adis15 utworzono 21 czerwca 2010 utworzono 21 czerwca 2010 Miałem g-data is 2010 nie wykrywała żadnego wirusa chociaż gdy włączałem Mój komputer wyskakiwał mi błąd explorer.exe a potem błąd drwtsn32.exe a na dysku regularnie pojawiał mi się plik o nazwie aww7boot.txt i nie moglem wejść na niektóre strony m.in na www.kaspersky.pl . Teraz zainstalowałem kasperskiego i podczas skanowania zrestartuje mi się komputer (podczas restartu pojawiają się jakieś napisy na niebieskim tle).Raz nawet wyłączyła mi się nawet cała ochrona systemu. Musiałem od nowa instalować kasperskiego.Od czasu do czasu nie mogę pobrać aktualizacji.Nie wiem co mam robić?? [color="#ff0000"] //przenoszę do subforum Logi do sprawdzenia //raaz[/color]
Tomek01 komentarz 21 czerwca 2010 komentarz 21 czerwca 2010 To jest wirus. Załącz logi [url="http://images.malwareremoval.com/random/RSIT.exe"][b][color="#0000FF"]R[/color]andom's [color="#0000FF"]S[/color]ystem [color="#0000FF"]I[/color]nformation [color="#0000FF"]T[/color]ool[/b][/url] i [url="http://www.instalki.pl/programy/download_c/13/3138.html"][color="#0000FF"][b]OTL[/b][/color][/url].
pYz komentarz 21 czerwca 2010 komentarz 21 czerwca 2010 Mialem taki sam problem ze podczas scana wyskakiwaly mi bluescreeny. Okazalo sie ze mialem ogromna ilosc przeroznych robakow,spywarow ,wirusow i innych "nieprzyjaciol". Pomogl mi format calego dysku (probowalem jednej partycji ale to prawie nic nie dalo)
Tomek01 komentarz 21 czerwca 2010 komentarz 21 czerwca 2010 (edytowane) Wykonaj również http://www.forumpc.pl/index.php?showtopic=16074 pYz: w przypadku zagrożeń które wymieniłeś format nie jest koniecznością. Wystarczy trafić w odpowiednie ręce
Tomek01 komentarz 21 czerwca 2010 komentarz 21 czerwca 2010 W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60341 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341 IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.) FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2009-12-23 20:18:38 | 000,024,683 | ---- | M] (Ask.com) -- C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll [2009-09-21 13:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. :Files C:\WINDOWS\system32\dvmurl.dll :Commands [emptytemp] [start explorer] [Reboot][/code] Klikasz run fix, komputer uruchamia się ponownie. Do [url=http://images.malwareremoval.com/jpshortstuff/SystemLook.exe][b]System Look[/b][/url] wklej: [code]:filefind drwtsn32.exe drwtsn32* :regfind drwtsn32.exe drwtsn32*[/code] Wciśnij look, pokaż co wyskoczy. Wrzuć log OTL z usuwania oraz nowe logi OTL i RSIT oraz to co pokaże System look.
