x-kom hosting

Błąd explorer.exe podczas otwierania dysku C

adis15
utworzono
utworzono

Tak jak w temacie gdy otwieram dysk C wyskakuje mi błąd explorer.exe

Log z OTL[log]OTL logfile created on: 2010-07-31 12:19:06 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 85,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52,61 Gb Total Space | 2,45 Gb Free Space | 4,66% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 238,54 Gb Free Space | 81,42% Space Free | Partition Type: NTFS
Drive E: | 292,97 Gb Total Space | 279,61 Gb Free Space | 95,44% Space Free | Partition Type: NTFS
Drive F: | 292,96 Gb Total Space | 292,47 Gb Free Space | 99,83% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: P4
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-07-30 19:11:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-06-28 14:09:24 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-10-20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
PRC - [2009-10-20 19:34:38 | 000,207,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
PRC - [2009-03-02 14:06:16 | 000,068,136 | ---- | M] () -- C:\Program Files\Gigabyte\EasySaver\essvr.exe
PRC - [2009-02-09 07:18:00 | 000,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2009-01-27 22:37:24 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2009-01-13 08:37:06 | 018,084,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-05-14 04:54:36 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2007-03-14 21:01:30 | 000,071,216 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2007-01-05 17:12:58 | 000,258,048 | ---- | M] (SONIX) -- C:\WINDOWS\tsnp2std.exe
PRC - [2006-09-15 13:21:54 | 000,675,840 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2std.exe
PRC - [2002-07-10 19:02:44 | 000,188,416 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
PRC - [2001-08-03 17:56:22 | 000,159,800 | ---- | M] (prolink) -- C:\WINDOWS\PowerS.exe
PRC - [2001-02-23 10:07:30 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-07-30 19:11:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe -- (Norton Internet Security)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2009-10-20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2009-03-02 14:06:16 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\NIS\1000000.07D\SRTSPX.SYS -- (SRTSPX)
DRV - File not found [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\NIS\1000000.07D\SRTSP.SYS -- (SRTSP)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS -- (NAVEX15)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS -- (NAVENG)
DRV - File not found [File_System | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010-07-31 12:05:26 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010-06-19 23:05:11 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2009-10-14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2009-10-02 18:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-09-14 13:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009-09-01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009-06-30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009-02-09 07:18:00 | 006,307,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-01-20 12:53:06 | 005,027,840 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-10-30 15:14:20 | 000,117,888 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008-04-14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-02-24 17:17:00 | 000,011,264 | ---- | M] (Superlogix) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\supermounter.sys -- (SuperMounter)
DRV - [2007-04-09 11:38:06 | 012,039,552 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)
DRV - [2007-03-11 22:39:46 | 000,043,936 | ---- | M] (Alfa Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\AFPAnsi.sys -- (AFPAnsi)
DRV - [2001-02-03 18:41:24 | 000,290,440 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BT848.SYS -- (BT848)
DRV - [2001-02-03 18:11:54 | 000,012,632 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BTXBAR.SYS -- (BTXBAR)
DRV - [2001-02-03 18:11:52 | 000,022,288 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BTTUNER.SYS -- (BTTUNER)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-06-28 14:09:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-06-28 14:09:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010-06-10 17:18:50 | 000,000,000 | ---D | M]

[2009-10-19 20:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions
[2010-07-30 16:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\wtmiwwyn.default\extensions
[2010-06-23 12:58:00 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\wtmiwwyn.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010-07-27 20:46:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-06-02 19:01:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE-_updt_}
[2010-06-02 19:01:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\chrome_updt_
[2010-06-02 19:01:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\components_updt_
[2010-06-10 17:19:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010-04-14 16:47:10 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-04-14 16:47:10 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-04-14 16:47:10 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-04-14 16:47:10 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-04-14 16:47:10 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-04-14 16:47:10 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 17:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O3 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe (HP)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PowerS] C:\WINDOWS\PowerS.exe (prolink)
O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [tsnp2std] c:\WINDOWS\tsnp2std.exe (SONIX)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500..\Run: [uTorrent] D:\torent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Remote Controller.lnk = C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE (TelSignal Co., Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TVSCHL.lnk = C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE (TelSignal Co., Ltd.)
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.92 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-07-24 13:45:35 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-07-24 13:45:35 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-07-24 13:45:35 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-07-24 13:45:35 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: [b]ares[/b] - hkey= - key= - C:\Program Files\Ares\Ares.exe (Ares Development Group)
MsConfig - StartUpReg: [b]LightScribe Control Panel[/b] - hkey= - key= - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: [b]RGSC[/b] - hkey= - key= - D:\GRY\gta VI\Rockstar Games Social Club\RGSCLauncher.exe File not found
MsConfig - StartUpReg: [b]uTorrent[/b] - hkey= - key= - D:\torent\uTorrent.exe (BitTorrent, Inc.)

