x-kom hosting

Podczas skanowania komputer mi się restartuje

adis15
utworzono
utworzono

Miałem g-data is 2010 nie wykrywała żadnego wirusa chociaż gdy włączałem Mój komputer wyskakiwał mi błąd explorer.exe a potem błąd drwtsn32.exe a na dysku regularnie pojawiał mi się plik o nazwie aww7boot.txt i nie moglem wejść na niektóre strony m.in na www.kaspersky.pl . Teraz zainstalowałem kasperskiego i podczas skanowania zrestartuje mi się komputer (podczas restartu pojawiają się jakieś napisy na niebieskim tle).Raz nawet wyłączyła mi się nawet cała ochrona systemu. Musiałem od nowa instalować kasperskiego.Od czasu do czasu nie mogę pobrać aktualizacji.Nie wiem co mam robić??
[color="#ff0000"]
//przenoszę do subforum Logi do sprawdzenia
//raaz[/color]

Tomek01
komentarz
komentarz

To jest wirus.
Załącz logi [url="http://images.malwareremoval.com/random/RSIT.exe"][b][color="#0000FF"]R[/color]andom's [color="#0000FF"]S[/color]ystem [color="#0000FF"]I[/color]nformation [color="#0000FF"]T[/color]ool[/b][/url] i [url="http://www.instalki.pl/programy/download_c/13/3138.html"][color="#0000FF"][b]OTL[/b][/color][/url].

pYz
komentarz
komentarz

Mialem taki sam problem ze podczas scana wyskakiwaly mi bluescreeny. Okazalo sie ze mialem ogromna ilosc przeroznych robakow,spywarow ,wirusow i innych "nieprzyjaciol". Pomogl mi format calego dysku (probowalem jednej partycji ale to prawie nic nie dalo)

Tomek01
komentarz
komentarz (edytowane)

Wykonaj również http://www.forumpc.pl/index.php?showtopic=16074

pYz: w przypadku zagrożeń które wymieniłeś format nie jest koniecznością. Wystarczy trafić w odpowiednie ręce ;)

adis15
komentarz
komentarz

Logi z OTL

Tomek01
komentarz
komentarz

W OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe


:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60341
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\
[2009-12-23 20:18:38 | 000,024,683 | ---- | M] (Ask.com) -- C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll
[2009-09-21 13:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.

:Files
C:\WINDOWS\system32\dvmurl.dll

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]
Klikasz run fix, komputer uruchamia się ponownie.




Do [url=http://images.malwareremoval.com/jpshortstuff/SystemLook.exe][b]System Look[/b][/url] wklej:
[code]:filefind
drwtsn32.exe
drwtsn32*

:regfind
drwtsn32.exe
drwtsn32*[/code]
Wciśnij look, pokaż co wyskoczy.

Wrzuć log OTL z usuwania oraz nowe logi OTL i RSIT oraz to co pokaże System look.

adis15
komentarz
komentarz

logi z usuwania OTL

[url="http://wklej.org/hash/65f074a5604/"]http://wklej.org/hash/65f074a5604/[/url]

A to logi system look

[url="http://wklej.org/id/354589/"]http://wklej.org/id/354589/[/url]




Plik minidump

Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000000A, {e8, 2, 1, 806e6a16}

Unable to load image kl1.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for kl1.sys
*** ERROR: Module load completed but symbols could not be loaded for kl1.sys
Unable to load image klim5.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for klim5.sys
*** ERROR: Module load completed but symbols could not be loaded for klim5.sys
Unable to load image Rtenicxp.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for Rtenicxp.sys
*** ERROR: Module load completed but symbols could not be loaded for Rtenicxp.sys
[color="#000000"]Probably caused by : kl1.sys ( kl1+3b8d5 )[/color]

