Posty związane z oprogramowaniem. Odpowiedzi na nurtujące Was pytania.
Wyślij odpowiedź

Internet się zawiesza bez powodu

12 Sty 2012, 16:54

Nie wiem czy dobry dział...

Ostatnio kiedy jestem na internecie, na niektórych stronach (YT, poczta.o2.pl i kilka innych) przeglądarka się zawiesza po jakimś czasie przebywania na tej stronie, muszę restartować komputer lub wchodzić w menadżer zadań win. i zamykać proces "firefox.exe". Co się stało?

Re: Internet się zawiesza bez powodu

12 Sty 2012, 16:58

Na początek proponuję zaktualizować przeglądarkę -> https://www.instalki.pl/download/programy/windows/internet/przegladarki-www/firefox/

Re: Internet się zawiesza bez powodu

12 Sty 2012, 19:36

Ewentualnie możesz spróbować na innej przeglądarce i zobaczysz czy problem się powtarza. Jeżeli tak oznacza to, że błąd jest w systemie a nie samej przeglądarce. Polecam Google Chrome
http://www.instalki.pl/programy/downloa ... hrome.html

Re: Internet się zawiesza bez powodu

13 Sty 2012, 15:24

Zaktualizowałem MF i problem nadal się powtarza. Zaraz sprawdzę czy jest na Chrome.

Ewentualnie możesz spróbować na innej przeglądarce i zobaczysz czy problem się powtarza. Jeżeli tak oznacza to, że błąd jest w systemie a nie samej przeglądarce.


Już pobrałem Chrome, nie ma problemu, ale da się naprawić tak, aby i było dobrze na MF?
Ostatnio edytowany przez The Neverhood 13 Sty 2012, 15:48, edytowano w sumie 3 razy

Re: Internet się zawiesza bez powodu

13 Sty 2012, 15:36

Sprawdź to. Jednak wygląda to na problem z całym protokołem TCP.

Re: Internet się zawiesza bez powodu

13 Sty 2012, 15:42

@up Ale co jest źle ustawione?

Miałem ustawione serwery DNS, usunąłem je, ale problem dalej jest.

Re: Internet się zawiesza bez powodu

13 Sty 2012, 15:58

Odinstaluj Firefox`a, ale tym razem za pomocą Revo Uninstaller`a -> https://www.instalki.pl/download/programy/windows/narzedzia/narzedzia-systemowe/revo-uninstaller/, a następnie zainstaluj najnowszą wersję -> https://www.instalki.pl/download/programy/windows/internet/przegladarki-www/firefox/.

Re: Internet się zawiesza bez powodu

13 Sty 2012, 16:14

Kominekl

Nie działa.

Re: Internet się zawiesza bez powodu

13 Sty 2012, 16:30

A skorzystałeś z trybu zaawansowanego???

Re: Internet się zawiesza bez powodu

13 Sty 2012, 16:57

Byłem w "zaawansowane", wydaje się wszystko dobrze być. Ostatnio przyznam że miałem ataki hakerskie, były wirusy wykryte przez antywirusa, internet na drugim komputerze nie łączył się automatycznie, musiałem ręcznie (naprawione, ale na nim też były wirusy), program wykrywał próby włamania (blokowane), wirus po wejściu nie był wykryty, tylko podczas skanowania (następnie został usunięty).

Re: Internet się zawiesza bez powodu

13 Sty 2012, 17:07

Logów z OTL i GMER wrzucić nie zaszkodzi.

Re: Internet się zawiesza bez powodu

14 Sty 2012, 17:18

Mam logi z OTL:

OTL.TXT
Kod:
OTL logfile created on: 2012-01-14 15:52:17 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Documents and Settings\instal\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
893,48 Mb Total Physical Memory | 285,81 Mb Available Physical Memory | 31,99% Memory free
2,11 Gb Paging File | 1,60 Gb Available in Paging File | 75,74% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 67,60 Gb Free Space | 69,22% Space Free | Partition Type: NTFS
Drive D: | 135,22 Gb Total Space | 96,73 Gb Free Space | 71,54% Space Free | Partition Type: NTFS
 