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-07-27 17:22:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\UserData
[2010-07-24 13:45:35 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010-07-19 20:01:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\SecuROM
[2010-07-13 10:27:53 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2010-07-13 10:24:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010-07-08 17:36:54 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2010-07-08 17:34:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE
[2010-07-08 17:34:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2010-07-08 17:31:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010-07-08 17:30:14 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010-07-07 18:09:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Abelssoft
[2010-07-07 17:27:13 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2010-07-07 17:26:15 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010-06-28 10:31:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\NFS Underground 2
[2010-06-26 22:12:06 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86)
[2010-06-25 12:29:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\DoctorWeb
[2010-06-23 18:36:08 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2010-06-23 18:36:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Paint.NET
[2010-06-23 15:24:46 | 000,000,000 | ---D | C] -- C:\Program Files\Ares
[2010-06-22 18:03:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes
[2010-06-22 18:03:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-06-22 18:03:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2010-06-22 18:03:37 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-06-22 18:03:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-06-10 17:18:27 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010-06-10 17:18:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
[2010-06-10 17:18:13 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010-06-02 18:29:35 | 000,068,976 | ---- | C] (G Data Software) -- C:\WINDOWS\System32\drivers\GRD.sys
[2010-06-02 18:25:22 | 000,053,320 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\MiniIcpt.sys
[2010-06-02 18:24:55 | 000,022,528 | ---- | C] (G DATA Software AG) -- C:\WINDOWS\System32\drivers\GDNdisIc.sys
[2010-06-02 18:24:54 | 000,051,784 | ---- | C] (G DATA Software AG) -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2010-06-02 18:24:52 | 000,027,720 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDBehave.sys
[2010-06-02 16:55:32 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2009-10-06 18:16:06 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2std.dll
[2009-10-06 18:16:05 | 000,077,824 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-07-31 12:06:08 | 000,001,007 | ---- | M] () -- C:\WINDOWS\TSCTV.INI
[2010-07-31 12:05:48 | 000,002,302 | ---- | M] () -- C:\WINDOWS\TSCTNDBG.INI
[2010-07-31 12:05:47 | 000,019,729 | ---- | M] () -- C:\WINDOWS\Tsctvfm.ini
[2010-07-31 12:05:44 | 000,000,200 | ---- | M] () -- C:\WINDOWS\IFOLDER.INI
[2010-07-31 12:05:29 | 000,215,755 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-07-31 12:05:26 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-07-31 12:05:26 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-31 12:05:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-30 20:29:36 | 005,242,880 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010-07-30 20:00:00 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-07-30 16:52:43 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010-07-29 21:24:00 | 000,041,472 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-29 21:06:07 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010-07-29 21:06:07 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010-07-28 19:09:11 | 002,649,124 | -H-- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-07-27 17:52:45 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-07-27 17:48:43 | 000,000,481 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\AVIPreview.lnk
[2010-07-27 17:26:50 | 000,000,010 | -H-- | M] () -- C:\lqlurj.gqe
[2010-07-27 17:26:44 | 000,000,448 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Video Fixer.lnk
[2010-07-23 21:11:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-07-15 10:56:25 | 000,000,412 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\spider.sav
[2010-07-13 10:28:59 | 000,270,582 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\cc_20100713_102819.reg
[2010-07-13 10:24:07 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\CCleaner.lnk
[2010-07-12 22:26:19 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-07-08 13:57:38 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI
[2010-07-07 19:31:45 | 000,001,035 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-07-07 11:51:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010-06-29 19:38:13 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Need for speed 2.lnk
[2010-06-28 19:37:50 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010-06-28 11:25:03 | 000,000,726 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Grand Theft Auto IV.lnk
[2010-06-28 10:48:00 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Rockstar Games Social Club.lnk
[2010-06-24 14:04:06 | 000,006,209 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010-06-23 18:36:26 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Paint.NET.lnk
[2010-06-23 15:24:48 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Ares.lnk
[2010-06-22 18:03:41 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-06-19 23:05:11 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010-06-10 19:41:46 | 000,000,082 | ---- | M] () -- C:\WINDOWS\SuperUtil.ini
[2010-06-02 19:18:04 | 000,027,720 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDBehave.sys
[2010-06-02 18:29:35 | 000,068,976 | ---- | M] (G Data Software) -- C:\WINDOWS\System32\drivers\GRD.sys
[2010-06-02 18:25:22 | 000,053,320 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\MiniIcpt.sys
[2010-06-02 18:24:55 | 000,022,528 | ---- | M] (G DATA Software AG) -- C:\WINDOWS\System32\drivers\GDNdisIc.sys
[2010-06-02 18:24:54 | 000,051,784 | ---- | M] (G DATA Software AG) -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2010-06-02 17:46:58 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-06-02 16:55:30 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010-06-02 16:38:03 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Revo Uninstaller.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-07-27 17:48:43 | 000,000,481 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\AVIPreview.lnk
[2010-07-27 17:26:50 | 000,000,010 | -H-- | C] () -- C:\lqlurj.gqe
[2010-07-27 17:26:44 | 000,000,448 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Video Fixer.lnk
[2010-07-13 10:28:21 | 000,270,582 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\cc_20100713_102819.reg
[2010-07-13 10:24:06 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\CCleaner.lnk
[2010-06-29 19:38:14 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Need for speed 2.lnk
[2010-06-28 19:37:50 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010-06-28 19:37:50 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010-06-28 11:25:03 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Grand Theft Auto IV.lnk
[2010-06-28 10:48:00 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Rockstar Games Social Club.lnk
[2010-06-24 14:04:06 | 000,006,209 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010-06-23 18:36:26 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Paint.NET.lnk
[2010-06-23 15:24:48 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Ares.lnk
[2010-06-22 18:03:41 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-06-10 17:19:05 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010-06-10 17:19:05 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010-06-03 18:26:38 | 000,002,302 | ---- | C] () -- C:\WINDOWS\TSCTNDBG.INI
[2010-06-02 18:25:29 | 000,002,596 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Config.nt.bak
[2010-06-02 18:25:29 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Autoexec.nt.bak
[2010-06-02 18:25:29 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\hosts.bak
[2010-05-06 20:09:32 | 000,000,036 | ---- | C] () -- C:\WINDOWS\GRAPPLER.INI
[2010-05-01 10:05:48 | 000,008,802 | ---- | C] () -- C:\WINDOWS\AmvTransform.ini
[2010-05-01 10:05:48 | 000,007,763 | ---- | C] () -- C:\WINDOWS\AmvPlayer.ini
[2010-05-01 10:05:48 | 000,007,207 | ---- | C] () -- C:\WINDOWS\Disktool.INI
[2010-05-01 10:05:48 | 000,006,565 | ---- | C] () -- C:\WINDOWS\fwupgrade.ini
[2010-05-01 10:05:48 | 000,003,677 | ---- | C] () -- C:\WINDOWS\SoundCon.INI
[2010-01-09 23:14:55 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2010-01-01 23:17:50 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\fsgscom.dll
[2009-12-23 21:23:01 | 000,000,598 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009-10-30 20:59:57 | 000,000,082 | ---- | C] () -- C:\WINDOWS\SuperUtil.ini
[2009-10-30 20:57:25 | 000,269,824 | ---- | C] () -- C:\WINDOWS\System32\supermenuhook.dll
[2009-10-30 20:57:24 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\Shreder.dll
[2009-10-30 20:57:24 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\SuperRes.dll
[2009-10-30 20:57:24 | 000,000,052 | ---- | C] () -- C:\WINDOWS\System32\vb6sock.dll
[2009-10-20 02:23:46 | 000,178,960 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-10-18 13:09:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2009-10-06 19:37:38 | 000,010,686 | ---- | C] () -- C:\WINDOWS\TSCTVDIV.INI
[2009-10-06 19:35:08 | 000,018,455 | ---- | C] () -- C:\WINDOWS\TSCTVMSG.INI
[2009-10-06 19:30:02 | 000,000,475 | ---- | C] () -- C:\WINDOWS\TSCFM.INI
[2009-10-06 18:54:26 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-10-06 18:48:32 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\DTVdrv.dll
[2009-10-06 18:48:32 | 000,012,188 | ---- | C] () -- C:\WINDOWS\System32\DTVdrvNT.sys
[2009-10-06 18:48:31 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\TSCTVWDM.DLL
[2009-10-06 18:48:31 | 000,019,729 | ---- | C] () -- C:\WINDOWS\Tsctvfm.ini
[2009-10-06 18:48:31 | 000,000,200 | ---- | C] () -- C:\WINDOWS\IFOLDER.INI
[2009-10-06 18:48:00 | 000,001,007 | ---- | C] () -- C:\WINDOWS\TSCTV.INI
[2009-10-06 18:16:06 | 012,039,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys
[2009-10-06 18:16:06 | 000,025,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys
[2009-10-06 18:16:06 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini
[2009-10-06 17:55:49 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-10-01 16:49:17 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-10-01 16:49:17 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-02-09 07:18:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009-02-09 07:18:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009-02-09 07:18:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009-02-09 07:18:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2004-09-16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004-09-16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS

[color=#E56717]========== LOP Check ==========[/color]

[2009-12-21 15:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Archibald's Adventures
[2009-10-20 13:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu
[2010-06-24 13:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0
[2010-06-26 22:09:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ipla
[2009-12-03 20:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Tank Combat
[2010-07-31 12:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2010-05-09 18:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2009-12-29 14:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters
[2009-10-23 18:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InterAction studios
[2010-05-08 20:45:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-01-24 22:17:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
[2009-12-21 22:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NFS Underground
[2009-12-02 12:30:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\phenomedia
[2009-10-01 16:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Temp
[2010-07-07 11:51:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-10-01 22:25:07 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-05-05 21:03:16 | 000,065,536 | ---- | M] () -- C:\CAPTURE.AVI
[2009-10-01 22:29:26 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-10-01 22:29:26 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-07-27 17:26:50 | 000,000,010 | -H-- | M] () -- C:\lqlurj.gqe
[2010-06-18 19:24:41 | 000,000,458 | ---- | M] () -- C:\memory.txt
[2010-07-08 18:56:28 | 000,007,528 | ---- | M] () -- C:\mksbasel.cpp.log
[2009-10-01 22:29:26 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-07-31 12:05:21 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010-07-31 12:05:51 | 000,000,145 | ---- | M] () -- C:\service.log
[2010-04-24 20:15:11 | 000,921,624 | ---- | M] () -- C:\snp2sxp-001.raw