adis15 komentarz 22 czerwca 2010 Autor komentarz 22 czerwca 2010 logi z usuwania OTL [url="http://wklej.org/hash/65f074a5604/"]http://wklej.org/hash/65f074a5604/[/url] A to logi system look [url="http://wklej.org/id/354589/"]http://wklej.org/id/354589/[/url] Plik minidump Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 1000000A, {e8, 2, 1, 806e6a16} Unable to load image kl1.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for kl1.sys *** ERROR: Module load completed but symbols could not be loaded for kl1.sys Unable to load image klim5.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for klim5.sys *** ERROR: Module load completed but symbols could not be loaded for klim5.sys Unable to load image Rtenicxp.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for Rtenicxp.sys *** ERROR: Module load completed but symbols could not be loaded for Rtenicxp.sys [color="#000000"]Probably caused by : kl1.sys ( kl1+3b8d5 )[/color] Followup: MachineOwner Logi z OTL [log]OTL logfile created on: 2010-06-22 15:07:02 - Run 3 OTL by OldTimer - Version 3.2.6.1 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 79,00% Memory free 5,00 Gb Paging File | 5,00 Gb Available in Paging File | 91,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 52,61 Gb Total Space | 10,34 Gb Free Space | 19,66% Space Free | Partition Type: NTFS Drive D: | 292,97 Gb Total Space | 259,67 Gb Free Space | 88,63% Space Free | Partition Type: NTFS Drive E: | 292,97 Gb Total Space | 280,09 Gb Free Space | 95,60% Space Free | Partition Type: NTFS Drive F: | 292,96 Gb Total Space | 292,51 Gb Free Space | 99,85% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: P4 Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color="#e56717"]========== Processes (All) ==========[/color] PRC - [2010-06-21 20:55:34 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-04-14 16:47:07 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-10-20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe PRC - [2009-10-20 19:34:38 | 000,207,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe PRC - [2009-10-01 16:48:12 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009-03-02 14:06:16 | 000,068,136 | ---- | M] () -- C:\Program Files\Gigabyte\EasySaver\essvr.exe PRC - [2009-02-09 07:18:00 | 000,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2009-01-27 22:37:24 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2009-01-13 08:37:06 | 018,084,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HTTPFILTER] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2007-05-14 04:54:36 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe PRC - [2007-03-14 21:01:30 | 000,071,216 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe PRC - [2007-01-05 17:12:58 | 000,258,048 | ---- | M] (SONIX) -- C:\WINDOWS\tsnp2std.exe PRC - [2006-09-15 13:21:54 | 000,675,840 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2std.exe PRC - [2002-07-10 19:02:44 | 000,188,416 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe PRC - [2001-08-03 17:56:22 | 000,159,800 | ---- | M] (prolink) -- C:\WINDOWS\PowerS.exe PRC - [2001-02-23 10:07:30 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [color="#e56717"]========== Modules (All) ==========[/color] MOD - [2010-06-21 20:55:34 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\OTL.exe MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [color="#e56717"]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (sp_rssrv) SRV - File not found [Auto | Stopped] -- -- (Norton Internet Security) SRV - [2009-10-20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP) SRV - [2009-03-02 14:06:16 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service) [color="#e56717"]========== Driver Services (SafeList) ==========[/color] DRV - [2010-06-22 12:47:45 | 000,017,488 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2010-06-19 23:05:11 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2009-10-14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg) DRV - [2009-10-02 18:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-09-14 13:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2009-09-01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1) DRV - [2009-02-09 07:18:00 | 006,307,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2009-01-20 12:53:06 | 005,027,840 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-10-30 15:14:20 | 000,117,888 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2008-04-14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008-02-24 17:17:00 | 000,011,264 | ---- | M] (Superlogix) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\supermounter.sys -- (SuperMounter) DRV - [2007-04-09 11:38:06 | 012,039,552 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD) DRV - [2007-03-11 22:39:46 | 000,043,936 | ---- | M] (Alfa Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\AFPAnsi.sys -- (AFPAnsi) DRV - [2001-02-03 18:41:24 | 000,290,440 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BT848.SYS -- (BT848) DRV - [2001-02-03 18:11:54 | 000,012,632 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BTXBAR.SYS -- (BTXBAR) DRV - [2001-02-03 18:11:52 | 000,022,288 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BTTUNER.SYS -- (BTTUNER) [color="#e56717"]========== Standard Registry (SafeList) ==========[/color] [color="#e56717"]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.pl IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://www.google.com/ie"]http://www.google.com/ie[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [url="http://www.google.com/ie"]http://www.google.com/ie[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.pl IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.pl IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.pl IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.pl IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://www.google.com"]http://www.google.com[/url] IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.pl/"]http://www.google.pl/[/url] IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://www.google.com/ie"]http://www.google.com/ie[/url] IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color="#e56717"]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "www.google.pl" FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-14 16:47:14 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-06-22 08:53:55 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010-06-10 17:18:50 | 000,000,000 | ---D | M] [2009-10-19 20:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions [2009-10-21 17:20:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\wtmiwwyn.default\extensions [2010-06-21 21:15:39 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-06-02 19:01:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE-_updt_} [2010-06-02 19:01:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\chrome_updt_ [2010-06-02 19:01:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\components_updt_ [2010-06-10 17:19:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2010-04-14 16:47:10 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-04-14 16:47:10 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-04-14 16:47:10 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-04-14 16:47:10 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-04-14 16:47:10 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-04-14 16:47:10 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 17:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found O3 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe (HP) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [PowerS] C:\WINDOWS\PowerS.exe (prolink) O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix) O4 - HKLM..\Run: [tsnp2std] c:\WINDOWS\tsnp2std.exe (SONIX) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Remote Controller.lnk = C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE (TelSignal Co., Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TVSCHL.lnk = C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE (TelSignal Co., Ltd.) O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm () O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab"]http://download.macr...ash/swflash.cab[/url] (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.92 192.168.0.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-10-02 00:16:25 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: [b]ares[/b] - hkey= - key= - C:\Program Files\Ares\Ares.exe (Ares Development Group) MsConfig - StartUpReg: [b]LightScribe Control Panel[/b] - hkey= - key= - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company) MsConfig - StartUpReg: [b]RGSC[/b] - hkey= - key= - D:\GRY\gta VI\Rockstar Games Social Club\RGSCLauncher.exe File not found MsConfig - StartUpReg: [b]uTorrent[/b] - hkey= - key= - D:\torent\uTorrent.exe (BitTorrent, Inc.) SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color="#e56717"]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-06-22 13:21:51 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86) [2010-06-22 08:53:50 | 000,000,000 | ---D | C] -- C:\_OTL [2010-06-21 21:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010-06-21 21:17:20 | 000,000,000 | ---D | C] -- C:\rsit [2010-06-10 17:18:27 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2010-06-10 17:18:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab [2010-06-10 17:18:13 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2010-06-02 18:29:35 | 000,068,976 | ---- | C] (G Data Software) -- C:\WINDOWS\System32\drivers\GRD.sys [2010-06-02 18:25:22 | 000,053,320 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\MiniIcpt.sys [2010-06-02 18:24:55 | 000,022,528 | ---- | C] (G DATA Software AG) -- C:\WINDOWS\System32\drivers\GDNdisIc.sys [2010-06-02 18:24:54 | 000,051,784 | ---- | C] (G DATA Software AG) -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys [2010-06-02 18:24:52 | 000,027,720 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDBehave.sys [2010-06-02 18:24:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\G DATA [2010-06-02 18:24:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\G DATA [2010-06-02 16:55:32 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2010-05-19 19:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2010-05-19 19:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2010-05-09 18:33:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-05-01 