Computer Name: PORADNIA | User Name: instal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-01-14 15:49:55 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\instal\Pulpit\OTL.exe
PRC - [2012-01-05 10:48:46 | 001,047,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2012-01-03 16:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011-08-10 21:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccsvchst.exe
PRC - [2009-01-26 14:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-06-25 07:47:24 | 001,629,480 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
PRC - [2007-06-25 07:47:12 | 001,552,680 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-01-05 10:48:44 | 000,411,120 | ---- | M] () -- C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\ppgooglenaclpluginchrome.dll
MOD - [2012-01-05 10:48:43 | 003,767,792 | ---- | M] () -- C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\pdf.dll
MOD - [2012-01-05 10:47:19 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\avutil-51.dll
MOD - [2012-01-05 10:47:18 | 000,222,208 | ---- | M] () -- C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\avformat-53.dll
MOD - [2012-01-05 10:47:17 | 001,746,432 | ---- | M] () -- C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\avcodec-53.dll
MOD - [2012-01-05 08:06:01 | 008,593,056 | ---- | M] () -- C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\gcswf32.dll
MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL
MOD - [2007-10-04 17:14:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] --  -- (Hamachi2Svc)
SRV - File not found [Auto | Stopped] --  -- (gupdate) Usługa Google Update (gupdate)
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - [2011-08-10 21:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe -- (NIS)
SRV - [2011-03-01 17:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010-09-10 16:50:28 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2007-06-25 07:47:12 | 001,552,680 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011-12-30 11:23:12 | 000,127,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011-12-29 01:00:00 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120113.025\NAVEX15.SYS -- (NAVEX15)
DRV - [2011-12-29 01:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011-12-29 01:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120113.025\NAVENG.SYS -- (NAVENG)
DRV - [2011-12-28 18:35:30 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120113.002\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011-12-01 03:25:03 | 000,820,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20111223.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011-11-09 19:08:00 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011-11-04 13:42:02 | 000,104,752 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2011-09-27 01:38:08 | 000,897,656 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\SYMEFA.SYS -- (SymEFA)
DRV - [2011-08-09 00:38:11 | 000,132,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\ccSetx86.sys -- (ccSet_NIS)
DRV - [2011-08-03 03:22:10 | 000,566,904 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NIS\1302000.00A\SRTSP.SYS -- (SRTSP)
DRV - [2011-08-03 03:22:10 | 000,031,864 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011-07-26 03:18:39 | 000,387,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1302000.00A\SYMTDI.SYS -- (SYMTDI)
DRV - [2011-07-26 03:15:51 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\Ironx86.SYS -- (SymIRON)
DRV - [2011-07-25 19:18:36 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\SYMDS.SYS -- (SymDS)
DRV - [2011-06-12 10:00:24 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011-01-28 22:04:03 | 000,016,512 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2007-11-10 03:20:02 | 000,029,728 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2007-09-20 19:07:40 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007-09-20 19:07:38 | 000,053,632 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007-09-19 10:16:32 | 004,617,728 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-06-25 07:47:12 | 000,038,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007-06-25 07:47:12 | 000,036,776 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2007-06-25 07:47:02 | 000,119,080 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005-08-08 13:44:04 | 000,006,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MouseCap.sys -- (MouseCap)
DRV - [2005-08-06 14:13:12 | 000,009,661 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Moufiltr.sys -- (Moufiltr)
DRV - [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\giveio.sys -- (giveio)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1547161642-1897051121-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1547161642-1897051121-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1547161642-1897051121-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1547161642-1897051121-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKU\S-1-5-21-1547161642-1897051121-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1547161642-1897051121-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1547161642-1897051121-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.selectedEngine: "Google PL"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\ [2011-12-31 11:13:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\ [2012-01-14 15:47:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-01-13 15:17:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-01-13 16:25:16 | 000,000,000 | ---D | M]
 