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2009-12-22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
< End of report >
[/log]

Log z RSIT[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2010-08-01 17:23:23
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 2 GB (4%) free of 54 GB
Total RAM: 3326 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:23:45, on 2010-08-01
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\vsnp2std.exe
C:\WINDOWS\PowerS.exe
C:\windows\tsnp2std.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.0"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [PowerS] C:\WINDOWS\PowerS.exe
O4 - HKLM\..\Run: [tsnp2std] c:\windows\tsnp2std.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [uTorrent] "D:\torent\uTorrent.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Remote Controller.lnk = C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE
O4 - Global Startup: TVSCHL.lnk = C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=www.google.pl
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Unknown owner - C:\Program Files\Spyware Terminator\sp_rsser.exe (file missing)

--
End of file - 8698 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-01-13 18084864]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-02-09 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-02-09 86016]
"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2009-03-10 570664]
"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2009-03-16 210216]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [2002-07-10 188416]
"snp2std"=C:\WINDOWS\vsnp2std.exe [2006-09-15 675840]
"PowerS"=C:\WINDOWS\PowerS.exe [2001-08-03 159800]
"tsnp2std"=c:\windows\tsnp2std.exe [2007-01-05 258048]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ares"=C:\Program Files\Ares\Ares.exe [2010-02-08 1015808]
"uTorrent"=D:\torent\uTorrent.exe [2010-05-15 322352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
C:\Program Files\Ares\Ares.exe [2010-02-08 1015808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-01-27 2387968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\GRY\gta VI\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
D:\torent\uTorrent.exe [2010-05-15 322352]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Remote Controller.lnk - C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE
TVSCHL.lnk - C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2009-10-20 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=0xFFFFFFFF

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\torent\uTorrent.exe"="D:\torent\uTorrent.exe:*:Enabled:µTorrent"
"D:\GRY\NFS\Speed.exe"="D:\GRY\NFS\Speed.exe:*:Disabled:Speed"
"D:\GRY\colin DIRT2\dirt2_game.exe"="D:\GRY\colin DIRT2\dirt2_game.exe:*:Disabled:DiRT2"
"D:\GRY\cs\hl.exe"="D:\GRY\cs\hl.exe:*:Disabled:Half-Life Launcher"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Disabled:Crawler Spyware Terminator"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Disabled:eMule"
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"D:\GRY\rockstar games social club\Rockstar Games Social Club\RGSCLauncher.exe"="D:\GRY\rockstar games social club\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"D:\GRY\GTA\Grand Theft Auto IV\LaunchGTAIV.exe"="D:\GRY\GTA\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-08-01 17:23:25 ----D---- C:\Program Files\trend micro
2010-08-01 17:23:23 ----D---- C:\rsit
2010-07-24 13:45:35 ----RASHD---- C:\autorun.inf
2010-07-21 14:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$
2010-07-19 20:01:02 ----RHD---- C:\Documents and Settings\Administrator\Dane aplikacji\SecuROM
2010-07-13 10:24:05 ----D---- C:\Program Files\CCleaner
2010-07-08 17:36:54 ----D---- C:\Program Files\SkanerOnline
2010-07-08 17:31:14 ----D---- C:\WINDOWS\WBEM
2010-07-08 17:30:14 ----HDC---- C:\WINDOWS\ie8
2010-07-07 17:27:13 ----A---- C:\WINDOWS\system32\drivers\pavboot.sys
2010-07-07 17:26:15 ----D---- C:\Program Files\Panda Security

======List of files/folders modified in the last 1 months======

2010-08-01 17:23:25 ----RD---- C:\Program Files
2010-08-01 17:02:32 ----D---- C:\Program Files\Mozilla Firefox
2010-08-01 16:51:53 ----D---- C:\WINDOWS\Temp
2010-08-01 14:01:45 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-01 13:44:36 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
2010-08-01 13:44:35 ----A---- C:\WINDOWS\TSCTV.INI
2010-08-01 13:42:48 ----D---- C:\WINDOWS
2010-08-01 13:42:48 ----A---- C:\WINDOWS\Tsctvfm.ini
2010-08-01 13:42:48 ----A---- C:\WINDOWS\TSCTNDBG.INI
2010-08-01 13:42:46 ----A---- C:\WINDOWS\IFOLDER.INI
2010-08-01 13:42:43 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
2010-07-31 15:00:43 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-29 21:06:07 ----D---- C:\WINDOWS\system32\drivers
2010-07-29 18:38:53 ----D---- C:\WINDOWS\Prefetch
2010-07-29 14:28:55 ----D---- C:\WINDOWS\Minidump
2010-07-27 17:52:45 ----A---- C:\WINDOWS\NeroDigital.ini
2010-07-27 17:26:43 ----D---- C:\WINDOWS\system32
2010-07-21 20:04:37 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-21 14:10:53 ----HD---- C:\WINDOWS\inf
2010-07-21 14:10:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-13 10:27:53 ----D---- C:\WINDOWS\Debug
2010-07-13 08:38:33 ----D---- C:\Program Files\Debugging Tools for Windows (x86)
2010-07-12 22:36:49 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Skype
2010-07-12 16:50:41 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\skypePM
2010-07-08 18:42:56 ----D---- C:\Program Files\Google
2010-07-08 17:36:54 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-07-08 17:33:57 ----D---- C:\WINDOWS\system32\pl-pl
2010-07-08 17:33:57 ----D---- C:\WINDOWS\Help
2010-07-08 17:33:57 ----D---- C:\Program Files\Internet Explorer
2010-07-08 17:31:20 ----D---- C:\WINDOWS\system32\config
2010-07-08 17:31:07 ----D---- C:\WINDOWS\Media
2010-07-08 13:57:38 ----A---- C:\WINDOWS\AviSplitter.INI
2010-07-07 19:31:45 ----A---- C:\WINDOWS\win.ini
2010-07-07 18:33:01 ----SHD---- C:\WINDOWS\Installer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AFPAnsi;Alfa File Protector Ansi; C:\WINDOWS\System32\Drivers\AFPAnsi.sys [2007-03-11 43936]
R0 klbg;Kaspersky Lab Boot Guard Driver; C:\WINDOWS\system32\drivers\klbg.sys [2009-10-14 36880]
R0 pavboot;pavboot; C:\WINDOWS\system32\drivers\pavboot.sys [2009-06-30 28552]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys []
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2010-06-19 315408]
R1 SuperMounter;SuperMounter; C:\WINDOWS\system32\drivers\SuperMounter.sys [2008-02-24 11264]
R2 BT848;BtCap, WDM Video Capture; C:\WINDOWS\system32\drivers\BT848.SYS [2001-02-03 290440]
R2 BTTUNER;BtTuner, WDM TV Tuner; C:\WINDOWS\system32\drivers\BTTUNER.SYS [2001-02-03 22288]
R2 BTXBAR;BtXBar, WDM Crossbar; C:\WINDOWS\system32\drivers\BTXBAR.SYS [2001-02-03 12632]
R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
R3 GearAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [2008-02-22 16168]
R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-01-20 5027840]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-02-09 6307328]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-04-09 12039552]
R3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
S1 SRTSP;SRTSP; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSP.SYS []
S1 SRTSPX;SRTSPX; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSPX.SYS []
S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS []
S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-01-27 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-02-09 163908]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-25 133104]
S2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 []
S2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-01 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
[/log]

[log]info.txt logfile of random's system information tool 1.08 2010-08-01 17:23:47