Followup: MachineOwner


Logi z OTL
[log]OTL logfile created on: 2010-06-22 15:07:02 - Run 3
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 79,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52,61 Gb Total Space | 10,34 Gb Free Space | 19,66% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 259,67 Gb Free Space | 88,63% Space Free | Partition Type: NTFS
Drive E: | 292,97 Gb Total Space | 280,09 Gb Free Space | 95,60% Space Free | Partition Type: NTFS
Drive F: | 292,96 Gb Total Space | 292,51 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: P4
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color="#e56717"]========== Processes (All) ==========[/color]

PRC - [2010-06-21 20:55:34 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-04-14 16:47:07 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-10-20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
PRC - [2009-10-20 19:34:38 | 000,207,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
PRC - [2009-10-01 16:48:12 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009-03-02 14:06:16 | 000,068,136 | ---- | M] () -- C:\Program Files\Gigabyte\EasySaver\essvr.exe
PRC - [2009-02-09 07:18:00 | 000,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2009-01-27 22:37:24 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2009-01-13 08:37:06 | 018,084,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HTTPFILTER]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-05-14 04:54:36 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2007-03-14 21:01:30 | 000,071,216 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2007-01-05 17:12:58 | 000,258,048 | ---- | M] (SONIX) -- C:\WINDOWS\tsnp2std.exe
PRC - [2006-09-15 13:21:54 | 000,675,840 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2std.exe
PRC - [2002-07-10 19:02:44 | 000,188,416 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
PRC - [2001-08-03 17:56:22 | 000,159,800 | ---- | M] (prolink) -- C:\WINDOWS\PowerS.exe
PRC - [2001-02-23 10:07:30 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe


[color="#e56717"]========== Modules (All) ==========[/color]

MOD - [2010-06-21 20:55:34 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color="#e56717"]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- -- (sp_rssrv)
SRV - File not found [Auto | Stopped] -- -- (Norton Internet Security)
SRV - [2009-10-20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2009-03-02 14:06:16 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)


[color="#e56717"]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-06-22 12:47:45 | 000,017,488 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010-06-19 23:05:11 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2009-10-14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2009-10-02 18:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-09-14 13:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009-09-01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009-02-09 07:18:00 | 006,307,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-01-20 12:53:06 | 005,027,840 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-10-30 15:14:20 | 000,117,888 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008-04-14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-02-24 17:17:00 | 000,011,264 | ---- | M] (Superlogix) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\supermounter.sys -- (SuperMounter)
DRV - [2007-04-09 11:38:06 | 012,039,552 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)
DRV - [2007-03-11 22:39:46 | 000,043,936 | ---- | M] (Alfa Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\AFPAnsi.sys -- (AFPAnsi)
DRV - [2001-02-03 18:41:24 | 000,290,440 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BT848.SYS -- (BT848)
DRV - [2001-02-03 18:11:54 | 000,012,632 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BTXBAR.SYS -- (BTXBAR)
DRV - [2001-02-03 18:11:52 | 000,022,288 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BTTUNER.SYS -- (BTTUNER)


[color="#e56717"]========== Standard Registry (SafeList) ==========[/color]


[color="#e56717"]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.pl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://www.google.com"]http://www.google.com[/url]
IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.pl/"]http://www.google.pl/[/url]
IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color="#e56717"]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-14 16:47:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-06-22 08:53:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010-06-10 17:18:50 | 000,000,000 | ---D | M]

[2009-10-19 20:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions
[2009-10-21 17:20:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\wtmiwwyn.default\extensions
[2010-06-21 21:15:39 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-06-02 19:01:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE-_updt_}
[2010-06-02 19:01:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\chrome_updt_
[2010-06-02 19:01:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\components_updt_
[2010-06-10 17:19:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010-04-14 16:47:10 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-04-14 16:47:10 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-04-14 16:47:10 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-04-14 16:47:10 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-04-14 16:47:10 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-04-14 16:47:10 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 17:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe (HP)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PowerS] C:\WINDOWS\PowerS.exe (prolink)
O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [tsnp2std] c:\WINDOWS\tsnp2std.exe (SONIX)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Remote Controller.lnk = C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE (TelSignal Co., Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TVSCHL.lnk = C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE (TelSignal Co., Ltd.)
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab"]http://download.macr...ash/swflash.cab[/url] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.92 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-10-02 00:16:25 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: [b]ares[/b] - hkey= - key= - C:\Program Files\Ares\Ares.exe (Ares Development Group)
MsConfig - StartUpReg: [b]LightScribe Control Panel[/b] - hkey= - key= - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: [b]RGSC[/b] - hkey= - key= - D:\GRY\gta VI\Rockstar Games Social Club\RGSCLauncher.exe File not found
MsConfig - StartUpReg: [b]uTorrent[/b] - hkey= - key= - D:\torent\uTorrent.exe (BitTorrent, Inc.)