10:45:54 | 000,000,000 | ---D | C] -- C:\Program Files\MP3 Player Utilities 3.57 [2009-10-06 18:16:06 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2std.dll [2009-10-06 18:16:05 | 000,077,824 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll [color="#e56717"]========== Files - Modified Within 60 Days ==========[/color] [2010-06-22 15:00:00 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-06-22 13:22:03 | 004,718,592 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010-06-22 12:48:14 | 000,001,007 | ---- | M] () -- C:\WINDOWS\TSCTV.INI [2010-06-22 12:48:03 | 000,002,302 | ---- | M] () -- C:\WINDOWS\TSCTNDBG.INI [2010-06-22 12:48:02 | 000,019,729 | ---- | M] () -- C:\WINDOWS\Tsctvfm.ini [2010-06-22 12:47:50 | 000,000,201 | ---- | M] () -- C:\WINDOWS\IFOLDER.INI [2010-06-22 12:47:47 | 000,215,755 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-06-22 12:47:45 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-06-22 12:47:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-06-22 12:47:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-06-22 08:37:41 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-21 20:08:47 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2010-06-21 20:08:47 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for [2010-06-20 16:08:29 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-06-19 23:05:11 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2010-06-19 23:05:09 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2010-06-19 23:05:09 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2010-06-19 20:09:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-06-10 19:41:46 | 000,000,082 | ---- | M] () -- C:\WINDOWS\SuperUtil.ini [2010-06-09 10:38:14 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010-06-08 16:37:39 | 000,004,931 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel [2010-06-03 20:07:34 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI [2010-06-02 21:45:58 | 003,179,590 | -H-- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-06-02 19:18:04 | 000,027,720 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDBehave.sys [2010-06-02 18:29:35 | 000,068,976 | ---- | M] (G Data Software) -- C:\WINDOWS\System32\drivers\GRD.sys [2010-06-02 18:25:22 | 000,053,320 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\MiniIcpt.sys [2010-06-02 18:24:55 | 000,022,528 | ---- | M] (G DATA Software AG) -- C:\WINDOWS\System32\drivers\GDNdisIc.sys [2010-06-02 18:24:54 | 000,051,784 | ---- | M] (G DATA Software AG) -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys [2010-06-02 17:46:58 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-06-02 16:55:30 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2010-06-02 16:38:03 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Revo Uninstaller.lnk [2010-05-25 13:24:19 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\new.doc [2010-05-19 19:51:44 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-05-19 16:28:03 | 000,001,035 | ---- | M] () -- C:\WINDOWS\win.ini [2010-05-16 20:04:20 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk [2010-05-06 20:09:32 | 000,010,686 | ---- | M] () -- C:\WINDOWS\TSCTVDIV.INI [2010-05-06 20:09:32 | 000,000,804 | ---- | M] () -- C:\WINDOWS\TSCTVDIV.BIN [2010-05-06 20:09:32 | 000,000,475 | ---- | M] () -- C:\WINDOWS\TSCFM.INI [2010-05-06 20:09:32 | 000,000,036 | ---- | M] () -- C:\WINDOWS\GRAPPLER.INI [2010-05-05 21:03:16 | 000,065,536 | ---- | M] () -- C:\CAPTURE.AVI [2010-05-05 20:57:02 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-04-24 20:15:11 | 000,921,624 | ---- | M] () -- C:\snp2sxp-001.raw [color="#e56717"]========== Files Created - No Company Name ==========[/color] [2010-06-21 20:08:47 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn [2010-06-21 20:08:47 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for [2010-06-10 17:19:05 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat [2010-06-10 17:19:05 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat [2010-06-08 16:37:39 | 000,004,931 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel [2010-06-03 18:26:38 | 000,002,302 | ---- | C] () -- C:\WINDOWS\TSCTNDBG.INI [2010-06-02 18:25:29 | 000,002,596 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Config.nt.bak [2010-06-02 18:25:29 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Autoexec.nt.bak [2010-06-02 18:25:29 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\hosts.bak [2010-05-25 13:24:19 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\new.doc [2010-05-19 19:51:03 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-05-16 20:04:20 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk [2010-05-06 20:09:32 | 000,000,036 | ---- | C] () -- C:\WINDOWS\GRAPPLER.INI [2010-05-05 20:58:41 | 000,065,536 | ---- | C] () -- C:\CAPTURE.AVI [2010-05-01 10:05:48 | 000,008,802 | ---- | C] () -- C:\WINDOWS\AmvTransform.ini [2010-05-01 10:05:48 | 000,007,763 | ---- | C] () -- C:\WINDOWS\AmvPlayer.ini [2010-05-01 10:05:48 | 000,007,207 | ---- | C] () -- C:\WINDOWS\Disktool.INI [2010-05-01 10:05:48 | 000,006,565 | ---- | C] () -- C:\WINDOWS\fwupgrade.ini [2010-05-01 10:05:48 | 000,003,677 | ---- | C] () -- C:\WINDOWS\SoundCon.INI [2010-01-09 23:14:55 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2010-01-01 23:17:50 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\fsgscom.dll [2009-12-23 21:23:01 | 000,000,598 | ---- | C] () -- C:\WINDOWS\wininit.ini [2009-10-30 20:59:57 | 000,000,082 | ---- | C] () -- C:\WINDOWS\SuperUtil.ini [2009-10-30 20:57:25 | 000,269,824 | ---- | C] () -- C:\WINDOWS\System32\supermenuhook.dll [2009-10-30 20:57:24 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\Shreder.dll [2009-10-30 20:57:24 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\SuperRes.dll [2009-10-30 20:57:24 | 000,000,052 | ---- | C] () -- C:\WINDOWS\System32\vb6sock.dll [2009-10-20 02:23:46 | 000,178,960 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2009-10-18 13:09:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI [2009-10-06 19:37:38 | 000,010,686 | ---- | C] () -- C:\WINDOWS\TSCTVDIV.INI [2009-10-06 19:35:08 | 000,018,455 | ---- | C] () -- C:\WINDOWS\TSCTVMSG.INI [2009-10-06 19:30:02 | 000,000,475 | ---- | C] () -- C:\WINDOWS\TSCFM.INI [2009-10-06 18:54:26 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-10-06 18:48:32 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\DTVdrv.dll [2009-10-06 18:48:32 | 000,012,188 | ---- | C] () -- C:\WINDOWS\System32\DTVdrvNT.sys [2009-10-06 18:48:31 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\TSCTVWDM.DLL [2009-10-06 18:48:31 | 000,019,729 | ---- | C] () -- C:\WINDOWS\Tsctvfm.ini [2009-10-06 18:48:31 | 000,000,201 | ---- | C] () -- C:\WINDOWS\IFOLDER.INI [2009-10-06 18:48:00 | 000,001,007 | ---- | C] () -- C:\WINDOWS\TSCTV.INI [2009-10-06 18:16:06 | 012,039,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys [2009-10-06 18:16:06 | 000,025,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys [2009-10-06 18:16:06 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini [2009-10-06 17:55:49 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-10-01 16:49:17 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-10-01 16:49:17 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-02-09 07:18:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009-02-09 07:18:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2009-02-09 07:18:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009-02-09 07:18:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2004-09-16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS [2004-09-16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS [color="#e56717"]========== LOP Check ==========[/color] [2009-12-21 15:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Archibald's Adventures [2009-10-20 13:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu [2010-06-08 16:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0 [2010-06-11 17:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ipla [2009-12-03 20:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Tank Combat [2010-06-22 12:48:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent [2010-05-09 18:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2009-12-29 14:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2010-06-10 17:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\G DATA [2009-10-23 18:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InterAction studios [2010-05-08 20:45:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-01-24 22:17:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2009-12-21 22:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NFS Underground [2009-12-02 12:30:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\phenomedia [2009-10-01 16:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Temp [2010-06-09 10:38:14 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [color="#e56717"]========== Purity Check ==========[/color] [color="#e56717"]========== Custom Scans ==========[/color] [color="#a23bec"]< %systemdrive%\*.* >[/color] [2009-10-01 22:25:07 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-05-05 21:03:16 | 000,065,536 | ---- | M] () -- C:\CAPTURE.AVI [2009-10-01 22:29:26 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009-12-31 16:55:07 | 000,000,062 | ---- | M] () -- C:\error.txt [2010-06-22 12:59:36 | 000,036,922 | ---- | M] () -- C:\Extras.Txt [2010-06-08 16:49:59 | 000,032,631 | ---- | M] () -- C:\hpfr3320.log [2009-10-01 22:29:26 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-06-22 13:00:56 | 000,025,596 | ---- | M] () -- C:\log.txt [2010-06-18 19:24:41 | 000,000,458 | ---- | M] () -- C:\memory.txt [2009-10-01 22:29:26 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-06-22 12:59:24 | 000,075,416 | ---- | M] () -- C:\OTL.Txt [2010-06-22 12:47:41 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2010-06-22 13:00:31 | 000,000,200 | ---- | M] () -- C:\service.log [2010-04-24 20:15:11 | 000,921,624 | ---- | M] () -- C:\snp2sxp-001.raw [2010-06-22 08:48:35 | 000,001,524 | ---- | M] () -- C:\SystemLook.txt [color="#a23bec"]< MD5 for: AGP440.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [color="#a23bec"]< MD5 for: ATAPI.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [color="#a23bec"]< MD5 for: BEEP.SYS >[/color] [2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color="#a23bec"]< MD5 for: CDROM.