======Uninstall list======

-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->MsiExec /X{5DB65884-C963-4454-AABA-4CA3089281FA}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"D:\torent\uTorrent.exe" /UNINSTALL
AC3Filter 1.63b-->"C:\Program Files\AC3Filter\unins000.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.3.2 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A93000000001}
Airfix Dogfighter-->D:\GRY\Airfix\UNWISE.EXE D:\GRY\Airfix\INSTALL.LOG
Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ares 2.1.5-->"C:\Program Files\Ares\uninstall.exe"
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Big Scale Racing DEMO PL-->D:\GRY\big scale racing\Uninstal.exe
Browser Configuration Utility-->"C:\Program Files\InstallShield Installation Information\{E8AEA11B-E60A-455E-B008-E4E763604612}\setup.exe" -runfromtemp -l0x0009 -removeonly
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Chicken Invaders: Revenge of the Yolk v3.61-->"D:\GRY\ChickenInvadersROTYPolish\unins000.exe"
Colin McRae Rally 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19B72AA9-985A-11D4-9C8A-00D0B75D1498}\setup.exe"
Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}\Setup.exe" -l0x19
Debugging Tools for Windows (x86)-->MsiExec.exe /I{300A2961-B2B5-4889-9CB9-5C2A570D08AD}
DiRT2-->"C:\Program Files\InstallShield Installation Information\{F0A421DB-030E-40DE-A3E6-EC340B1074BC}\setup.exe" -runfromtemp -l0x0015 -removeonly
EasySaver B9.0316.1 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{07300F01-89CA-4CF8-92BD-2A605EB83C95}\setup.exe" -l0x9 -removeonly
Encyklopedia małego człowieka-->D:\GRY\Nowy folder\_uninst\uninstaller.exe
ffdshow [rev 3089] [2009-09-26]-->"C:\Program Files\ffdshow\unins000.exe"
FIFA 10 - Demo-->MsiExec.exe /X{9CD9CD94-76CC-4524-8617-DEB9C2D7C389}
FormatFactory 2.10-->C:\Program Files\FreeTime\FormatFactory\uninst.exe
Free YouTube Download 2.3-->"C:\Program Files\DVDVideoSoft\Free YouTube Download\unins000.exe"
Gadu-Gadu 7.7-->C:\Program Files\Gadu-Gadu\Setup.exe
Gimnazjum klasa 1 - Fizyka-->C:\WINDOWS\IsUn0415.exe -fd:\nauka\FIZYKA\Uninst.isu -cd:\nauka\FIZYKA\UninstallProject.dll
Gimnazjum klasa 1 - Gra muzyka!-->C:\WINDOWS\IsUn0415.exe -fd:\Uninst.isu -cd:\UninstallProject.dll
Gimnazjum klasa 1 - Puls życia-->C:\WINDOWS\IsUn0415.exe -fd:\nauka\biologia\Uninst.isu -cd:\nauka\biologia\UninstallProject.dll
GIMP 2.6.4-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonly
Grand Theft Auto Vice City-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\Setup.exe" -l0x9
GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
Hard Truck 18 Wheels of Steel-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1096C4FA-CC07-4BE1-B73F-77BDFF4916B8}
Hitman 2: Silent Assassin-->D:\GRY\HITMAN~1\uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
hp deskjet 3320 series (Tylko usuń)-->C:\Program Files\hp deskjet 3320 series\hpfiui.exe -c -vdivid=HPF -vpnum=95 -vinstport=USB001 -vproduct=3320 -huninstall
Hugo - Gorączka Czarnych Diamentów-->D:\GRY\HUGO-G~1\UNWISE.EXE D:\GRY\HUGO-G~1\INSTALL.LOG
HUGO-->C:\WINDOWS\IsUn0415.exe -fd:\gry\hugo\Uninst.isu
Icy Tower v1.4-->"D:\GRY\icytower1.4\unins000.exe"
ipla 2.1.3-->C:\Program Files\ipla\uninst.exe
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Joakim Asplund's Ultra FlexBall 2000-->C:\WINDOWS\IsUninst.exe -f"d:\gry\po\Ultra flexball\Uninst.isu"
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
Kurka Wodna 2-->D:\GRY\KURKAW~3\UNWISE.EXE D:\GRY\KURKAW~3\INSTALL.LOG
Kurka Wodna 3-->D:\GRY\KURKAW~4\UNWISE.EXE D:\GRY\KURKAW~4\INSTALL.LOG
Kurka Wodna Wielkanocne Jaja-->D:\GRY\KURKAW~2\UNWISE.EXE D:\GRY\KURKAW~2\INSTALL.LOG
Kurka Wodna-->D:\GRY\KURKAW~1\UNWISE.EXE D:\GRY\KURKAW~1\INSTALL.LOG
LG Burning Tools-->MsiExec.exe /X{567C9882-843D-4188-A181-00E2CC3E1045}
LG CyberLink LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
LG CyberLink PowerDVD 7.0-->"C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
LG Power Tools-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
LG Power Tools-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
LightScribe System Software-->MsiExec.exe /X{4A9849CA-E11C-4F24-8BB1-97C717A1C898}
MadOnion.com/3DMark2001-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6130E589-D759-43AC-8265-28EB0A711446}\Setup.exe" uninstall -uninst
Mafia-->"D:\GRY\Mafia\unins000.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MC-SE Smart Eye-->C:\Program Files\InstallShield Installation Information\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}\setup.exe -runfromtemp -l0x0009 -removeonly -u
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{6F05332E-6063-4FB9-9233-0577B01E124A}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{4CB52D2C-1857-4D6C-99C8-4D3F8FC6E124}
Microsoft Office XP Professional-->MsiExec.exe /I{90110415-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Moorhuhn Soccer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C6D1F24-C121-407D-A49D-46C0971C9751}\Setup.exe" -l0x9
Mozilla Firefox (3.6.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP3 Player Utilities 3.57-->MsiExec.exe /I{7784A172-61F1-445E-8368-601607E0DD22}
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Need For Speed Underground-->D:\GRY\NFS\EAUninstall.exe
Need for Speed™ SHIFT-->MsiExec.exe /X{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{5DB65884-C963-4454-AABA-4CA3089281FA}
OpenAL-->"C:\Program Files\OpenAL\OpenALwEAX.exe" /U
Paint.NET v3.5.5-->MsiExec.exe /X{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PhotoScape-->"C:\Program Files\PhotoScape\uninstall.exe"
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PixelView Station-->C:\WINDOWS\uninst.exe -f"C:\Program Files\PIXEL\DeIsL1.isu" -c"C:\Program Files\PIXEL\_ISREG32.DLL"
PlayTV Pro-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Prolink\PlayTV Pro\DeIsL1.isu" -c"C:\Program Files\Prolink\PlayTV Pro\_ISREG32.DLL"
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
Rapture3D 2.3.22 Game-->"C:\Program Files\BRS\unins000.exe"
Real Alternative 2.0.0-->"C:\Program Files\Real Alternative\unins000.exe"
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\LSetup.Exe -runfromtemp -l0x0015 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x15 -removeonly
Revo Uninstaller 1.88-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonly
Santa Claus in Trouble-->D:\GRY\SANTAC~1\UNINST~1\UNWISE.EXE D:\GRY\SANTAC~1\UNINST~1\INSTALL.LOG
Scooby-Doo(TM), Piramidalna zagadka(TM)-->d:\gry\scooby-doo\uninstall.exe
SEGA Rally-->C:\Program Files\InstallShield Installation Information\{383D3D87-A730-4334-ABD9-4DBC652FDD67}\setup.exe -runfromtemp -l0x0015 -removeonly
Skaner on-line mks_vir-->C:\WINDOWS\system32\SkanerOnlineUninstall.exe
Skoki Narciarskie 2002-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5E4EF02B-4C5F-4B35-AB77-41284456165A}\setup.exe"
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Super Utilities Pro - Ekspert Edition 9.39-->"C:\Program Files\SuperLogix\Super Utilities\unins000.exe"
Tlumacz Komputerowy - Niemiecki-->MsiExec.exe /I{52EBEDD0-71AA-4A4F-B379-04C35DBC52A9}
Tłumacz Komputerowy - Angielski 2-->MsiExec.exe /I{806B582D-E9FD-40CD-8315-1C64C17B7564}
ToonCar-->D:\GRY\ToonCar\UNWISE.EXE D:\GRY\ToonCar\INSTALL.LOG
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
upapp-->MsiExec.exe /I{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}
Video Fixer 3.23-->D:\videofixer\unins000.exe
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray-->"C:\WINDOWS\$NtUninstallKB952011$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}