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color="#e56717"]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-06-22 13:21:51 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86)
[2010-06-22 08:53:50 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-06-21 21:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-06-21 21:17:20 | 000,000,000 | ---D | C] -- C:\rsit
[2010-06-10 17:18:27 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010-06-10 17:18:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
[2010-06-10 17:18:13 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010-06-02 18:29:35 | 000,068,976 | ---- | C] (G Data Software) -- C:\WINDOWS\System32\drivers\GRD.sys
[2010-06-02 18:25:22 | 000,053,320 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\MiniIcpt.sys
[2010-06-02 18:24:55 | 000,022,528 | ---- | C] (G DATA Software AG) -- C:\WINDOWS\System32\drivers\GDNdisIc.sys
[2010-06-02 18:24:54 | 000,051,784 | ---- | C] (G DATA Software AG) -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2010-06-02 18:24:52 | 000,027,720 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDBehave.sys
[2010-06-02 18:24:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\G DATA
[2010-06-02 18:24:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\G DATA
[2010-06-02 16:55:32 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010-05-19 19:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-05-19 19:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010-05-09 18:33:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-05-01 10:45:54 | 000,000,000 | ---D | C] -- C:\Program Files\MP3 Player Utilities 3.57
[2009-10-06 18:16:06 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2std.dll
[2009-10-06 18:16:05 | 000,077,824 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll

[color="#e56717"]========== Files - Modified Within 60 Days ==========[/color]

[2010-06-22 15:00:00 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-06-22 13:22:03 | 004,718,592 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010-06-22 12:48:14 | 000,001,007 | ---- | M] () -- C:\WINDOWS\TSCTV.INI
[2010-06-22 12:48:03 | 000,002,302 | ---- | M] () -- C:\WINDOWS\TSCTNDBG.INI
[2010-06-22 12:48:02 | 000,019,729 | ---- | M] () -- C:\WINDOWS\Tsctvfm.ini
[2010-06-22 12:47:50 | 000,000,201 | ---- | M] () -- C:\WINDOWS\IFOLDER.INI
[2010-06-22 12:47:47 | 000,215,755 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-06-22 12:47:45 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-06-22 12:47:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-06-22 12:47:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-06-22 08:37:41 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-21 20:08:47 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010-06-21 20:08:47 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010-06-20 16:08:29 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-06-19 23:05:11 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010-06-19 23:05:09 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010-06-19 23:05:09 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010-06-19 20:09:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-10 19:41:46 | 000,000,082 | ---- | M] () -- C:\WINDOWS\SuperUtil.ini
[2010-06-09 10:38:14 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010-06-08 16:37:39 | 000,004,931 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010-06-03 20:07:34 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI
[2010-06-02 21:45:58 | 003,179,590 | -H-- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-06-02 19:18:04 | 000,027,720 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDBehave.sys
[2010-06-02 18:29:35 | 000,068,976 | ---- | M] (G Data Software) -- C:\WINDOWS\System32\drivers\GRD.sys
[2010-06-02 18:25:22 | 000,053,320 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\MiniIcpt.sys
[2010-06-02 18:24:55 | 000,022,528 | ---- | M] (G DATA Software AG) -- C:\WINDOWS\System32\drivers\GDNdisIc.sys
[2010-06-02 18:24:54 | 000,051,784 | ---- | M] (G DATA Software AG) -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2010-06-02 17:46:58 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-06-02 16:55:30 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010-06-02 16:38:03 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Revo Uninstaller.lnk
[2010-05-25 13:24:19 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\new.doc
[2010-05-19 19:51:44 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-05-19 16:28:03 | 000,001,035 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-05-16 20:04:20 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk
[2010-05-06 20:09:32 | 000,010,686 | ---- | M] () -- C:\WINDOWS\TSCTVDIV.INI
[2010-05-06 20:09:32 | 000,000,804 | ---- | M] () -- C:\WINDOWS\TSCTVDIV.BIN
[2010-05-06 20:09:32 | 000,000,475 | ---- | M] () -- C:\WINDOWS\TSCFM.INI
[2010-05-06 20:09:32 | 000,000,036 | ---- | M] () -- C:\WINDOWS\GRAPPLER.INI
[2010-05-05 21:03:16 | 000,065,536 | ---- | M] () -- C:\CAPTURE.AVI
[2010-05-05 20:57:02 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-04-24 20:15:11 | 000,921,624 | ---- | M] () -- C:\snp2sxp-001.raw