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [color="#a23bec"]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color="#a23bec"]< MD5 for: NDIS.SYS >[/color] [2008-04-13 12:20:38 | 000,182,656 | ---- | M] () MD5=1DF7F42665C94B825322FAE71721130D -- C:\RECYCLER\S-1-5-21-1844237615-1965331169-1801674531-500\Dc6\NDIS.sys\48025D032c980\NDIS.sys [2008-04-13 12:20:38 | 000,182,656 | ---- | M] () MD5=1DF7F42665C94B825322FAE71721130D -- C:\RECYCLER\S-1-5-21-1844237615-1965331169-1801674531-500\Dc7\NDIS.sys\48025D032c980\NDIS.sys [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color="#a23bec"]< MD5 for: WINLOGON.EXE >[/color] [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] LOG z RSIT [log]Logfile of random's system information tool 1.07 (written by random/random) Run by Administrator at 2010-06-22 13:00:24 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 11 GB (20%) free of 54 GB Total RAM: 3326 MB (86% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:00:30, on 2010-06-22 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe C:\WINDOWS\vsnp2std.exe C:\WINDOWS\PowerS.exe C:\windows\tsnp2std.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\OTL.exe C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\RSIT.exe C:\Program Files\trend micro\Administrator.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.pl/"]http://www.google.pl/[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.pl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = [url="http://www.crawler.com/search/ie.aspx?tb_id=60341"]http://www.crawler.c...spx?tb_id=60341[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = [url="http://dnl.crawler.com/support/sa_customize.aspx?TbId=60341"]http://dnl.crawler.c...aspx?TbId=60341[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing) O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.0" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [PowerS] C:\WINDOWS\PowerS.exe O4 - HKLM\..\Run: [tsnp2std] c:\windows\tsnp2std.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Remote Controller.lnk = C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE O4 - Global Startup: TVSCHL.lnk = C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=www.google.pl O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Unknown owner - C:\Program Files\Spyware Terminator\sp_rsser.exe (file missing) -- End of file - 8624 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-03 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-10-01 458736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-01-13 18084864] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-02-09 13680640] "nwiz"=nwiz.exe /install [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-02-09 86016] "UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-12-03 218408] "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216] "LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256] "NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2009-03-10 570664] "UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2009-03-16 210216] "HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [2002-07-10 188416] "snp2std"=C:\WINDOWS\vsnp2std.exe [2006-09-15 675840] "PowerS"=C:\WINDOWS\PowerS.exe [2001-08-03 159800] "tsnp2std"=c:\windows\tsnp2std.exe [2007-01-05 258048] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-01 39408] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares] C:\Program Files\Ares\Ares.exe [2008-12-13 882176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-01-27 2387968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC] D:\GRY\gta VI\Rockstar Games Social Club\RGSCLauncher.exe /silent [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] D:\torent\uTorrent.exe [2010-05-15 322352] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE Remote Controller.lnk - C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE TVSCHL.lnk - C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2009-10-20 219664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows" "D:\torent\uTorrent.exe"="D:\torent\uTorrent.exe:*:Enabled:µTorrent" "D:\GRY\NFS\Speed.exe"="D:\GRY\NFS\Speed.exe:*:Disabled:Speed" "D:\GRY\colin DIRT2\dirt2_game.exe"="D:\GRY\colin DIRT2\dirt2_game.exe:*:Disabled:DiRT2" "D:\GRY\cs\hl.exe"="D:\GRY\cs\hl.exe:*:Disabled:Half-Life Launcher" "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Disabled:Crawler Spyware Terminator" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Disabled:eMule" "C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 1 months====== 2010-06-22 12:59:36 ----A---- C:\Extras.Txt 2010-06-22 12:59:24 ----A---- C:\OTL.Txt 2010-06-22 08:53:50 ----D---- C:\_OTL 2010-06-22 08:48:35 ----A---- C:\SystemLook.txt 2010-06-21 21:17:20 ----D---- C:\rsit 2010-06-21 21:17:20 ----D---- C:\Program Files\trend micro 2010-06-10 17:18:27 ----D---- C:\Program Files\Kaspersky Lab 2010-06-10 17:18:27 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab 2010-06-03 18:26:38 ----A---- C:\WINDOWS\TSCTNDBG.INI 2010-06-02 18:24:33 ----D---- C:\Program Files\Common Files\G DATA 2010-06-02 18:24:33 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\G DATA ======List of files/folders modified in the last 1 months====== 2010-06-22 