Wykryto wyłączony javascript

Aktualnie masz wyłączony javascript. Kilka funkcji może nie działać. Włącz ponownie javascript, aby korzystać z pełnej funkcjonalności.

Logi - Pogorszenie sie działania komputera

Rozpoczęty przez Moler12 , 08 08 2012 18:22

Temat jest zamknięty

3 odpowiedzi w tym temacie

#1 Moler12

Początkujący

17 postów

Napisano 08 08 2012 - 18:22

Witam, prosiłbym o sprawdzenie tych logów. Mimo zrobionego formata to komputer i tak nie chodzi jak dawniej :/

[[color=#282828][font=helvetica, arial, sans-serif]codebox][/font][/color]
OTL logfile created on: 2012-08-08 18:09:11 - Run 1
OTL by OldTimer - Version 3.2.56.0	 Folder = C:\Documents and Settings\kret\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,25 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 62,13% Memory free
5,09 Gb Paging File | 3,64 Gb Available in Paging File | 71,55% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 77,64 Gb Total Space | 37,46 Gb Free Space | 48,24% Space Free | Partition Type: NTFS
Drive D: | 155,24 Gb Total Space | 7,38 Gb Free Space | 4,75% Space Free | Partition Type: NTFS
Drive J: | 2,72 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MOLER | User Name: kret | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-08-08 18:08:49 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kret\Moje dokumenty\Downloads\OTL.exe
PRC - [2012-08-04 11:44:59 | 001,353,080 | ---- | M] (Valve Corporation) -- D:\Steam\steam.exe
PRC - [2012-07-31 07:36:16 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2012-07-05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files\Browsers Protector\regmon32.exe
PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2010-05-05 16:56:06 | 000,251,392 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razerhid.exe
PRC - [2010-04-27 14:41:26 | 000,218,112 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razertra.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-12-19 11:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\DeathAdder\razerofa.exe
PRC - [2004-08-11 06:44:32 | 001,228,800 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINDOWS\mixer.exe
PRC - [2001-12-05 16:47:32 | 000,147,456 | ---- | M] () -- C:\Program Files\PCI Audio Applications\Bin\EchoCtrl.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-08-03 11:44:17 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
MOD - [2012-08-01 21:15:12 | 020,316,496 | ---- | M] () -- D:\Steam\bin\libcef.dll
MOD - [2012-08-01 21:14:43 | 000,900,944 | ---- | M] () -- D:\Steam\bin\chromehtml.dll
MOD - [2012-08-01 21:14:41 | 000,190,776 | ---- | M] () -- D:\Steam\bin\avformat-53.dll
MOD - [2012-08-01 21:14:41 | 000,123,192 | ---- | M] () -- D:\Steam\bin\avutil-51.dll
MOD - [2012-08-01 21:14:40 | 001,099,576 | ---- | M] () -- D:\Steam\bin\avcodec-53.dll
MOD - [2012-07-31 07:36:14 | 000,442,392 | ---- | M] () -- C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.60\ppgooglenaclpluginchrome.dll
MOD - [2012-07-31 07:36:13 | 012,235,288 | ---- | M] () -- C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
MOD - [2012-07-31 07:36:12 | 003,997,720 | ---- | M] () -- C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.60\pdf.dll
MOD - [2012-07-31 07:34:45 | 000,144,424 | ---- | M] () -- C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.60\avutil-51.dll
MOD - [2012-07-31 07:34:43 | 000,266,792 | ---- | M] () -- C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.60\avformat-54.dll
MOD - [2012-07-31 07:34:42 | 002,480,680 | ---- | M] () -- C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.60\avcodec-54.dll
MOD - [2012-07-02 11:52:54 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\SwiftShader\1.0.0.3\libEGL.dll
MOD - [2012-07-02 11:52:53 | 004,051,456 | ---- | M] () -- C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\SwiftShader\1.0.0.3\libGLESv2.dll
MOD - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files\Browsers Protector\regmon32.exe
MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll
MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll
MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll
MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll
MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll
MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll
MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll
MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll
MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll
MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll
MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll
MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll
MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll
MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll
MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll
MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll
MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll
MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll
MOD - [2010-05-05 16:56:06 | 000,251,392 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razerhid.exe
MOD - [2010-04-27 14:41:26 | 000,218,112 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razertra.exe
MOD - [2010-01-06 23:27:48 | 000,473,704 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
MOD - [2008-04-14 22:50:38 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2001-12-05 16:47:32 | 000,147,456 | ---- | M] () -- C:\Program Files\PCI Audio Applications\Bin\EchoCtrl.exe