[color="#e56717"]========== Files Created - No Company Name ==========[/color]

[2010-06-21 20:08:47 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010-06-21 20:08:47 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010-06-10 17:19:05 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010-06-10 17:19:05 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010-06-08 16:37:39 | 000,004,931 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010-06-03 18:26:38 | 000,002,302 | ---- | C] () -- C:\WINDOWS\TSCTNDBG.INI
[2010-06-02 18:25:29 | 000,002,596 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Config.nt.bak
[2010-06-02 18:25:29 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Autoexec.nt.bak
[2010-06-02 18:25:29 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\hosts.bak
[2010-05-25 13:24:19 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\new.doc
[2010-05-19 19:51:03 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-05-16 20:04:20 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk
[2010-05-06 20:09:32 | 000,000,036 | ---- | C] () -- C:\WINDOWS\GRAPPLER.INI
[2010-05-05 20:58:41 | 000,065,536 | ---- | C] () -- C:\CAPTURE.AVI
[2010-05-01 10:05:48 | 000,008,802 | ---- | C] () -- C:\WINDOWS\AmvTransform.ini
[2010-05-01 10:05:48 | 000,007,763 | ---- | C] () -- C:\WINDOWS\AmvPlayer.ini
[2010-05-01 10:05:48 | 000,007,207 | ---- | C] () -- C:\WINDOWS\Disktool.INI
[2010-05-01 10:05:48 | 000,006,565 | ---- | C] () -- C:\WINDOWS\fwupgrade.ini
[2010-05-01 10:05:48 | 000,003,677 | ---- | C] () -- C:\WINDOWS\SoundCon.INI
[2010-01-09 23:14:55 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2010-01-01 23:17:50 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\fsgscom.dll
[2009-12-23 21:23:01 | 000,000,598 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009-10-30 20:59:57 | 000,000,082 | ---- | C] () -- C:\WINDOWS\SuperUtil.ini
[2009-10-30 20:57:25 | 000,269,824 | ---- | C] () -- C:\WINDOWS\System32\supermenuhook.dll
[2009-10-30 20:57:24 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\Shreder.dll
[2009-10-30 20:57:24 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\SuperRes.dll
[2009-10-30 20:57:24 | 000,000,052 | ---- | C] () -- C:\WINDOWS\System32\vb6sock.dll
[2009-10-20 02:23:46 | 000,178,960 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-10-18 13:09:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2009-10-06 19:37:38 | 000,010,686 | ---- | C] () -- C:\WINDOWS\TSCTVDIV.INI
[2009-10-06 19:35:08 | 000,018,455 | ---- | C] () -- C:\WINDOWS\TSCTVMSG.INI
[2009-10-06 19:30:02 | 000,000,475 | ---- | C] () -- C:\WINDOWS\TSCFM.INI
[2009-10-06 18:54:26 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-10-06 18:48:32 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\DTVdrv.dll
[2009-10-06 18:48:32 | 000,012,188 | ---- | C] () -- C:\WINDOWS\System32\DTVdrvNT.sys
[2009-10-06 18:48:31 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\TSCTVWDM.DLL
[2009-10-06 18:48:31 | 000,019,729 | ---- | C] () -- C:\WINDOWS\Tsctvfm.ini
[2009-10-06 18:48:31 | 000,000,201 | ---- | C] () -- C:\WINDOWS\IFOLDER.INI
[2009-10-06 18:48:00 | 000,001,007 | ---- | C] () -- C:\WINDOWS\TSCTV.INI
[2009-10-06 18:16:06 | 012,039,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys
[2009-10-06 18:16:06 | 000,025,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys
[2009-10-06 18:16:06 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini
[2009-10-06 17:55:49 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-10-01 16:49:17 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-10-01 16:49:17 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-02-09 07:18:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009-02-09 07:18:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009-02-09 07:18:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009-02-09 07:18:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2004-09-16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004-09-16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS

[color="#e56717"]========== LOP Check ==========[/color]

[2009-12-21 15:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Archibald's Adventures
[2009-10-20 13:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu
[2010-06-08 16:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0
[2010-06-11 17:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ipla
[2009-12-03 20:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Tank Combat
[2010-06-22 12:48:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2010-05-09 18:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2009-12-29 14:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters
[2010-06-10 17:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\G DATA
[2009-10-23 18:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InterAction studios
[2010-05-08 20:45:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-01-24 22:17:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
[2009-12-21 22:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NFS Underground
[2009-12-02 12:30:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\phenomedia
[2009-10-01 16:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Temp
[2010-06-09 10:38:14 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

[color="#e56717"]========== Purity Check ==========[/color]



[color="#e56717"]========== Custom Scans ==========[/color]


[color="#a23bec"]< %systemdrive%\*.* >[/color]
[2009-10-01 22:25:07 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-05-05 21:03:16 | 000,065,536 | ---- | M] () -- C:\CAPTURE.AVI
[2009-10-01 22:29:26 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-12-31 16:55:07 | 000,000,062 | ---- | M] () -- C:\error.txt
[2010-06-22 12:59:36 | 000,036,922 | ---- | M] () -- C:\Extras.Txt
[2010-06-08 16:49:59 | 000,032,631 | ---- | M] () -- C:\hpfr3320.log
[2009-10-01 22:29:26 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-06-22 13:00:56 | 000,025,596 | ---- | M] () -- C:\log.txt
[2010-06-18 19:24:41 | 000,000,458 | ---- | M] () -- C:\memory.txt
[2009-10-01 22:29:26 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-06-22 12:59:24 | 000,075,416 | ---- | M] () -- C:\OTL.Txt
[2010-06-22 12:47:41 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010-06-22 13:00:31 | 000,000,200 | ---- | M] () -- C:\service.log
[2010-04-24 20:15:11 | 000,921,624 | ---- | M] () -- C:\snp2sxp-001.raw
[2010-06-22 08:48:35 | 000,001,524 | ---- | M] () -- C:\SystemLook.txt


[color="#a23bec"]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color="#a23bec"]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[color="#a23bec"]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color="#a23bec"]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color="#a23bec"]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color="#a23bec"]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 12:20:38 | 000,182,656 | ---- | M] () MD5=1DF7F42665C94B825322FAE71721130D -- C:\RECYCLER\S-1-5-21-1844237615-1965331169-1801674531-500\Dc6\NDIS.sys\48025D032c980\NDIS.sys
[2008-04-13 12:20:38 | 000,182,656 | ---- | M] () MD5=1DF7F42665C94B825322FAE71721130D -- C:\RECYCLER\S-1-5-21-1844237615-1965331169-1801674531-500\Dc7\NDIS.sys\48025D032c980\NDIS.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color="#a23bec"]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
< End of report >
[/log]