======System event log======

Computer Name: P4
Event Code: 7035
Message: Do usługi Usługa inteligentnego transferu w tle został pomyślnie wysłany kod sterowania uruchom.

Record Number: 25669
Source Name: Service Control Manager
Time Written: 20100624125536.000000+120
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: P4
Event Code: 7035
Message: Do usługi Zgodność szybkiego przełączania użytkowników został pomyślnie wysłany kod sterowania uruchom.

Record Number: 25668
Source Name: Service Control Manager
Time Written: 20100624125536.000000+120
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: P4
Event Code: 7036
Message: Usługa Zgodność szybkiego przełączania użytkowników weszła w stan uruchomienia.

Record Number: 25667
Source Name: Service Control Manager
Time Written: 20100624125536.000000+120
Event Type: informacje
User:

Computer Name: P4
Event Code: 7036
Message: Usługa Usługi terminalowe weszła w stan uruchomienia.

Record Number: 25666
Source Name: Service Control Manager
Time Written: 20100624125536.000000+120
Event Type: informacje
User:

Computer Name: P4
Event Code: 7026
Message: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
Lbd
sp_rsdrv2
SRTSP
SRTSPX

Record Number: 25665
Source Name: Service Control Manager
Time Written: 20100624125535.000000+120
Event Type: błąd
User:

=====Application event log=====

Computer Name: P4
Event Code: 2
Message: Pomyślnie wykonano automatyczne pobranie aktualizacji listy głównej plików cab innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

Record Number: 4616
Source Name: crypt32
Time Written: 20100602165748.000000+120
Event Type: informacje
User:

Computer Name: P4
Event Code: 7
Message: Pomyślnie wykonano automatyczne pobranie aktualizacji numeru sekwencji listy głównej innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

Record Number: 4615
Source Name: crypt32
Time Written: 20100602165747.000000+120
Event Type: informacje
User:

Computer Name: P4
Event Code: 102
Message: wuaueng.dll (3988) SUS20ClientDataStore: Aparat bazy danych uruchomił nowe wystąpienie (0).

Record Number: 4614
Source Name: ESENT
Time Written: 20100602165736.000000+120
Event Type: informacje
User:

Computer Name: P4
Event Code: 100
Message: wuauclt (3988) Aparat bazy danych 5.01.2600.5512 został uruchomiony.

Record Number: 4613
Source Name: ESENT
Time Written: 20100602165736.000000+120
Event Type: informacje
User:

Computer Name: P4
Event Code: 0
Message:
Record Number: 4612
Source Name: gupdate
Time Written: 20100602165723.000000+120
Event Type: informacje
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=4
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"RGSCLauncher"=D:\GRY\rockstar games social club\Rockstar Games Social Club
"RGSC"=D:\GRY\rockstar games social club\Rockstar Games Social Club\1_0_0_0

-----------------EOF-----------------
[/log]

konrinator
komentarz
komentarz

miałem kiedyś cos podobnego. przeskanuj go programem Combofix i powinno być ok :)


[color="#FF0000"]4. Nie używaj programu ComboFix bez wyraźnego zalecenia.!! Tyczy się to również zalecania używania combofix!Jeszcze 1 taki wybryk i będzie warn
//Sohei [/color]

Sohei
komentarz
komentarz

Jest tutaj widać infekcje lecz na początek
Wykonaj pełny skan [url=http://dobreprogramy.pl/index.php?dz=2&id=1998][b]DR WEB CureIt[/b][/url]
Wykonaj pełny skan[url=http://www.dobreprogramy.pl/Malwarebytes-AntiMalware,Program,Windows,13117.html][b]MBAM[/b][/url]
Co znajda usun po czym daj logi z usuwania + nowy log OTL

adis15
komentarz
komentarz (edytowane)

MBAM nie mógł się zaktualizować a bez aktualizacji nic nie znalazł
DR.WEB znalazł jakiegoś trojana w C:System Volume Information ale zapomniałem zapisać logu.

OTL.txt[log]OTL logfile created on: 2010-08-06 14:27:06 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 75,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52,61 Gb Total Space | 1,31 Gb Free Space | 2,50% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 233,01 Gb Free Space | 79,53% Space Free | Partition Type: NTFS
Drive E: | 292,97 Gb Total Space | 279,61 Gb Free Space | 95,44% Space Free | Partition Type: NTFS
Drive F: | 292,96 Gb Total Space | 292,47 Gb Free Space | 99,83% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: P4
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-07-30 19:11:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-06-28 14:09:24 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-10-20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
PRC - [2009-10-20 19:34:38 | 000,207,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
PRC - [2009-03-02 14:06:16 | 000,068,136 | ---- | M] () -- C:\Program Files\Gigabyte\EasySaver\essvr.exe
PRC - [2009-02-09 07:18:00 | 000,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2009-01-27 22:37:24 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2009-01-13 08:37:06 | 018,084,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-05-14 04:54:36 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2007-03-14 21:01:30 | 000,071,216 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2007-01-05 17:12:58 | 000,258,048 | ---- | M] (SONIX) -- C:\WINDOWS\tsnp2std.exe
PRC - [2006-09-15 13:21:54 | 000,675,840 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2std.exe
PRC - [2002-07-10 19:02:44 | 000,188,416 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
PRC - [2002-04-08 11:37:14 | 000,118,784 | ---- | M] (TelSignal Co., Ltd.) -- C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE
PRC - [2001-08-03 17:56:22 | 000,159,800 | ---- | M] (prolink) -- C:\WINDOWS\PowerS.exe
PRC - [2001-02-23 10:07:30 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-07-30 19:11:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe -- (Norton Internet Security)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2009-10-20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2009-03-02 14:06:16 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\NIS\1000000.07D\SRTSPX.SYS -- (SRTSPX)
DRV - File not found [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\NIS\1000000.07D\SRTSP.SYS -- (SRTSP)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS -- (NAVEX15)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS -- (NAVENG)
DRV - File not found [File_System | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [File_System | Unknown | Running] -- -- (DwProt)
DRV - [2010-08-06 10:17:32 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010-06-19 23:05:11 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2009-10-14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2009-10-02 18:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-09-14 13:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009-09-01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009-06-30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009-02-09 07:18:00 | 006,307,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-01-20 12:53:06 | 005,027,840 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-10-30 15:14:20 | 000,117,888 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008-04-14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-02-24 17:17:00 | 000,011,264 | ---- | M] (Superlogix) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\supermounter.sys -- (SuperMounter)
DRV - [2007-04-09 11:38:06 | 012,039,552 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)
DRV - [2007-03-11 22:39:46 | 000,043,936 | ---- | M] (Alfa Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\AFPAnsi.sys -- (AFPAnsi)
DRV - [2001-02-03 18:41:24 | 000,290,440 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BT848.SYS -- (BT848)
DRV - [2001-02-03 18:11:54 | 000,012,632 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BTXBAR.SYS -- (BTXBAR)
DRV - [2001-02-03 18:11:52 | 000,022,288 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BTTUNER.SYS -- (BTTUNER)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-06-28 14:09:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-06-28 14:09:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010-06-10 17:18:50 | 000,000,000 | ---D | M]