[2011-02-03 17:50:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\instal\Dane aplikacji\Mozilla\Extensions
[2012-01-11 12:35:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\instal\Dane aplikacji\Mozilla\Firefox\Profiles\vtb93ui8.default\extensions
[2011-12-13 15:42:10 | 000,000,000 | ---D | M] (My-Translator) -- C:\Documents and Settings\instal\Dane aplikacji\Mozilla\Firefox\Profiles\vtb93ui8.default\extensions\[email protected]
[2011-09-04 11:31:56 | 000,001,718 | ---- | M] () -- C:\Documents and Settings\instal\Dane aplikacji\Mozilla\Firefox\Profiles\vtb93ui8.default\searchplugins\google-pl-en-pl.xml
[2011-09-04 11:34:33 | 000,001,728 | ---- | M] () -- C:\Documents and Settings\instal\Dane aplikacji\Mozilla\Firefox\Profiles\vtb93ui8.default\searchplugins\google-pl.xml
[2011-09-04 11:33:06 | 000,001,633 | ---- | M] () -- C:\Documents and Settings\instal\Dane aplikacji\Mozilla\Firefox\Profiles\vtb93ui8.default\searchplugins\googletranslate.xml
[2011-08-21 17:26:48 | 000,001,978 | ---- | M] () -- C:\Documents and Settings\instal\Dane aplikacji\Mozilla\Firefox\Profiles\vtb93ui8.default\searchplugins\wrzutapl.xml
[2012-01-13 15:17:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-12-31 11:13:22 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPLGN
[2011-12-11 14:38:43 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-12-21 09:04:06 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-12-11 14:38:42 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011-12-21 06:04:32 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2011-12-21 06:04:32 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-12-21 06:04:32 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-12-21 06:04:32 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-12-21 06:04:32 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-12-21 06:04:32 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.2.1.6_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Norton Identity Protection = C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.2.1.6_0\
CHR - Extension: Gmail = C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2011-08-09 19:33:56 | 000,000,752 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost 127.0.0.1
O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Documents and Settings\instal\Dane aplikacji\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (MyPlayCity Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (DealBulldog Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (MyPlayCity Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1547161642-1897051121-839522115-1006\..\Toolbar\ShellBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-1547161642-1897051121-839522115-1006\..\Toolbar\WebBrowser: (DealBulldog Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-21-1547161642-1897051121-839522115-1006\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-1547161642-1897051121-839522115-1006\..\Toolbar\WebBrowser: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll (Yahoo! Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] "C:\Documents and Settings\instal\Pulpit\Stivi server\hamachi-2-ui.exe" --auto-start File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG)
O4 - HKU\S-1-5-21-1547161642-1897051121-839522115-1006..\Run: [MediaGet2] C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\MediaGet2\mediaget.exe --minimized File not found
O4 - HKU\S-1-5-21-1547161642-1897051121-839522115-1006..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1547161642-1897051121-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: ????3?? - Reg Error: Value error. File not found
O8 - Extra context menu item: ????3?????? - Reg Error: Value error. File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Download all by FlashGet3 - C:\Documents and Settings\instal\Dane aplikacji\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download ALL with IDA - Reg Error: Value error. File not found
O8 - Extra context menu item: Download by FlashGet3 - C:\Documents and Settings\instal\Dane aplikacji\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Download remotely with IDA - Reg Error: Value error. File not found
O8 - Extra context menu item: Download with IDA - Reg Error: Value error. File not found
O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\instal\Dane aplikacji\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\instal\Dane aplikacji\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1296249488513 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1296250308453 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7671B43E-56A6-4A65-A91B-EA3F8EB9AC59}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-01-28 21:45:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-01-14 15:49:55 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\instal\Pulpit\OTL.exe
[2012-01-13 16:24:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Moje dokumenty
[2012-01-13 15:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Menu Start\Programy\Revo Uninstaller
[2012-01-13 15:14:56 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012-01-13 14:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Menu Start\Programy\Google Chrome
[2012-01-11 12:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2012-01-11 12:15:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\AskToolbar
[2012-01-11 12:15:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PC FORMAT
[2012-01-07 19:09:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Picasa 3
[2011-12-31 18:28:09 | 000,000,000 | ---D | C] -- C:\Downloads
[2011-12-31 18:28:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Dane aplikacji\Internet Download Accelerator
[2011-12-31 18:27:55 | 000,000,000 | ---D | C] -- C:\Program Files\IDA
[2011-12-31 18:13:11 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager
[2011-12-31 17:44:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Dane aplikacji\BITS
[2011-12-31 17:44:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Dane aplikacji\FlashGet
[2011-12-31 17:44:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Dane aplikacji\FlashGetBHO
[2011-12-31 14:56:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Dane aplikacji\Toolbar4
[2011-12-31 14:56:47 | 000,000,000 | ---D | C] -- C:\Program Files\DealBulldog Toolbar
[2011-12-31 14:56:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\HyperCam 2
[2011-12-31 14:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\HyperCam 2
[2011-12-31 14:01:31 | 000,000,000 | ---D | C] -- D:\Moje dokumenty\Custom Production Presets 7.0
[2011-12-31 14:00:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Camtasia Studio 7
[2011-12-31 14:00:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\QuickTime
[2011-12-31 14:00:18 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011-12-31 14:00:01 | 000,000,000 | ---D | C] -- C:\Program Files\Camtasia Studio 7
[2011-12-31 11:57:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Menu Start\Programy\Yacc Yet Another CSO Compressor
[2011-12-31 11:57:13 | 000,000,000 | ---D | C] -- C:\Program Files\Yacc Yet Another CSO Compressor
[2011-12-31 11:21:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Pulpit\Tekken