LOG z RSIT
[log]Logfile of random's system information tool 1.07 (written by random/random)
Run by Administrator at 2010-06-22 13:00:24
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 11 GB (20%) free of 54 GB
Total RAM: 3326 MB (86% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:00:30, on 2010-06-22
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\vsnp2std.exe
C:\WINDOWS\PowerS.exe
C:\windows\tsnp2std.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\OTL.exe
C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.pl/"]http://www.google.pl/[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = [url="http://www.crawler.com/search/ie.aspx?tb_id=60341"]http://www.crawler.c...spx?tb_id=60341[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = [url="http://dnl.crawler.com/support/sa_customize.aspx?TbId=60341"]http://dnl.crawler.c...aspx?TbId=60341[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.0"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [PowerS] C:\WINDOWS\PowerS.exe
O4 - HKLM\..\Run: [tsnp2std] c:\windows\tsnp2std.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Remote Controller.lnk = C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE
O4 - Global Startup: TVSCHL.lnk = C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=www.google.pl
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Unknown owner - C:\Program Files\Spyware Terminator\sp_rsser.exe (file missing)

--
End of file - 8624 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-03 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-10-01 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-01-13 18084864]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-02-09 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-02-09 86016]
"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2009-03-10 570664]
"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2009-03-16 210216]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [2002-07-10 188416]
"snp2std"=C:\WINDOWS\vsnp2std.exe [2006-09-15 675840]
"PowerS"=C:\WINDOWS\PowerS.exe [2001-08-03 159800]
"tsnp2std"=c:\windows\tsnp2std.exe [2007-01-05 258048]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-01 39408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
C:\Program Files\Ares\Ares.exe [2008-12-13 882176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-01-27 2387968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\GRY\gta VI\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
D:\torent\uTorrent.exe [2010-05-15 322352]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Remote Controller.lnk - C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE
TVSCHL.lnk - C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2009-10-20 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"D:\torent\uTorrent.exe"="D:\torent\uTorrent.exe:*:Enabled:µTorrent"
"D:\GRY\NFS\Speed.exe"="D:\GRY\NFS\Speed.exe:*:Disabled:Speed"
"D:\GRY\colin DIRT2\dirt2_game.exe"="D:\GRY\colin DIRT2\dirt2_game.exe:*:Disabled:DiRT2"
"D:\GRY\cs\hl.exe"="D:\GRY\cs\hl.exe:*:Disabled:Half-Life Launcher"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Disabled:Crawler Spyware Terminator"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Disabled:eMule"
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-06-22 12:59:36 ----A---- C:\Extras.Txt
2010-06-22 12:59:24 ----A---- C:\OTL.Txt
2010-06-22 08:53:50 ----D---- C:\_OTL
2010-06-22 08:48:35 ----A---- C:\SystemLook.txt
2010-06-21 21:17:20 ----D---- C:\rsit
2010-06-21 21:17:20 ----D---- C:\Program Files\trend micro
2010-06-10 17:18:27 ----D---- C:\Program Files\Kaspersky Lab
2010-06-10 17:18:27 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
2010-06-03 18:26:38 ----A---- C:\WINDOWS\TSCTNDBG.INI
2010-06-02 18:24:33 ----D---- C:\Program Files\Common Files\G DATA
2010-06-02 18:24:33 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\G DATA

