2009-09-29 20:55:23 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2009-09-26 18:11:57 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini [2009-09-21 00:39:17 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2009-09-21 00:39:17 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2009-09-21 00:25:00 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI [color=#E56717]========== LOP Check ==========[/color] [2010-05-11 11:26:12 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\BESTplayer [2009-09-21 10:36:24 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\DAEMON Tools Lite [2009-09-20 00:05:45 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\DAEMON Tools Pro [2009-09-19 12:09:28 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\ESET [2009-11-02 18:14:37 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\GanymedeNet [2009-12-14 18:34:21 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\GARMIN [2009-09-27 10:34:42 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Leadertech [2009-12-17 17:28:07 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Nokia [2009-12-17 17:27:44 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Nokia Ovi Suite [2009-09-19 23:47:58 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Nowe Gadu-Gadu [2009-09-19 11:08:19 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Opera [2009-12-17 17:27:45 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\PC Suite [2009-12-23 17:37:03 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Tropico 3 [2010-03-19 21:49:40 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Ubisoft [2010-05-11 10:41:44 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\uTorrent [2010-03-06 19:17:49 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >

**Posty:** 18165 · przez **wojtas** 12 Maj 2010, 10:28

Uruchom OTL i w oknie Custom Scans/Fixes wklej :

:OTL
FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search"
O4 - HKU\S-1-5-21-425703845-1820755913-1311727684-1001..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found

:Commands
[emptytemp]
[resethosts]
[emptyflash]
[clearallrestorepoints]

Kliknij w Run Fix. I potwierdź reset kompa .

zrób skan Malwarebytes Anti-Malware (zaktualizuj, usuń co znajdzie ) i pokaż drugi LOG Z OTL extras.txt. zaznacz jak na rysunku w przyklejonym to Ci wyskoczą 2 logi

**Posty:** 99 · przez **The Game** 12 Maj 2010, 12:04

Skana Malwarebytes robilem wczoraj znalazlo 5 pliczkow. Loga extras tez chciałem wczoraj wkleić ale wyskakiwał mi limit znaków w poście i jeszcze net tak chodził, że straciłem cierpliwość więc daję świeży.