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-08-03 11:44:18 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-07-05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2007-09-05 21:25:04 | 000,204,800 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-05-15 10:09:22 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-08-09 14:24:52 | 000,154,136 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2011-08-04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2009-12-21 21:50:16 | 000,005,760 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vHidDev.sys -- (vHidDev)
DRV - [2009-04-21 17:58:42 | 000,011,136 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\danew.sys -- (danewFltr)
DRV - [2008-04-14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007-09-05 21:25:30 | 001,246,456 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2004-08-11 06:44:32 | 000,370,382 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1334663440_383620
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/idg/idg_1334663440_383620
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-17 12:58:21 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: StartSearch Video plug-in (Enabled) = C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bildoibdboopgomcbiplincneeicgipj\1.3_0\chvsharetvplg.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: StartSearch Video plug-in = C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bildoibdboopgomcbiplincneeicgipj\1.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (extrafind) - {2b2d314f-5329-4489-5424-4a7a8150082b} - C:\WINDOWS\system32\56317d7d.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Browsers Protector] C:\Program Files\Browsers Protector\regmon32.exe ()
O4 - HKLM..\Run: [C-Media Echo Control] C:\Program Files\PCI Audio Applications\Bin\EchoCtrl.exe ()
O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [IDTSysTrayApp] C:\WINDOWS\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /installquiet File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKCU..\Run: [Steam] D:\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A65B57AD-B96A-4B4F-B210-074089E4F821}: DhcpNameServer = 8.8.8.8 8.8.4.4
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - about:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-04-17 11:50:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008-01-10 09:51:09 | 000,302,430 | R--- | M] () - J:\autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2008-01-10 09:52:41 | 000,000,122 | R--- | M] () - J:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{4be73b5a-9e65-11e1-a2e5-00123fc3c414}\Shell - "" = AutoRun
O33 - MountPoints2\{4be73b5a-9e65-11e1-a2e5-00123fc3c414}\Shell\AutoRun\command - "" = J:\setup_homm5.exe -- [2008-01-11 04:33:48 | 000,451,731 | R--- | M] (Ubisoft													 )
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-08-08 14:47:16 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2012-08-08 14:47:12 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2012-08-08 14:47:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2012-08-08 14:47:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2012-08-08 14:47:10 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2012-08-08 14:47:07 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2012-08-08 14:47:04 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2012-08-08 14:47:00 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2012-08-08 14:46:58 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2012-08-08 14:46:50 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2012-08-08 14:46:50 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2012-08-08 14:46:50 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2012-08-08 14:46:50 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2012-08-08 14:46:49 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2012-08-08 14:46:49 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2012-08-08 14:46:49 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2012-08-08 14:46:49 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2012-08-08 14:46:49 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2012-08-08 14:46:49 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2012-08-07 19:59:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\UltraISO
[2012-08-07 19:59:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EZB Systems
[2012-08-07 19:58:58 | 000,000,000 | ---D | C] -- C:\Program Files\UltraISO
[2012-08-07 19:58:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kret\Moje dokumenty\My ISO Files
[2012-08-07 12:03:39 | 000,000,000 | ---D | C] -- C:\League of Legend
[2012-07-14 21:06:09 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012-07-14 21:05:57 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012-07-14 21:05:34 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012-07-14 21:05:34 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012-07-13 17:00:06 | 000,000,000 | ---D | C] -- C:\Potwierdzenie
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-08-08 17:47:00 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-515967899-725345543-1003UA.job
[2012-08-08 17:42:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-08-08 14:48:50 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2012-08-08 10:35:02 | 000,355,486 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-08-08 10:35:02 | 000,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-08-08 10:35:02 | 000,049,492 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-08-08 10:35:02 | 000,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-08-08 10:31:50 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2012-08-08 10:31:02 | 000,271,581 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2012-08-08 10:30:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-08-07 21:47:24 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-515967899-725345543-1003Core.job
[2012-08-07 21:39:32 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\kret\Pulpit\Skrót do lol.launcher.admin.lnk
[2012-08-07 19:59:08 | 000,000,715 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\UltraISO.lnk
[2012-08-05 11:52:57 | 000,002,328 | ---- | M] () -- C:\Documents and Settings\kret\Pulpit\Google Chrome.lnk
[2012-08-03 11:44:17 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-08-03 11:44:17 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-07-31 18:32:57 | 000,080,128 | ---- | M] () -- C:\bilety.pdf
[2012-07-26 14:00:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-07-12 10:33:29 | 000,061,684 | ---- | M] () -- C:\Documents and Settings\kret\Pulpit\6218572700_1339589038.png
[2012-07-11 13:59:00 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-07-11 13:04:00 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-07-10 14:10:45 | 3224,686,592 | ---- | M] () -- C:\X15-65805.iso
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-08-07 19:59:08 | 000,000,715 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\UltraISO.lnk
[2012-08-07 18:45:07 | 3224,686,592 | ---- | C] () -- C:\X15-65805.iso
[2012-08-07 18:41:14 | 2406,967,295 | ---- | C] () -- C:\The.Elder.Scrolls.superlola.iso
[2012-07-31 18:32:56 | 000,080,128 | ---- | C] () -- C:\bilety.pdf
[2012-07-12 10:33:34 | 000,061,684 | ---- | C] () -- C:\Documents and Settings\kret\Pulpit\6218572700_1339589038.png
[2012-05-12 19:00:28 | 000,075,045 | ---- | C] () -- C:\WINDOWS\System32\7644f323.exe
[2012-05-12 19:00:27 | 001,915,904 | ---- | C] () -- C:\WINDOWS\System32\56317d7d.dll
[2012-04-28 19:41:54 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\kret\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-04-18 11:35:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-04-17 14:04:41 | 000,000,101 | ---- | C] () -- C:\WINDOWS\CMMIXER.INI
[2012-04-17 13:40:01 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-04-17 13:38:53 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-04-17 12:37:37 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2012-04-17 12:37:35 | 000,004,333 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2012-04-17 12:37:15 | 000,015,448 | ---- | C] () -- C:\WINDOWS\cmaudio.ini
[2012-04-17 12:37:11 | 000,000,411 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2012-04-17 12:37:11 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2012-04-17 12:21:40 | 002,283,526 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2012-04-17 11:52:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-04-17 11:47:32 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
< End of report >
[[color=#282828][font=helvetica, arial, sans-serif]/codebox][/font][/color]