======List of files/folders modified in the last 1 months======

2010-06-22 12:49:47 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-22 12:48:18 ----D---- C:\WINDOWS\Temp
2010-06-22 12:48:14 ----A---- C:\WINDOWS\TSCTV.INI
2010-06-22 12:48:09 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
2010-06-22 12:48:02 ----D---- C:\WINDOWS
2010-06-22 12:48:02 ----A---- C:\WINDOWS\Tsctvfm.ini
2010-06-22 12:47:50 ----A---- C:\WINDOWS\IFOLDER.INI
2010-06-22 09:17:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-22 08:56:40 ----D---- C:\WINDOWS\Prefetch
2010-06-22 08:54:10 ----D---- C:\WINDOWS\system32
2010-06-21 21:17:20 ----RD---- C:\Program Files
2010-06-20 16:50:53 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Skype
2010-06-20 16:07:23 ----D---- C:\WINDOWS\Minidump
2010-06-20 15:43:03 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\skypePM
2010-06-19 23:05:11 ----D---- C:\WINDOWS\system32\drivers
2010-06-19 23:02:36 ----D---- C:\WINDOWS\system32\CatRoot
2010-06-19 23:01:41 ----SHD---- C:\WINDOWS\Installer
2010-06-19 23:01:15 ----HD---- C:\WINDOWS\inf
2010-06-18 19:24:41 ----A---- C:\memory.txt
2010-06-11 17:11:38 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\ipla
2010-06-10 19:41:46 ----A---- C:\WINDOWS\SuperUtil.ini
2010-06-10 18:55:44 ----D---- C:\WINDOWS\system32\embedded
2010-06-10 17:20:50 ----D---- C:\WINDOWS\system32\LogFiles
2010-06-10 17:14:13 ----D---- C:\WINDOWS\WinSxS
2010-06-10 17:08:25 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
2010-06-10 17:08:24 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-06-09 10:38:13 ----SD---- C:\WINDOWS\Tasks
2010-06-08 21:35:50 ----SHD---- C:\System Volume Information
2010-06-08 16:37:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0
2010-06-03 20:07:34 ----A---- C:\WINDOWS\AviSplitter.INI
2010-06-02 18:52:58 ----SD---- C:\WINDOWS\system32\Microsoft
2010-06-02 18:24:33 ----D---- C:\Program Files\Common Files
2010-06-02 18:16:23 ----D---- C:\Program Files\Alwil Software
2010-06-02 17:50:58 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
2010-06-02 16:42:42 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2010-05-30 19:25:23 ----HD---- C:\Program Files\InstallShield Installation Information
2010-05-28 15:27:47 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\dvdcss

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys []
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2010-06-19 315408]
R1 SuperMounter;SuperMounter; C:\WINDOWS\system32\drivers\SuperMounter.sys [2008-02-24 11264]
R2 BT848;BtCap, WDM Video Capture; C:\WINDOWS\system32\drivers\BT848.SYS [2001-02-03 290440]
R2 BTTUNER;BtTuner, WDM TV Tuner; C:\WINDOWS\system32\drivers\BTTUNER.SYS [2001-02-03 22288]
R2 BTXBAR;BtXBar, WDM Crossbar; C:\WINDOWS\system32\drivers\BTXBAR.SYS [2001-02-03 12632]
R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
R3 GearAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [2008-02-22 16168]
R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-01-20 5027840]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-02-09 6307328]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-04-09 12039552]
R3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbstor;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
S1 SRTSP;SRTSP; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSP.SYS []
S1 SRTSPX;SRTSPX; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSPX.SYS []
S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS []
S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-01-27 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-02-09 163908]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-25 133104]
S2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 []
S2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-01 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
[/log]

Tomek01
komentarz
komentarz (edytowane)

Nic szczególnego w logu nie widać oprócz kilku dziwnych plików, ale google nie mówi o nich jako o zagrożeniach.

Jeżeli chodzi o bluescreen, to wygląda na to, że jest problem z Kaspersky'm. A wg mnie może być to powód jednoczesnego istnienia w systemie G Daty. Po prostu mogą się gryźć.
Tak osobiście uważam, ale chciałbym aby ktoś też wypowiedział się na ten temat.

raazor90
komentarz
komentarz

Zgadza się Tomek, jest to sterownik związany z Kaspersky, jeśli autor ma dwa programy antywirusowe gryzą się one i stąd BSOD

adis15
komentarz
komentarz

Ale ja usunąłem g-date i mam tylko Kasperskiego

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.