[2009-10-19 20:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions
[2010-08-06 13:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\wtmiwwyn.default\extensions
[2010-06-23 12:58:00 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\wtmiwwyn.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010-08-06 13:58:09 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-06-02 19:01:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE-_updt_}
[2010-06-02 19:01:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\chrome_updt_
[2010-06-02 19:01:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\components_updt_
[2010-06-10 17:19:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010-04-14 16:47:10 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-04-14 16:47:10 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-04-14 16:47:10 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-04-14 16:47:10 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-04-14 16:47:10 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-04-14 16:47:10 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 17:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O3 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe (HP)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PowerS] C:\WINDOWS\PowerS.exe (prolink)
O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [tsnp2std] c:\WINDOWS\tsnp2std.exe (SONIX)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500..\Run: [uTorrent] D:\torent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Remote Controller.lnk = C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE (TelSignal Co., Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TVSCHL.lnk = C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE (TelSignal Co., Ltd.)
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.92 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-07-24 13:45:35 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-07-24 13:45:35 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-07-24 13:45:35 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-07-24 13:45:35 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-08-04 12:37:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\FIFA 09
[2010-08-02 19:24:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-08-02 19:24:38 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-08-02 19:24:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-08-01 17:23:25 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-08-01 17:23:23 | 000,000,000 | ---D | C] -- C:\rsit
[2010-07-27 17:22:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\UserData
[2010-07-24 13:45:35 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010-07-19 20:01:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\SecuROM
[2010-07-13 10:27:53 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2010-07-13 10:24:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010-07-08 17:36:54 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2010-07-08 17:34:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE
[2010-07-08 17:34:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2010-07-08 17:31:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010-07-08 17:30:14 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010-07-07 18:09:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Abelssoft
[2010-07-07 17:27:13 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2010-07-07 17:26:15 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010-06-28 10:31:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\NFS Underground 2
[2010-06-26 22:12:06 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86)
[2010-06-25 12:29:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\DoctorWeb
[2010-06-23 18:36:08 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2010-06-23 18:36:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Paint.NET
[2010-06-23 15:24:46 | 000,000,000 | ---D | C] -- C:\Program Files\Ares
[2010-06-22 18:03:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes
[2010-06-22 18:03:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2010-06-10 17:18:27 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010-06-10 17:18:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
[2010-06-10 17:18:13 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2009-10-06 18:16:06 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2std.dll
[2009-10-06 18:16:05 | 000,077,824 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-08-06 14:00:01 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-08-06 13:27:24 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-08-06 13:27:16 | 000,001,012 | ---- | M] () -- C:\WINDOWS\TSCTV.INI
[2010-08-06 10:17:52 | 000,019,729 | ---- | M] () -- C:\WINDOWS\Tsctvfm.ini
[2010-08-06 10:17:52 | 000,002,302 | ---- | M] () -- C:\WINDOWS\TSCTNDBG.INI
[2010-08-06 10:17:37 | 000,000,200 | ---- | M] () -- C:\WINDOWS\IFOLDER.INI
[2010-08-06 10:17:35 | 000,215,755 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-08-06 10:17:33 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-08-06 10:17:32 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-08-06 10:17:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-08-05 23:18:45 | 005,505,024 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010-08-05 23:18:27 | 002,649,000 | -H-- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-08-05 20:48:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-08-04 12:57:58 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-08-04 12:36:42 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\FIFA 09.lnk
[2010-08-04 11:51:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010-08-02 19:24:42 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-08-02 15:15:53 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-08-02 14:15:42 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010-08-01 13:54:29 | 000,043,520 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-29 21:06:07 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010-07-29 21:06:07 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010-07-27 17:48:43 | 000,000,481 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\AVIPreview.lnk
[2010-07-27 17:26:50 | 000,000,010 | -H-- | M] () -- C:\lqlurj.gqe
[2010-07-27 17:26:44 | 000,000,448 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Video Fixer.lnk
[2010-07-15 10:56:25 | 000,000,412 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\spider.sav
[2010-07-13 10:28:59 | 000,270,582 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\cc_20100713_102819.reg
[2010-07-13 10:24:07 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\CCleaner.lnk
[2010-07-08 13:57:38 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI
[2010-07-07 19:31:45 | 000,001,035 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-06-29 19:38:13 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Need for speed 2.lnk
[2010-06-28 19:37:50 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010-06-28 11:25:03 | 000,000,726 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Grand Theft Auto IV.lnk
[2010-06-28 10:48:00 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Rockstar Games Social Club.lnk
[2010-06-24 14:04:06 | 000,006,209 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010-06-23 18:36:26 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Paint.NET.lnk
[2010-06-23 15:24:48 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Ares.lnk
[2010-06-19 23:05:11 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010-06-10 19:41:46 | 000,000,082 | ---- | M] () -- C:\WINDOWS\SuperUtil.ini

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-08-04 12:36:41 | 000,000,523 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\FIFA 09.lnk
[2010-08-02 19:24:42 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-08-02 15:15:53 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-07-27 17:48:43 | 000,000,481 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\AVIPreview.lnk
[2010-07-27 17:26:50 | 000,000,010 | -H-- | C] () -- C:\lqlurj.gqe
[2010-07-27 17:26:44 | 000,000,448 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Video Fixer.lnk
[2010-07-13 10:28:21 | 000,270,582 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\cc_20100713_102819.reg
[2010-07-13 10:24:06 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\CCleaner.lnk
[2010-06-29 19:38:14 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Need for speed 2.lnk
[2010-06-28 19:37:50 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010-06-28 19:37:50 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010-06-28 11:25:03 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Grand Theft Auto IV.lnk
[2010-06-28 10:48:00 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Rockstar Games Social Club.lnk
[2010-06-24 14:04:06 | 000,006,209 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010-06-23 18:36:26 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Paint.NET.lnk
[2010-06-23 15:24:48 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Ares.lnk
[2010-06-10 17:19:05 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010-06-10 17:19:05 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010-06-03 18:26:38 | 000,002,302 | ---- | C] () -- C:\WINDOWS\TSCTNDBG.INI
[2010-05-06 20:09:32 | 000,000,036 | ---- | C] () -- C:\WINDOWS\GRAPPLER.INI
[2010-05-01 10:05:48 | 000,008,802 | ---- | C] () -- C:\WINDOWS\AmvTransform.ini
[2010-05-01 10:05:48 | 000,007,763 | ---- | C] () -- C:\WINDOWS\AmvPlayer.ini
[2010-05-01 10:05:48 | 000,007,207 | ---- | C] () -- C:\WINDOWS\Disktool.INI
[2010-05-01 10:05:48 | 000,006,565 | ---- | C] () -- C:\WINDOWS\fwupgrade.ini
[2010-05-01 10:05:48 | 000,003,677 | ---- | C] () -- C:\WINDOWS\SoundCon.INI
[2010-01-09 23:14:55 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2010-01-01 23:17:50 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\fsgscom.dll
[2009-12-23 21:23:01 | 000,000,598 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009-10-30 20:59:57 | 000,000,082 | ---- | C] () -- C:\WINDOWS\SuperUtil.ini
[2009-10-30 20:57:25 | 000,269,824 | ---- | C] () -- C:\WINDOWS\System32\supermenuhook.dll
[2009-10-30 20:57:24 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\Shreder.dll
[2009-10-30 20:57:24 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\SuperRes.dll
[2009-10-30 20:57:24 | 000,000,052 | ---- | C] () -- C:\WINDOWS\System32\vb6sock.dll
[2009-10-20 02:23:46 | 000,178,960 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-10-18 13:09:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2009-10-06 19:37:38 | 000,010,686 | ---- | C] () -- C:\WINDOWS\TSCTVDIV.INI
[2009-10-06 19:35:08 | 000,018,455 | ---- | C] () -- C:\WINDOWS\TSCTVMSG.INI
[2009-10-06 19:30:02 | 000,000,475 | ---- | C] () -- C:\WINDOWS\TSCFM.INI
[2009-10-06 18:54:26 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-10-06 18:48:32 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\DTVdrv.dll
[2009-10-06 18:48:32 | 000,012,188 | ---- | C] () -- C:\WINDOWS\System32\DTVdrvNT.sys
[2009-10-06 18:48:31 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\TSCTVWDM.DLL
[2009-10-06 18:48:31 | 000,019,729 | ---- | C] () -- C:\WINDOWS\Tsctvfm.ini
[2009-10-06 18:48:31 | 000,000,200 | ---- | C] () -- C:\WINDOWS\IFOLDER.INI
[2009-10-06 18:48:00 | 000,001,012 | ---- | C] () -- C:\WINDOWS\TSCTV.INI
[2009-10-06 18:16:06 | 012,039,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys
[2009-10-06 18:16:06 | 000,025,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys
[2009-10-06 18:16:06 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini
[2009-10-06 17:55:49 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-10-01 16:49:17 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-10-01 16:49:17 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-02-09 07:18:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009-02-09 07:18:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009-02-09 07:18:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009-02-09 07:18:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2004-09-16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004-09-16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS

[color=#E56717]========== LOP Check ==========[/color]

[2009-12-21 15:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Archibald's Adventures
[2009-10-20 13:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu
[2010-06-24 13:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0
[2010-06-26 22:09:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ipla
[2009-12-03 20:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Tank Combat
[2010-08-06 13:27:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2010-05-09 18:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2009-12-29 14:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters
[2009-10-23 18:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InterAction studios
[2010-05-08 20:45:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-01-24 22:17:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
[2009-12-21 22:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NFS Underground
[2009-12-02 12:30:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\phenomedia
[2009-10-01 16:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Temp
[2010-08-04 11:51:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

[color=#E56717]========== Purity Check ==========[/color]


< End of report >[/log]

Extras[log]OTL Extras logfile created on: 2010-08-06 14:27:06 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 75,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52,61 Gb Total Space | 1,31 Gb Free Space | 2,50% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 233,01 Gb Free Space | 79,53% Space Free | Partition Type: NTFS
Drive E: | 292,97 Gb Total Space | 279,61 Gb Free Space | 95,44% Space Free | Partition Type: NTFS
Drive F: | 292,96 Gb Total Space | 292,47 Gb Free Space | 99,83% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: P4
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 60 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\torent\uTorrent.exe" = D:\torent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\GRY\NFS\Speed.exe" = D:\GRY\NFS\Speed.exe:*:Disabled:Speed -- ()
"D:\GRY\colin DIRT2\dirt2_game.exe" = D:\GRY\colin DIRT2\dirt2_game.exe:*:Disabled:DiRT2 -- (Codemasters)
"D:\GRY\cs\hl.exe" = D:\GRY\cs\hl.exe:*:Disabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" = C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Disabled:Crawler Spyware Terminator -- File not found
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Disabled:eMule -- File not found
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter -- (Nero AG)
"C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group)
"D:\GRY\rockstar games social club\Rockstar Games Social Club\RGSCLauncher.exe" = D:\GRY\rockstar games social club\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club -- (Take-Two Interactive Software, Inc.)
"D:\GRY\GTA\Grand Theft Auto IV\LaunchGTAIV.exe" = D:\GRY\GTA\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Sony DADC Austria AG)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.0316.1
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{1096C4FA-CC07-4BE1-B73F-77BDFF4916B8}" = Hard Truck 18 Wheels of Steel
"{19B72AA9-985A-11D4-9C8A-00D0B75D1498}" = Colin McRae Rally 2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{300A2961-B2B5-4889-9CB9-5C2A570D08AD}" = Debugging Tools for Windows (x86)
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{383D3D87-A730-4334-ABD9-4DBC652FDD67}" = SEGA Rally
"{3C6D1F24-C121-407D-A49D-46C0971C9751}" = Moorhuhn Soccer
"{4A9849CA-E11C-4F24-8BB1-97C717A1C898}" = LightScribe System Software
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{4CB52D2C-1857-4D6C-99C8-4D3F8FC6E124}" = Microsoft Games for Windows - LIVE
"{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}" = upapp
"{52EBEDD0-71AA-4A4F-B379-04C35DBC52A9}" = Tlumacz Komputerowy - Niemiecki
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{567C9882-843D-4188-A181-00E2CC3E1045}" = LG Burning Tools
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{5E4EF02B-4C5F-4B35-AB77-41284456165A}" = Skoki Narciarskie 2002
"{6130E589-D759-43AC-8265-28EB0A711446}" = MadOnion.com/3DMark2001
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = LG CyberLink PowerDVD 7.0
"{6F05332E-6063-4FB9-9233-0577B01E124A}" = Microsoft Games for Windows - LIVE Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = MC-SE Smart Eye
"{7784A172-61F1-445E-8368-601607E0DD22}" = MP3 Player Utilities 3.57
"{806B582D-E9FD-40CD-8315-1C64C17B7564}" = Tłumacz Komputerowy - Angielski 2
"{90110415-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9CD9CD94-76CC-4524-8617-DEB9C2D7C389}" = FIFA 10 - Demo
"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A99968BE-C155-474C-0089-33239DEE1CE2}" = Need For Speed Underground
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.2 - Polish
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{F0A421DB-030E-40DE-A3E6-EC340B1074BC}" = DiRT2
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"1f500344b6310dc5e95edbafb4dc854e553425745" = Encyklopedia małego człowieka
"AC3Filter_is1" = AC3Filter 1.63b
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Airfix Dogfighter" = Airfix Dogfighter
"Ares" = Ares 2.1.5
"Audacity_is1" = Audacity 1.2.6
"Big Scale Racing DEMO PL" = Big Scale Racing DEMO PL
"CCleaner" = CCleaner
"Chicken Invaders: Revenge of the Yolk_is1" = Chicken Invaders: Revenge of the Yolk v3.61
"ffdshow_is1" = ffdshow [rev 3089] [2009-09-26]
"FormatFactory" = FormatFactory 2.10
"Free YouTube Download_is1" = Free YouTube Download 2.3
"Gadu-Gadu" = Gadu-Gadu 7.7
"Gimnazjum klasa 1 - Fizyka" = Gimnazjum klasa 1 - Fizyka
"Gimnazjum klasa 1 - Gra muzyka!" = Gimnazjum klasa 1 - Gra muzyka!
"Gimnazjum klasa 1 - Puls życia" = Gimnazjum klasa 1 - Puls życia
"Hitman 2: Silent Assassin" = Hitman 2: Silent Assassin
"hp deskjet 3320 series" = hp deskjet 3320 series (Tylko usuń)
"HUGO" = HUGO
"Hugo - Gorączka Czarnych Diamentów" = Hugo - Gorączka Czarnych Diamentów
"Icy Tower v1.4_is1" = Icy Tower v1.4
"ie8" = Windows Internet Explorer 8
"InstallShield_{1096C4FA-CC07-4BE1-B73F-77BDFF4916B8}" = Hard Truck 18 Wheels of Steel
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"ipla" = ipla 2.1.3
"IrfanView" = IrfanView (remove only)
"Kurka Wodna" = Kurka Wodna
"Kurka Wodna 2" = Kurka Wodna 2
"Kurka Wodna 3" = Kurka Wodna 3
"Kurka Wodna Wielkanocne Jaja" = Kurka Wodna Wielkanocne Jaja
"Mafia_is1" = Mafia
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"PixelView Station" = PixelView Station
"PlayTV Pro" = PlayTV Pro
"QuickTime" = QuickTime
"RealAlt_is1" = Real Alternative 2.0.0
"Revo Uninstaller" = Revo Uninstaller 1.88
"Santa Claus in Trouble" = Santa Claus in Trouble
"Scooby-Doo(TM), Piramidalna zagadka(TM)" = Scooby-Doo(TM), Piramidalna zagadka(TM)
"SkanerOnline" = Skaner on-line mks_vir
"Super Utilities - Ekspert Edition_is1" = Super Utilities Pro - Ekspert Edition 9.39
"ToonCar" = ToonCar
"uflex2000" = Joakim Asplund's Ultra FlexBall 2000
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"Video Fixer 3.23_is1" = Video Fixer 3.23
"VLC media player" = VLC media player 0.9.6
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinGimp-2.0_is1" = GIMP 2.6.4
"WinRAR archiver" = Archiwizator WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1844237615-1965331169-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GP Vs Superbike" = GP Vs Superbike