[[color=#282828][font=helvetica, arial, sans-serif]codebox][/font][/color]
OTL Extras logfile created on: 2012-08-08 18:09:11 - Run 1
OTL by OldTimer - Version 3.2.56.0	 Folder = C:\Documents and Settings\kret\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,25 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 62,13% Memory free
5,09 Gb Paging File | 3,64 Gb Available in Paging File | 71,55% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 77,64 Gb Total Space | 37,46 Gb Free Space | 48,24% Space Free | Partition Type: NTFS
Drive D: | 155,24 Gb Total Space | 7,38 Gb Free Space | 4,75% Space Free | Partition Type: NTFS
Drive J: | 2,72 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MOLER | User Name: kret | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"D:\Steam\SteamApps\moler555\counter-strike\hl.exe" = D:\Steam\SteamApps\moler555\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 5
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{AC76BA86-7AD7-1033-7B44-A70700000002}" = Adobe Reader 7.0.7
"{ACC75323-DB4A-4F7F-9AF3-1D1DEFF2D1B5}" = Heroes of Might and Magic V - Tribes of the East
"{ACC75323-DB4A-4f7f-9AF3-1D1DEFF2D1B5}_is1" = Heroes of Might and Magic V - Dzikie Hordy
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}" = Razer DeathAdder(TM) Mouse
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F627CDBC-8323-4024-9691-A0A6533F43E0}" = ESET NOD32 Antivirus
"{F86B5FF0-E0C0-41AA-9FD3-5E9090FED323}" = Mumble 1.2.3
"7644f323" = Contextual Tool Extrafind
"7BDD6421B73797179E9A97E5C7DE019FBC77147F" = Windows Driver Package - Razer (HidUsb) HIDClass (04/04/2009 1.0.5.0)
"85C2153E6B3ED760F8F06C23A83E8CC3C4680D6C" = Windows Driver Package - Cypress (CYUSB) USB (06/05/2009 3.4.1.20)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Browsers Protector" = Browsers Protector
"DA73216D935E3CBA996AFD6E6513ECC587E0C3C1" = Windows Driver Package - Razer (HidUsb) HIDClass (02/02/2007 1.0.5.0)
"DAEMON Tools Lite" = DAEMON Tools Lite
"DXTXTRA" = Microsoft DirectX Transform optional components
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Gadu-Gadu 10" = Gadu-Gadu 10
"ie8" = Windows Internet Explorer 8
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PCI Audio Applications" = PCI Audio Applications
"PCI Audio Driver" = PCI Audio Driver
"PROSet" = Intel(R) PRO Network Connections Drivers
"StartSearch Toolbar" = StartSearch Toolbar 1.3
"UltraISO_is1" = UltraISO Premium V9.52
"V9Software" = V9 HomeTool
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.01 (32-bitowy)