[2011-12-30 11:04:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Menu Start\Programy\Norton
[2011-12-30 11:04:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Norton
[2011-12-30 11:02:29 | 000,815,072 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\instal\Pulpit\NISDownloader.exe
[2011-12-30 10:58:17 | 000,770,776 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\instal\Pulpit\AutoDetectPkg.exe
[2011-12-29 15:46:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Pulpit\PSX2PSP
[2011-12-29 12:46:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Pulpit\Colin McRae Rally 2.0 (E) [SLES-02605]
[2011-12-29 11:51:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Pulpit\Multi
[2011-12-28 15:03:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Pulpit\973_PsGUI221beta
[2011-12-21 01:02:26 | 004,448,256 | ---- | C] (Google Inc.) -- C:\WINDOWS\System32\GPhotos.scr
[2011-12-20 14:57:22 | 000,309,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8dmod.dll
[2011-12-20 14:57:22 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sds32.ax
[2011-12-19 19:33:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2011-12-19 19:33:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2011-12-19 19:33:30 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys
[2011-12-16 13:51:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\instal\Menu Start\Programy\Fraps
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-01-14 15:55:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012-01-14 15:50:17 | 000,294,216 | ---- | M] () -- C:\Documents and Settings\instal\Pulpit\gmer.zip
[2012-01-14 15:49:55 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\instal\Pulpit\OTL.exe
[2012-01-14 15:46:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-01-14 14:47:09 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2012-01-14 12:37:00 | 000,001,136 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-1897051121-839522115-1006UA.job
[2012-01-13 16:25:17 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2012-01-13 15:17:10 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2012-01-13 14:37:00 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-1897051121-839522115-1006Core.job
[2012-01-13 14:34:08 | 000,002,317 | ---- | M] () -- C:\Documents and Settings\instal\Pulpit\Google Chrome.lnk
[2012-01-12 18:05:31 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\instal\Pulpit\E-mail.lnk
[2012-01-07 19:10:14 | 000,000,765 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Picasa 3.lnk
[2012-01-07 19:09:56 | 000,585,435 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1302000.00A\Cat.DB
[2011-12-31 18:28:00 | 000,001,502 | ---- | M] () -- C:\Documents and Settings\instal\Pulpit\Play!.lnk
[2011-12-31 18:00:29 | 000,000,204 | ---- | M] () -- C:\WINDOWS\System32\secustat.dat
[2011-12-31 17:45:29 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
[2011-12-31 16:06:21 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011-12-31 14:56:12 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\HyperCam 2.lnk
[2011-12-31 14:08:44 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-12-31 14:00:35 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Camtasia Studio 7.lnk
[2011-12-31 11:57:16 | 000,000,825 | ---- | M] () -- C:\Documents and Settings\instal\Pulpit\Yacc.lnk
[2011-12-31 11:12:32 | 000,001,979 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Norton Internet Security.LNK
[2011-12-30 20:21:49 | 000,004,782 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1302000.00A\VT20111023.024
[2011-12-30 11:29:06 | 000,515,660 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-12-30 11:29:06 | 000,455,376 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-12-30 11:29:06 | 000,095,664 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-12-30 11:29:06 | 000,075,350 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-12-30 11:26:23 | 000,000,752 | ---- | M] () -- C:\Documents and Settings\instal\Pulpit\Pliki instalacyjne Norton.lnk
[2011-12-30 11:23:12 | 000,127,096 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2011-12-30 11:23:12 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2011-12-30 11:23:12 | 000,007,510 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2011-12-30 11:23:12 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2011-12-30 11:02:42 | 000,815,072 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\instal\Pulpit\NISDownloader.exe
[2011-12-30 10:58:27 | 000,770,776 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\instal\Pulpit\AutoDetectPkg.exe
[2011-12-28 14:24:52 | 000,194,885 | ---- | M] () -- C:\Documents and Settings\instal\Pulpit\hjsplit3.0.zip
[2011-12-27 20:10:40 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-12-21 01:02:26 | 004,448,256 | ---- | M] (Google Inc.) -- C:\WINDOWS\System32\GPhotos.scr
[2011-12-20 20:51:39 | 195,687,424 | ---- | M] () -- C:\Documents and Settings\instal\Pulpit\camtasia.msi
[2011-12-16 13:51:34 | 000,000,432 | ---- | M] () -- C:\Documents and Settings\instal\Pulpit\Fraps.lnk
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-01-14 15:50:19 | 000,294,216 | ---- | C] () -- C:\Documents and Settings\instal\Pulpit\gmer.zip
[2012-01-13 16:25:17 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader 9.lnk
[2012-01-13 16:25:17 | 000,001,735 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2012-01-13 15:17:10 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk
[2012-01-13 15:17:10 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2012-01-13 14:34:08 | 000,002,317 | ---- | C] () -- C:\Documents and Settings\instal\Pulpit\Google Chrome.lnk
[2012-01-13 14:32:09 | 000,001,136 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-1897051121-839522115-1006UA.job
[2012-01-13 14:32:09 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-1897051121-839522115-1006Core.job
[2012-01-12 18:05:31 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\instal\Pulpit\E-mail.lnk
[2012-01-11 12:15:51 | 000,000,236 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012-01-07 19:10:14 | 000,000,765 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Picasa 3.lnk
[2011-12-31 18:28:00 | 000,001,502 | ---- | C] () -- C:\Documents and Settings\instal\Pulpit\Play!.lnk
[2011-12-31 17:54:08 | 000,000,204 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2011-12-31 17:45:29 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2011-12-31 14:56:12 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\HyperCam 2.lnk
[2011-12-31 14:00:34 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Camtasia Studio 7.lnk
[2011-12-31 12:50:51 | 000,378,368 | ---- | C] () -- C:\Documents and Settings\instal\Pulpit\cuemaker.exe
[2011-12-31 11:57:16 | 000,000,825 | ---- | C] () -- C:\Documents and Settings\instal\Pulpit\Yacc.lnk
[2011-12-30 11:04:36 | 000,000,752 | ---- | C] () -- C:\Documents and Settings\instal\Pulpit\Pliki instalacyjne Norton.lnk
[2011-12-28 14:24:48 | 000,194,885 | ---- | C] () -- C:\Documents and Settings\instal\Pulpit\hjsplit3.0.zip
[2011-12-20 20:37:46 | 195,687,424 | ---- | C] () -- C:\Documents and Settings\instal\Pulpit\camtasia.msi