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-08-01 09:00:07 | Computer Name = P4 | Source = Google Update | ID = 20
Description =

Error - 2010-08-01 10:00:06 | Computer Name = P4 | Source = Google Update | ID = 20
Description =

Error - 2010-08-01 15:12:07 | Computer Name = P4 | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-08-01 15:12:07 | Computer Name = P4 | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-08-03 15:00:05 | Computer Name = P4 | Source = Google Update | ID = 20
Description =

Error - 2010-08-04 06:00:06 | Computer Name = P4 | Source = Google Update | ID = 20
Description =

Error - 2010-08-04 07:00:05 | Computer Name = P4 | Source = Google Update | ID = 20
Description =

Error - 2010-08-06 05:00:09 | Computer Name = P4 | Source = Google Update | ID = 20
Description =

Error - 2010-08-06 06:00:06 | Computer Name = P4 | Source = Google Update | ID = 20
Description =

Error - 2010-08-06 07:00:07 | Computer Name = P4 | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 2010-08-04 05:31:02 | Computer Name = P4 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Spyware Terminator Realtime Shield Service
z powodu następującego błędu: %%3

Error - 2010-08-04 05:31:03 | Computer Name = P4 | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: Lbd sp_rsdrv2 SRTSP SRTSPX

Error - 2010-08-05 14:48:42 | Computer Name = P4 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Norton Internet Security z powodu następującego
błędu: %%3

Error - 2010-08-05 14:48:42 | Computer Name = P4 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Spyware Terminator Realtime Shield Service
z powodu następującego błędu: %%3

Error - 2010-08-05 14:48:55 | Computer Name = P4 | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: Lbd sp_rsdrv2 SRTSP SRTSPX

Error - 2010-08-05 14:49:03 | Computer Name = P4 | Source = System Error | ID = 1003
Description = Kod błędu 100000d1, parametr 1 00000738, parametr 2 00000002, parametr
3 00000000, parametr 4 ba20a57a.

Error - 2010-08-06 04:17:33 | Computer Name = P4 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Norton Internet Security z powodu następującego
błędu: %%3

Error - 2010-08-06 04:17:33 | Computer Name = P4 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Spyware Terminator Realtime Shield Service
z powodu następującego błędu: %%3

Error - 2010-08-06 04:17:39 | Computer Name = P4 | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: Lbd sp_rsdrv2 SRTSP SRTSPX

Error - 2010-08-06 04:22:22 | Computer Name = P4 | Source = Ntfs | ID = 262199
Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku.
Uruchom
narzędzie chkdsk na woluminie D:.


< End of report >[/log]

Sohei
komentarz
komentarz

plik ten C:\lqlurj.gqe usuń ręcznie z dysku. Jeśli nie da rady to poprzez MBAM który ma w sobie FileASSASIN.
C:\WINDOWS\System32\rsnp2std.dll
C:\WINDOWS\System32\csnp2std.dll
C:\WINDOWS\System32\drivers\klick.dat
C:\WINDOWS\System32\drivers\klin.dat
C:\WINDOWS\System32\fsgscom.dll
C:\WINDOWS\fwupgrade.ini
w/w pliki przeskanuj na virustotal i daj link do wyniku.

adis15
komentarz
komentarz

C:\WINDOWS\fwupgrade.ini http://www.virustotal.com/pl/analisis/49c136cb68dc4e14411baf8eb4c24e4982016e3622fc2004d595d2955755dbcf-1281293976

C:\WINDOWS\System32\drivers\klick.dat http://www.virustotal.com/pl/reanalisis.html?dc822748a4fcf535bc7646ee9af9530eeda6544a994352123843c75c5fdb93c6-1281294144

C:\WINDOWS\System32\drivers\klin.dat http://www.virustotal.com/pl/reanalisis.html?62c4911e4c8cd4390251d16f2d4919151f3a169cce205143bbf580fe77944a33-1281294219

C:\WINDOWS\System32\rsnp2std.dll http://www.virustotal.com/pl/reanalisis.html?97eb47d6cbbc547c833c77fb18095f1556f7690cda5ebb3625e2fa45b2975b2c-1281294332

C:\WINDOWS\System32\csnp2std.dll http://www.virustotal.com/pl/reanalisis.html?9e3f8b95a7cfdefbd60910141abecfdc42d9e23b1294938a254cc831bd1e323b-1281294406

C:\WINDOWS\System32\fsgscom.dll http://www.virustotal.com/pl/analisis/1d578624dc5dc472e1feddbbd3e32a62d1c8cdac012c1937d29dba78792477bc-1252781777

Sohei
komentarz
komentarz

nie widzę innej infekcji w twoim systemie.
ściągnij narzędzie flash desinfector i je użyj. Zobaczymy czy błąd zniknie

adis15
komentarz
komentarz (edytowane)

Po usunięciu pliku C:\lqlurj.gqe błąd już się nie pokazuje a co z tym plikiem C:\WINDOWS\System32\fsgscom.dll jeden antywirus uznał go za wirusa?

[2010-06-02 18:29:35 | 000,068,976 | ---- | C] (G Data Software) -- C:\WINDOWS\System32\drivers\GRD.sys
[2010-06-02 18:25:22 | 000,053,320 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\MiniIcpt.sys
[2010-06-02 18:24:55 | 000,022,528 | ---- | C] (G DATA Software AG) -- C:\WINDOWS\System32\drivers\GDNdisIc.sys
[2010-06-02 18:24:54 | 000,051,784 | ---- | C] (G DATA Software AG) -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2010-06-02 18:24:52 | 000,027,720 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDBehave.sys
Te pliki są z g daty którą odinstalowałem ale te pliki zostały czy mogę je usunąć

Sohei
komentarz
komentarz

tak mozesz.1/42 to nie wirus

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.