12:49:47 ----D---- C:\WINDOWS\system32\CatRoot2 2010-06-22 12:48:18 ----D---- C:\WINDOWS\Temp 2010-06-22 12:48:14 ----A---- C:\WINDOWS\TSCTV.INI 2010-06-22 12:48:09 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent 2010-06-22 12:48:02 ----D---- C:\WINDOWS 2010-06-22 12:48:02 ----A---- C:\WINDOWS\Tsctvfm.ini 2010-06-22 12:47:50 ----A---- C:\WINDOWS\IFOLDER.INI 2010-06-22 09:17:48 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-06-22 08:56:40 ----D---- C:\WINDOWS\Prefetch 2010-06-22 08:54:10 ----D---- C:\WINDOWS\system32 2010-06-21 21:17:20 ----RD---- C:\Program Files 2010-06-20 16:50:53 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Skype 2010-06-20 16:07:23 ----D---- C:\WINDOWS\Minidump 2010-06-20 15:43:03 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\skypePM 2010-06-19 23:05:11 ----D---- C:\WINDOWS\system32\drivers 2010-06-19 23:02:36 ----D---- C:\WINDOWS\system32\CatRoot 2010-06-19 23:01:41 ----SHD---- C:\WINDOWS\Installer 2010-06-19 23:01:15 ----HD---- C:\WINDOWS\inf 2010-06-18 19:24:41 ----A---- C:\memory.txt 2010-06-11 17:11:38 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\ipla 2010-06-10 19:41:46 ----A---- C:\WINDOWS\SuperUtil.ini 2010-06-10 18:55:44 ----D---- C:\WINDOWS\system32\embedded 2010-06-10 17:20:50 ----D---- C:\WINDOWS\system32\LogFiles 2010-06-10 17:14:13 ----D---- C:\WINDOWS\WinSxS 2010-06-10 17:08:25 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft 2010-06-10 17:08:24 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-06-09 10:38:13 ----SD---- C:\WINDOWS\Tasks 2010-06-08 21:35:50 ----SHD---- C:\System Volume Information 2010-06-08 16:37:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0 2010-06-03 20:07:34 ----A---- C:\WINDOWS\AviSplitter.INI 2010-06-02 18:52:58 ----SD---- C:\WINDOWS\system32\Microsoft 2010-06-02 18:24:33 ----D---- C:\Program Files\Common Files 2010-06-02 18:16:23 ----D---- C:\Program Files\Alwil Software 2010-06-02 17:50:58 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files 2010-06-02 16:42:42 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy 2010-05-30 19:25:23 ----HD---- C:\Program Files\InstallShield Installation Information 2010-05-28 15:27:47 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\dvdcss ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys [] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2010-06-19 315408] R1 SuperMounter;SuperMounter; C:\WINDOWS\system32\drivers\SuperMounter.sys [2008-02-24 11264] R2 BT848;BtCap, WDM Video Capture; C:\WINDOWS\system32\drivers\BT848.SYS [2001-02-03 290440] R2 BTTUNER;BtTuner, WDM TV Tuner; C:\WINDOWS\system32\drivers\BTTUNER.SYS [2001-02-03 22288] R2 BTXBAR;BtXBar, WDM Crossbar; C:\WINDOWS\system32\drivers\BTXBAR.SYS [2001-02-03 12632] R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys [] R3 GearAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [2008-02-22 16168] R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-01-20 5027840] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-10-02 19472] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-02-09 6307328] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888] R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-04-09 12039552] R3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208] R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 usbstor;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] S1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [] S1 SRTSP;SRTSP; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSP.SYS [] S1 SRTSPX;SRTSPX; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSPX.SYS [] S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024] S3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] S3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504] S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248] S3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS [] S3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS [] S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856] S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] R2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-01-27 73728] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-02-09 163908] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-25 133104] S2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 [] S2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-01 182768] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- [/log]
Tomek01 komentarz 22 czerwca 2010 komentarz 22 czerwca 2010 (edytowane) Nic szczególnego w logu nie widać oprócz kilku dziwnych plików, ale google nie mówi o nich jako o zagrożeniach. Jeżeli chodzi o bluescreen, to wygląda na to, że jest problem z Kaspersky'm. A wg mnie może być to powód jednoczesnego istnienia w systemie G Daty. Po prostu mogą się gryźć. Tak osobiście uważam, ale chciałbym aby ktoś też wypowiedział się na ten temat.
raazor90 komentarz 22 czerwca 2010 komentarz 22 czerwca 2010 Zgadza się Tomek, jest to sterownik związany z Kaspersky, jeśli autor ma dwa programy antywirusowe gryzą się one i stąd BSOD
adis15 komentarz 23 czerwca 2010 Autor komentarz 23 czerwca 2010 Ale ja usunąłem g-date i mam tylko Kasperskiego
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.