[2011-12-16 13:51:34 | 000,000,432 | ---- | C] () -- C:\Documents and Settings\instal\Pulpit\Fraps.lnk
[2011-11-26 11:17:36 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011-11-20 19:15:05 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\everest_cpl.ini
[2011-11-19 19:57:41 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\A7D20FE637.sys
[2011-11-19 19:57:33 | 000,001,682 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2011-09-10 18:03:32 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2011-08-28 10:36:02 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011-08-20 09:53:01 | 000,000,035 | ---- | C] () -- C:\WINDOWS\WorldBuilder.INI
[2011-08-01 12:42:37 | 000,000,114 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2011-06-12 19:59:57 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2011-06-12 19:59:57 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2011-06-12 19:59:57 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2011-06-09 10:06:18 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\instal\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-06-05 14:42:34 | 000,000,030 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011-05-11 19:50:20 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011-03-01 16:29:14 | 000,000,404 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2011-03-01 16:29:14 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2011-02-07 19:23:17 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-01-29 09:57:01 | 000,000,959 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011-01-28 23:02:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011-01-28 22:30:26 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-01-28 22:29:28 | 000,122,928 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-01-28 22:11:51 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011-01-28 21:46:28 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-01-28 21:43:02 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007-10-04 09:14:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007-10-04 09:14:00 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2007-10-04 09:14:00 | 001,478,656 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007-10-04 09:14:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2007-10-04 09:14:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007-10-04 09:14:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007-10-04 09:14:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2007-10-04 09:14:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2007-10-04 09:14:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-03-02 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006-03-02 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006-03-02 13:00:00 | 000,515,660 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2006-03-02 13:00:00 | 000,455,376 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006-03-02 13:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2006-03-02 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006-03-02 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006-03-02 13:00:00 | 000,095,664 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2006-03-02 13:00:00 | 000,075,350 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006-03-02 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006-03-02 13:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2006-03-02 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006-03-02 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006-03-02 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006-03-02 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006-03-02 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005-08-30 00:00:00 | 000,781,312 | ---- | C] () -- C:\WINDOWS\System32\RGSS102J.dll
[2005-08-30 00:00:00 | 000,778,752 | ---- | C] () -- C:\WINDOWS\System32\RGSS102E.dll
[2005-08-30 00:00:00 | 000,771,584 | ---- | C] () -- C:\WINDOWS\System32\RGSS100J.dll
[2005-08-08 13:44:04 | 000,006,640 | ---- | C] () -- C:\WINDOWS\System32\drivers\MouseCap.sys
[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\giveio.sys
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012-01-08 12:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-02-10 12:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EA Core
[2011-02-10 12:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2011-07-29 08:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2011-11-09 19:15:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2011-05-14 10:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Solidshield
[2011-12-31 14:01:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TechSmith
[2012-01-01 16:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\.minecraft
[2011-12-12 17:31:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\advantage
[2011-12-31 18:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\BITS
[2011-08-30 11:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\Clickteam
[2011-08-30 11:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011-04-10 11:07:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\Cool Record Edit Pro
[2011-06-20 14:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\DAEMON Tools Lite
[2011-08-11 11:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\dp3d
[2011-06-27 14:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\fizzy
[2011-12-31 17:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\FlashGet
[2011-12-31 17:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\FlashGetBHO
[2011-04-10 10:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\Free Sound Recorder
[2011-06-11 10:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\gtk-2.0
[2011-12-31 18:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\Internet Download Accelerator
[2011-11-21 17:30:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\InterTrust
[2011-07-29 17:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\IObit
[2011-10-29 14:19:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\LolClient
[2011-10-29 12:07:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\Moje pliki Bitwy o Śródziemie™ II
[2011-02-08 09:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\OpenOffice.org
[2011-12-12 17:33:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\Rovio
[2011-12-31 14:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\Toolbar4
[2011-11-25 20:00:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\instal\Dane aplikacji\uTorrent
[2011-10-28 14:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laser_le\Dane aplikacji\.minecraft
[2011-10-25 15:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laser_le\Dane aplikacji\.minecraft_xray
[2011-09-19 10:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laser_le\Dane aplikacji\fltk.org
[2011-02-02 17:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laser_le\Dane aplikacji\OpenOffice.org
[2011-07-29 11:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laser_le\Dane aplikacji\TeamViewer
[2011-06-12 10:06:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Oskar\Dane aplikacji\DAEMON Tools Lite
[2012-01-14 15:55:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >

Re: Internet się zawiesza bez powodu

14 Sty 2012, 17:19

OTL: Extras.TXT

Kod:
OTL Extras logfile created on: 2012-01-14 15:52:17 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Documents and Settings\instal\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
893,48 Mb Total Physical Memory | 285,81 Mb Available Physical Memory | 31,99% Memory free
2,11 Gb Paging File | 1,60 Gb Available in Paging File | 75,74% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 67,60 Gb Free Space | 69,22% Space Free | Partition Type: NTFS
Drive D: | 135,22 Gb Total Space | 96,73 Gb Free Space | 71,54% Space Free | Partition Type: NTFS
 
Computer Name: PORADNIA | User Name: instal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-21-1547161642-1897051121-839522115-1006\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\Smart File Advisor\sfa.exe" /unknown "%1" (Filefacts.net)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"57091:TCP" = 57091:TCP:*:Enabled:Pando Media Booster
"57091:UDP" = 57091:UDP:*:Enabled:Pando Media Booster
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"57091:TCP" = 57091:TCP:*:Enabled:Pando Media Booster
"57091:UDP" = 57091:UDP:*:Enabled:Pando Media Booster
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{19B72AA9-985A-11D4-9C8A-00D0B75D1498}" = Colin McRae Rally 2
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}" = GTA2
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Bitwa o Śródziemie™ II
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2F7D5734-056F-4A0A-A1C7-CA1AAE5BB1EB}" = Angry Birds
"{31821EFE-1B31-4744-9FB0-208F92BD7168}" = Visual FoxPro ODBC Driver
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims™  2 Zwierzaki
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}" = RGSS-RTP Standard
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8727531E-6C58-4852-A90B-39CF45E269A9}" = OpenOffice.org 3.2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BAD4440-26D7-4A40-B844-066D2AF3550C}" = Colin McRae Rally 2005
"{8BBB5E4C-3F5E-4C07-BFBE-33B34600783A}" = LogMeIn Hamachi
"{901C0415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Access 2003 Runtime
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{91C0B95B-B83A-4828-A775-BBE2DD421045}" = Nero 7 Essentials
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B34CAC6-738F-4A20-B428-A115C3E3474C}" = RPGXP
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.0 - Polish
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D7B3493D-766C-40AA-9AA9-053B896D76DE}" = Angry Birds Rio
"{D8A790CB-CF32-4135-AAAE-6BA5A75C5DBF}" = OSCAR Editor
"{E96FF910-1BC9-4EE5-BC12-0A30D4E20F37}" = NWZ-E440 WALKMAN Guide
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0 CE
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Air Flashback_is1" = Air Flashback
"Amusive Checkers_is1" = Amusive Checkers
"Arkanoid Activation_is1" = Arkanoid Activation v1.0.7
"Colin McRae 2005 Polish language add-on" = Colin McRae 2005 Polish language add-on
"DAEMON Tools Lite" = DAEMON Tools Lite
"DealBulldog Toolbar" = DealBulldog Toolbar
"DreamWorks Interactive: Neverhood" = The Neverhood
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"FlashGet 3.7" = FlashGet 3.7
"FormatFactory" = FormatFactory 2.70
"Fraps" = Fraps (remove only)
"HyperCam 2" = HyperCam 2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{D8A790CB-CF32-4135-AAAE-6BA5A75C5DBF}" = Anti-Vibrate Oscar Editor
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mad Tracks_is1" = Mad Tracks PL 1.2
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 9.0.1 (x86 pl)" = Mozilla Firefox 9.0.1 (x86 pl)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NIS" = Norton Internet Security
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"Polanie II" = Polanie II
"Revo Uninstaller" = Revo Uninstaller 1.93
"Słownik angielsko-polski_is1" = Słownik angielsko-polski wersja 2.25
"Smart File Advisor_is1" = Smart File Advisor 1.1.1
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.00 (32-bitowy)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yacc" = Yacc 0.4.0.3
"Yahoo! Companion" = Yahoo! Companion
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-1547161642-1897051121-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = MyPlayCity Toolbar Updater
"Google Chrome" = Google Chrome
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 2011-12-20 14:56:13 | Computer Name = PORADNIA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd moviemk.exe, wersja 2.1.4028.0, moduł powodujący
 błąd avisplitter.ax, wersja 1.3.1290.0, adres błędu 0x00023918.
 
Error - 2011-12-20 15:02:41 | Computer Name = PORADNIA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd moviemk.exe, wersja 2.1.4028.0, moduł powodujący
 błąd avisplitter.ax, wersja 1.3.1290.0, adres błędu 0x00023918.
 
Error - 2011-12-20 15:16:03 | Computer Name = PORADNIA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd moviemk.exe, wersja 2.1.4028.0, moduł powodujący
 błąd avisplitter.ax, wersja 1.3.1290.0, adres błędu 0x00023918.
 
Error - 2011-12-27 15:14:15 | Computer Name = PORADNIA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
 listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
 wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu. 
 
Error - 2011-12-27 15:14:15 | Computer Name = PORADNIA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
 listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
 wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. 
 
Error - 2012-01-08 07:14:30 | Computer Name = PORADNIA | Source = Microsoft Management Console | ID = 1000
Description =
 
Error - 2012-01-12 11:29:18 | Computer Name = PORADNIA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd stick soldiers ii.exe, wersja 1.0.0.1, moduł
 powodujący błąd stick soldiers ii.exe, wersja 1.0.0.1, adres błędu 0x0000984c.
 
Error - 2012-01-12 11:29:58 | Computer Name = PORADNIA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd stick soldiers ii.exe, wersja 1.0.0.1, moduł
 powodujący błąd stick soldiers ii.exe, wersja 1.0.0.1, adres błędu 0x000097b9.
 
Error - 2012-01-12 11:30:26 | Computer Name = PORADNIA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd stick soldiers ii.exe, wersja 1.0.0.1, moduł
 powodujący błąd stick soldiers ii.exe, wersja 1.0.0.1, adres błędu 0x000097b9.
 
Error - 2012-01-12 11:30:47 | Computer Name = PORADNIA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd stick soldiers ii.exe, wersja 1.0.0.1, moduł
 powodujący błąd stick soldiers ii.exe, wersja 1.0.0.1, adres błędu 0x000097b9.
 
[ Application Events ]
Error - 2011-12-20 14:56:13 | Computer Name = PORADNIA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd moviemk.exe, wersja 2.1.4028.0, moduł powodujący
 błąd avisplitter.ax, wersja 1.3.1290.0, adres błędu 0x00023918.
 
Error - 2011-12-20 15:02:41 | Computer Name = PORADNIA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd moviemk.exe, wersja 2.1.4028.0, moduł powodujący
 błąd avisplitter.ax, wersja 1.3.1290.0, adres błędu 0x00023918.
 
Error - 2011-12-20 15:16:03 | Computer Name = PORADNIA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd moviemk.exe, wersja 2.1.4028.0, moduł powodujący
 błąd avisplitter.ax, wersja 1.3.1290.0, adres błędu 0x00023918.
 
Error - 2011-12-27 15:14:15 | Computer Name = PORADNIA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
 listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
 wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu. 
 
Error - 2011-12-27 15:14:15 | Computer Name = PORADNIA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
 listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
 wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. 
 
Error - 2012-01-08 07:14:30 | Computer Name = PORADNIA | Source = Microsoft Management Console | ID = 1000
Description =
 
Error - 2012-01-12 11:29:18 | Computer Name = PORADNIA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd stick soldiers ii.exe, wersja 1.0.0.1, moduł
 powodujący błąd stick soldiers ii.exe, wersja 1.0.0.1, adres błędu 0x0000984c.
 