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-06-06 08:22:56 | Computer Name = MOLER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd assassinscreed_dx9.exe, wersja 1.0.0.1,
moduł powodujący błąd assassinscreed_dx9.exe, wersja 1.0.0.1, adres błędu 0x00470793.

Error - 2012-06-06 08:35:51 | Computer Name = MOLER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd heroes33.exe, wersja 3.2.0.0, moduł powodujący
błąd heroes33.exe, wersja 3.2.0.0, adres błędu 0x000eed97.

[ System Events ]
Error - 2012-07-21 05:49:10 | Computer Name = MOLER | Source = System Error | ID = 1003
Description = Kod błędu 100000d1, parametr 1 00000000, parametr 2 00000002, parametr
3 00000008, parametr 4 00000000.

Error - 2012-07-21 12:55:37 | Computer Name = MOLER | Source = System Error | ID = 1003
Description = Kod błędu 100000d1, parametr 1 00000000, parametr 2 00000002, parametr
3 00000008, parametr 4 00000000.

Error - 2012-07-21 12:56:31 | Computer Name = MOLER | Source = System Error | ID = 1003
Description = Kod błędu 100000d1, parametr 1 0077ffe7, parametr 2 00000002, parametr
3 00000000, parametr 4 b752e70d.

Error - 2012-07-21 12:56:34 | Computer Name = MOLER | Source = System Error | ID = 1003
Description = Kod błędu 1000007f, parametr 1 0000000d, parametr 2 00000000, parametr
3 00000000, parametr 4 00000000.

Error - 2012-08-01 15:14:13 | Computer Name = MOLER | Source = System Error | ID = 1003
Description = Kod błędu 100000d1, parametr 1 00000000, parametr 2 00000002, parametr
3 00000008, parametr 4 00000000.

Error - 2012-08-06 10:58:15 | Computer Name = MOLER | Source = MRxSmb | ID = 8003
Description = Przeglądarka główna odebrała anons serwera z komputera MISTRZ. Komputer
ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{A65B57AD-B96A-4B4F-B2.
Przeglądarka
główna właśnie jest zatrzymywana albo wymuszany jest wybór.