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2010-05-12 11:56:07 - Run 4 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Lukas\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 69,00% Memory free 8,00 Gb Paging File | 7,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 46,58 Gb Total Space | 16,75 Gb Free Space | 35,96% Space Free | Partition Type: NTFS Drive D: | 103,75 Gb Total Space | 17,56 Gb Free Space | 16,93% Space Free | Partition Type: NTFS Drive E: | 149,41 Gb Total Space | 28,04 Gb Free Space | 18,76% Space Free | Partition Type: NTFS Drive F: | 166,02 Gb Total Space | 42,53 Gb Free Space | 25,62% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LUKAS-KOMPUTER Current User Name: Lukas Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "E:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "E:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "E:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "E:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "UACDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 "" = [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "E:\Call.of.Duty.Modern.Warfare.2.PROPER-FULLRIP\Call.of.Duty.Modern.Warfare.2.PROPER-FULLRIP\Setup.exe" = E:\Call.of.Duty.Modern.Warfare.2.PROPER-FULLRIP\Call.of.Duty.Modern.Warfare.2.PROPER-FULLRIP\Setup.exe:*:Enabled:@xpsp2res.dll,-22019 -- File not found "C:\Windows\SysWOW64\svdhost.exe" = C:\Windows\SysWOW64\svdhost.exe:*:Enabled:@xpsp2res.dll,-22019 -- File not found "E:\Call.of.Duty.Modern.Warfare.2.PROPER-FULLRIP\Call.of.Duty.Modern.Warfare.2.PROPER-FULLRIP\Setup.exe" = E:\Call.of.Duty.Modern.Warfare.2.PROPER-FULLRIP\Call.of.Duty.Modern.Warfare.2.PROPER-FULLRIP\Setup.exe:*:Enabled:@xpsp2res.dll,-22019 -- File not found "C:\Windows\SysWOW64\svdhost.exe" = C:\Windows\SysWOW64\svdhost.exe:*:Enabled:@xpsp2res.dll,-22019 -- File not found [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2 "{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64 "{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64 "FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "WinRAR archiver" = Archiwizator WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable "{0297078F-D4C8-4774-B7A3-6BBF2C164C76}_is1" = Dirt 2 Spolszczenie by O22y "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51 "{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch "{09CF6AF5-9206-4FD7-9B08-BA6819FB47E3}" = Anno 1404 "{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10 "{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch "{1597D0AE-34A7-4A8B-A395-2E30EB745470}" = Nokia Connectivity Cable Driver "{1A0D2EFC-C4FC-446A-8BC3-57A54CE5EADD}" = Opera 10.53 "{2085F05D-24C5-4E27-B7B4-A51DE890FFC9}" = Opera 10.00 "{21221b34-fff3-4065-8d55-68a6e8615de4}" = "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 20 "{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010 "{298d675c-fbe6-4342-8547-fc84786ae618}" = Nero MediaHome 4 "{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed "{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode "{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent "{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2 "{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404 "{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B296228-DF7C-43EA-8DED-76027355B219}" = Opera 10.01 "{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2 "{564B16F4-6B5B-47B0-9AB6-FF2E943947F7}" = Nokia Ovi Suite Software Updater "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress "{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner "{690BE098-6D0D-493D-B079-BD7E8F81A141}" = Opera 10.10 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{702563CE-516C-40CF-B69C-A4E2A8FC8F14}" = OviMPlatform "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{741c441e-f806-4d60-84f6-3a6758ddf350}" = SecurDisc Viewer "{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights "{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B9.0904.1 "{82E16F2D-804A-4990-BEEF-C9DB44AE844B}" = Nokia Ovi Suite "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "{8c72ebb4-aef6-431a-8f78-d52cb061af0e}" = Nero LiquidTV "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "{9D6B740F-D9A2-45A6-BDC4-0A453D499FE6}" = PC Connectivity Solution "{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010 "{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap "{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE "{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{a6c42e83-a607-4770-a748-7bf6433ae799}" = Nero Move it "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{ac369eb2-95bc-4899-ace9-f24f47fe61fa}" = Nero BackItUp 4 "{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3 "{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Początek "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{AF595D08-64AC-428B-8FB8-EEC70CCB8803}" = Ovi Desktop Sync Engine "{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B3D87264-EAC9-4DE8-8D0E-E758CA1413A0}_is1" = Disciples III "{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax "{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software "{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM "{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime "{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX "{e2ab6e2a-e504-4173-989d-687d0b02402e}" = Nero 9 "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget "{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "3GP Video Converter 3" = 3GP Video Converter 3 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2 "CCleaner" = CCleaner "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02 "FIFA MANAGER 10" = FIFA MANAGER 10 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "Heroes III The Shadow of Death" = Heroes of Might and Magic® III The Shadow of Death(TM) "InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch "InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch "InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch "InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Nokia Ovi Suite" = Nokia Ovi Suite "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "PunkBusterSvc" = PunkBuster Services "RealAlt_is1" = Real Alternative 2.0.0 "SopCast" = SopCast 3.2.4 "SpeedFan" = SpeedFan (remove only) "Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer "Steam App 18800" = Zero Gear Demo "Tropico3" = Tropico 3 1.00 "Uninstall_is1" = Uninstall 1.0.0.1 "uTorrent" = µTorrent [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-05-10 04:39:00 | Computer Name = Lukas-Komputer | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „E:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest. Error - 2010-05-10 16:49:23 | Computer Name = Lukas-Komputer | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „E:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest. Error - 2010-05-10 16:49:25 | Computer Name = Lukas-Komputer | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „E:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest. Error - 2010-05-10 16:49:25 | Computer Name = Lukas-Komputer | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „E:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest. Error - 2010-05-11 08:07:46 | Computer Name = Lukas-Komputer | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „E:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest. Error - 2010-05-11 08:07:56 | Computer Name = Lukas-Komputer | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „e:\program files (x86)\Nero\Nero 9\nero photosnap\photosnap.exe.Manifest”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest. Error - 2010-05-11 08:07:56 | Computer Name = Lukas-Komputer | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „e:\program files (x86)\Nero\Nero 9\nero photosnap\PhotoSnapViewer.exe.Manifest”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest. Error - 2010-05-11 16:30:02 | Computer Name = Lukas-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: wmplayer.exe, wersja: 12.0.7600.16415, sygnatura czasowa: 0x4a98ae4b Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bdb3b Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00032551 Identyfikator procesu powodującego błąd: 0xfc8 Godzina uruchomienia aplikacji powodującej błąd: 0x01caf14504657370 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Windows Media Player\wmplayer.exe Ścieżka modułu powodującego błąd: C:\Windows\SysWOW64\ntdll.dll Identyfikator raportu: f9a1e5fc-5d3b-11df-acdf-001fd0891b8e Error - 2010-05-11 17:34:38 | Computer Name = Lukas-Komputer | Source = System Restore | ID = 8193 Description = Error - 2010-05-12 05:43:13 | Computer Name = Lukas-Komputer | Source = Application Hang | ID = 1002 Description = Program OTL.exe w wersji 3.2.4.1 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: c04 Godzina rozpoczęcia: 01caf1b73af40f64 Godzina zakończenia: 6 Ścieżka aplikacji: C:\Users\Lukas\Desktop\OTL.exe Identyfikator raportu: [ Media Center Events ] Error - 2010-01-13 13:48:14 | Computer Name = Lukas-Komputer | Source = MCUpdate | ID = 0 Description = 18:48:14 - Błąd podczas nawiązywania połączenia z Internetem. 18:48:14 - Nie można skontaktować się z serwerem.. Error - 2010-01-13 13:48:25 | Computer Name = Lukas-Komputer | Source = MCUpdate | ID = 0 Description = 18:48:19 - Błąd podczas nawiązywania połączenia z Internetem. 18:48:19 - Nie można skontaktować się z serwerem.. [ System Events ] Error - 2010-04-06 05:54:46 | Computer Name = Lukas-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.100. Komputer o adresie IP 192.168.1.101 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2010-04-06 05:59:56 | Computer Name = Lukas-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.100. Komputer o adresie IP 192.168.1.101 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2010-04-06 06:05:06 | Computer Name = Lukas-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.100. Komputer o adresie IP 192.168.1.101 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2010-04-06 06:10:17 | Computer Name = Lukas-Komputer | Source = BROWSER | ID = 8009 Description = Error - 2010-04-06 06:10:16 | Computer Name = Lukas-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.100. Komputer o adresie IP 192.168.1.101 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2010-04-06 06:15:27 | Computer Name = Lukas-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.100. Komputer o adresie IP 192.168.1.101 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2010-04-06 06:19:10 | Computer Name = Lukas-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.100. Komputer o adresie IP 192.168.1.101 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2010-04-06 06:24:21 | Computer Name = Lukas-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.100. Komputer o adresie IP 192.168.1.101 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2010-04-06 06:29:31 | Computer Name = Lukas-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.100. Komputer o adresie IP 192.168.1.101 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2010-04-06 06:34:41 | Computer Name = Lukas-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.100. Komputer o adresie IP 192.168.1.101 nie zezwolił na przejęcie tej nazwy przez ten komputer. < End of report >

**Posty:** 18165 · przez **wojtas** 12 Maj 2010, 15:58

wklej do notatnika

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Windows\SysWOW64\svdhost.exe"=-

w notatniku u góry>>>plik zapisz jako>>>Zmien rozszerzenie z TXT na Wszystkie pliki *.* >>> Zapisz pod nazwą FIX.REG

Klikasz dwa razy na powstały plik fix i dodajesz go do rejestru....

Zaktualizuj zabezpieczenia:
>>> Adobe Reader 9.3 (bez Free McAfee® Security Scan Plus)

nic więcej nie ma

Autor postu otrzymał pochwałę