Error - 2012-01-12 11:29:58 | Computer Name = PORADNIA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd stick soldiers ii.exe, wersja 1.0.0.1, moduł
 powodujący błąd stick soldiers ii.exe, wersja 1.0.0.1, adres błędu 0x000097b9.
 
Error - 2012-01-12 11:30:26 | Computer Name = PORADNIA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd stick soldiers ii.exe, wersja 1.0.0.1, moduł
 powodujący błąd stick soldiers ii.exe, wersja 1.0.0.1, adres błędu 0x000097b9.
 
Error - 2012-01-12 11:30:47 | Computer Name = PORADNIA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd stick soldiers ii.exe, wersja 1.0.0.1, moduł
 powodujący błąd stick soldiers ii.exe, wersja 1.0.0.1, adres błędu 0x000097b9.
 
[ System Events ]
Error - 2012-01-13 14:59:59 | Computer Name = PORADNIA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu
 następującego błędu:   %%3
 
Error - 2012-01-13 14:59:59 | Computer Name = PORADNIA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi LogMeIn Hamachi Tunneling Engine z powodu
 następującego błędu:   %%3
 
Error - 2012-01-14 06:18:44 | Computer Name = PORADNIA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu
 następującego błędu:   %%3
 
Error - 2012-01-14 06:18:44 | Computer Name = PORADNIA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi LogMeIn Hamachi Tunneling Engine z powodu
 następującego błędu:   %%3
 
Error - 2012-01-14 07:34:43 | Computer Name = PORADNIA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu
 następującego błędu:   %%3
 
Error - 2012-01-14 07:34:43 | Computer Name = PORADNIA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi LogMeIn Hamachi Tunneling Engine z powodu
 następującego błędu:   %%3
 
Error - 2012-01-14 09:38:05 | Computer Name = PORADNIA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu
 następującego błędu:   %%3
 
Error - 2012-01-14 09:38:05 | Computer Name = PORADNIA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi LogMeIn Hamachi Tunneling Engine z powodu
 następującego błędu:   %%3
 
Error - 2012-01-14 10:46:56 | Computer Name = PORADNIA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu
 następującego błędu:   %%3
 
Error - 2012-01-14 10:46:56 | Computer Name = PORADNIA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi LogMeIn Hamachi Tunneling Engine z powodu
 następującego błędu:   %%3
 
 
< End of report >

Re: Internet się zawiesza bez powodu

14 Sty 2012, 17:19

GMER:

Kod:
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-01-14 16:42:23
Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-6 WDC_WD2500AAKS-00VSA0 rev.01.01B01
Running: gmer.exe; Driver: C:\DOCUME~1\instal\USTAWI~1\Temp\pgldapoc.sys


---- System - GMER 1.0.15 ----

SSDT            8468A6D0                                                                                                            ZwAlertResumeThread
SSDT            8468D6D0                                                                                                            ZwAlertThread
SSDT            84681700                                                                                                            ZwAllocateVirtualMemory
SSDT            846746D0                                                                                                            ZwAssignProcessToJobObject
SSDT            852BD780                                                                                                            ZwConnectPort
SSDT            \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)                          ZwCreateKey [0xF3570980]
SSDT            8465F700                                                                                                            ZwCreateMutant
SSDT            8464B700                                                                                                            ZwCreateSymbolicLinkObject
SSDT            846906F0                                                                                                            ZwCreateThread
SSDT            846766D0                                                                                                            ZwDebugActiveProcess
SSDT            \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)                          ZwDeleteKey [0xF3570C00]
SSDT            \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)                          ZwDeleteValueKey [0xF3570F10]
SSDT            84686700                                                                                                            ZwDuplicateObject
SSDT            sptd.sys                                                                                                            ZwEnumerateKey [0xF72E80EE]
SSDT            sptd.sys                                                                                                            ZwEnumerateValueKey [0xF72E847C]
SSDT            8467B700                                                                                                            ZwFreeVirtualMemory
SSDT            846846D0                                                                                                            ZwImpersonateAnonymousToken
SSDT            846876D0                                                                                                            ZwImpersonateThread
SSDT            851DC750                                                                                                            ZwLoadDriver
SSDT            846786F0                                                                                                            ZwMapViewOfSection
SSDT            846826D0                                                                                                            ZwOpenEvent
SSDT            sptd.sys                                                                                                            ZwOpenKey [0xF72B39C0]
SSDT            8468C700                                                                                                            ZwOpenProcess
SSDT            846986D0                                                                                                            ZwOpenProcessToken
SSDT            8467C6D0                                                                                                            ZwOpenSection
SSDT            84689700                                                                                                            ZwOpenThread
SSDT            8464E700                                                                                                            ZwProtectVirtualMemory
SSDT            sptd.sys                                                                                                            ZwQueryKey [0xF72E8554]
SSDT            sptd.sys                                                                                                            ZwQueryValueKey [0xF72E83D4]
SSDT            846916D0                                                                                                            ZwResumeThread
SSDT            846966D0                                                                                                            ZwSetContextThread
SSDT            84673700                                                                                                            ZwSetInformationProcess
SSDT            846796D0                                                                                                            ZwSetSystemInformation
SSDT            \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)                          ZwSetValueKey [0xF3571160]
SSDT            8467F6D0                                                                                                            ZwSuspendProcess
SSDT            846936D0                                                                                                            ZwSuspendThread
SSDT            844787D8                                                                                                            ZwTerminateProcess
SSDT            846956D0                                                                                                            ZwTerminateThread
SSDT            846976D0                                                                                                            ZwUnmapViewOfSection
SSDT            8467E700                                                                                                            ZwWriteVirtualMemory