Error - 2012-08-07 03:09:06 | Computer Name = MOLER | Source = System Error | ID = 1003
Description = Kod błędu 100000d1, parametr 1 00000000, parametr 2 00000002, parametr
3 00000008, parametr 4 00000000.

Error - 2012-08-08 04:31:36 | Computer Name = MOLER | Source = System Error | ID = 1003
Description = Kod błędu 100000d1, parametr 1 00000000, parametr 2 00000002, parametr
3 00000008, parametr 4 00000000.

Error - 2012-08-08 04:32:01 | Computer Name = MOLER | Source = System Error | ID = 1003
Description = Kod błędu 1000007f, parametr 1 0000000d, parametr 2 00000000, parametr
3 00000000, parametr 4 00000000.

Error - 2012-08-08 04:33:59 | Computer Name = MOLER | Source = DCOM | ID = 10010
Description = Serwer {8BC3F05E-D86B-11D0-A075-00C04FB68820} nie zarejestrował się
w modelu DCOM w wymaganym czasie.


< End of report >
[[color=#282828][font=helvetica, arial, sans-serif]/codebox][/font][/color]

Użytkownik Moler12 edytował ten post 08 08 2012 - 18:51

0

Do góry

#2 ordynat

Zaawansowany użytkownik

804 postów

Napisano 09 08 2012 - 05:23

"V9Software" = V9 HomeTool

Odinstaluj tego śmiecia - spowalnia przeglądarkę.

"7644f323" = Contextual Tool Extrafind

Odinstaluj tego śmiecia - spowalnia przeglądarkę.

"Browsers Protector" = Browsers Protector

Odinstaluj tego śmiecia - spowalnia przeglądarkę.

"StartSearch Toolbar" = StartSearch Toolbar 1.3

Odinstaluj tego śmiecia - spowalnia przeglądarkę.

Użyj >Adw-cleaner (ściągnij na Pulpit i kliknij w nim Delete
Pokaż raport z niego C:\AdwCleaner[S1].txt.

Uruchom OTL i w oknie Własne opcje skanowania/Script wklej to:

:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/idg/idg_1334663440_383620
O2 - BHO: (extrafind) - {2b2d314f-5329-4489-5424-4a7a8150082b} - C:\WINDOWS\system32\56317d7d.dll ()
O4 - HKLM..\Run: [Browsers Protector] C:\Program Files\Browsers Protector\regmon32.exe ()
[2012-05-12 19:00:28 | 000,075,045 | ---- | C] () -- C:\WINDOWS\System32\7644f323.exe
[2012-05-12 19:00:27 | 001,915,904 | ---- | C] () -- C:\WINDOWS\System32\56317d7d.dll

:Commands
[emptytemp]

Kliknij w Wykonaj Script. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.

Ogólnie: nie masz żadnej infekcji, tylko te śmieci.
.

1

Do góry

#3 Moler12

Początkujący

17 postów

Napisano 09 08 2012 - 12:27

Ok, dzięki wielkie odinstalowałem już te śmieci.
A tu ten raport z cleanera:

# AdwCleaner v1.702 - Logfile created 08/09/2012 at 12:05:15
# Updated 13/07/2012 by Xplode
# Operating system : Microsoft Windows XP Dodatek Service Pack 3 (32 bits)
# User : kret - MOLER
# Running from : C:\Documents and Settings\kret\Pulpit\adwcleaner1.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKLM\SOFTWARE\DT Soft
***** [Registre - GUID] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3F2A195-0D11-463b-96BB-D2FF1B7490A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECD0ECC6-DCA4-4013-A915-12355AB70999}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
*************************
AdwCleaner[S1].txt - [905 octets] - [09/08/2012 12:05:15]
########## EOF - C:\AdwCleaner[S1].txt - [1032 octets] ##########