INT 0x83        ?                                                                                                                   8562ACB8
INT 0x83        ?                                                                                                                   8562ACB8
INT 0x83        ?                                                                                                                   8562ACB8
INT 0xB4        ?                                                                                                                   8532ECB8

---- Kernel code sections - GMER 1.0.15 ----

PAGE            sptd.sys                                                                                                            F72D7000 1 Byte  [74]
PAGE            sptd.sys                                                                                                            F72D7004 5 Bytes  [40, 73, 2D, F7, A3]
PAGE            sptd.sys                                                                                                            F72D700C 5 Bytes  [50, 74, 2D, F7, 98]
PAGE            sptd.sys                                                                                                            F72D7014 5 Bytes  [B8, 73, 2D, F7, 59] {MOV EAX, 0x59f72d73}
PAGE            sptd.sys                                                                                                            F72D701C 5 Bytes  [78, 72, 2D, F7, 61]
PAGE            ...                                                                                                                 
.sptd2          C:\WINDOWS\system32\drivers\sptd.sys                                                                                entry point in ".sptd2" section [0xF73510AD]
?               C:\WINDOWS\system32\drivers\sptd.sys                                                                                Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces.
?               SYMDS.SYS                                                                                                           Nie można odnaleźć określonego pliku. !
?               SYMEFA.SYS                                                                                                          Nie można odnaleźć określonego pliku. !
.text           USBPORT.SYS!DllUnload                                                                                               F6AED8AC 5 Bytes  JMP 8532E1C8
.text           C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                                                            section is writeable [0xF6327360, 0x307F47, 0xE8000020]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT             \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_ULONG]                                                     [F727922E] sptd.sys
IAT             \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!READ_PORT_UCHAR]                                                      [F727871C] sptd.sys
IAT             \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_UCHAR]                                                     [F7278F0E] sptd.sys
IAT             atapi.sys[HAL.dll!READ_PORT_UCHAR]                                                                                  [F727871C] sptd.sys
IAT             atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT]                                                                          [F7278910] sptd.sys
IAT             atapi.sys[HAL.dll!READ_PORT_USHORT]                                                                                 [F7278852] sptd.sys
IAT             atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                                                         [F72790EC] sptd.sys
IAT             atapi.sys[HAL.dll!WRITE_PORT_UCHAR]                                                                                 [F7278F0E] sptd.sys

---- Devices - GMER 1.0.15 ----

Device          \FileSystem\Ntfs \Ntfs                                                                                              856291E8

AttachedDevice  \Driver\Tcpip \Device\Ip                                                                                            SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device          \Driver\usbohci \Device\USBPDO-0                                                                                    8531B1E8
Device          \Driver\usbehci \Device\USBPDO-1                                                                                    853571E8

AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                           SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device          \Driver\Cdrom \Device\CdRom0                                                                                        85361430
Device          \Driver\atapi \Device\Ide\IdePort0                                                                                  [F71F0B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdePort1                                                                                  [F71F0B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-6                                                                         [F71F0B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdePort2                                                                                  [F71F0B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdeDeviceP2T1L0-e                                                                         [F71F0B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdePort3                                                                                  [F71F0B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\NetBT \Device\NetBt_Wins_Export                                                                             842211E8
Device          \Driver\NetBT \Device\NetbiosSmb                                                                                    842211E8
Device          \Driver\NetBT \Device\NetBT_Tcpip_{7671B43E-56A6-4A65-A91B-EA3F8EB9AC59}                                            842211E8

AttachedDevice  \Driver\Tcpip \Device\Udp                                                                                           SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                                         SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device          \Driver\usbohci \Device\USBFDO-0                                                                                    8531B1E8
Device          \Driver\usbehci \Device\USBFDO-1                                                                                    853571E8
Device          \FileSystem\MRxSmb \Device\LanmanDatagramReceiver                                                                   842111E8
Device                                                                                                                              842111E8
Device          \FileSystem\Cdfs \Cdfs                                                                                              841611E8

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)               
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     D:\Gry\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                     0x00 0x00 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x1E 0x69 0xBE 0x03 ...
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)       
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0xA0 0x02 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0x6E 0xC3 0xDD 0x22 ...
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) 
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0xF3 0x23 0x31 0x2C ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                                                  771343423
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                                                  285507792
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                                                                  1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                   
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                 D:\Gry\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                 0x00 0x00 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                 0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x50 0xBD 0x27 0x1B ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                           
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0xA0 0x02 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                     0x6E 0xC3 0xDD 0x22 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                     
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0x52 0x2A 0xA7 0xF5 ...
Reg             HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)               
Reg             HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     D:\Gry\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                     0x00 0x00 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
Reg             HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x50 0xBD 0x27 0x1B ...
Reg             HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)       
Reg             HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0xA0 0x02 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0x6E 0xC3 0xDD 0x22 ...
Reg             HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) 
Reg             HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x52 0x2A 0xA7 0xF5 ...

---- EOF - GMER 1.0.15 ----

Re: Internet się zawiesza bez powodu

14 Sty 2012, 18:27

Logi wrzucaj na http://www.wklej.eu/ bo robi się śmietnik. Z góry dzięki.
Wyślij odpowiedź