x-kom hosting

komputer zawiesza się , awaryjny śmiga

misiek249
utworzono
utworzono

sprawa wygląda tak , po włączeniu komputera zacina się , czasami pochodzi z 2h, czasami nawet nie zdążę konta odpalić , zauważyłem że jak zmienię miejscówkę ramu to pochodzi bez zwiechy nawet i cały dzień , ale to sporadycznie , temp. procka w normie 40-50*C po podkręceniu , karty graficznej ok 40*C, i teraz tak , zasilacz jest dobry , spr na innym lepszym zasilaczu obniżałem procka i nic, dysk mi się trochę wali (przestaje łączyć przy kości z napięciemale to już wcześniej było) , karta graficzna sprawna, ramy sprawne (miałem 2 kości 512 i 256 , po przeskanowaniu programem wyrzuciłem 256 bo troche uszkodzone) pozostał procek i płyta główna , wydaje mi się że to wina płyty głównej
poniżej lista rzeczy uruchamianych , lista jest strasznie długa , i się powtarza , wkleiłem tylko część
[spoiler] Dodatek Service Pack 3 8 19 2010 12:20:41.500
Zaˆadowany sterownik. \WINDOWS\system32\ntoskrnl.exe
Zaˆadowany sterownik. \WINDOWS\system32\hal.dll
Zaˆadowany sterownik. \WINDOWS\system32\KDCOM.DLL
Zaˆadowany sterownik. \WINDOWS\system32\BOOTVID.dll
Zaˆadowany sterownik. sptd.sys
Zaˆadowany sterownik. \WINDOWS\System32\Drivers\WMILIB.SYS
Zaˆadowany sterownik. \WINDOWS\System32\Drivers\SCSIPORT.SYS
Zaˆadowany sterownik. ACPI.sys
Zaˆadowany sterownik. pci.sys
Zaˆadowany sterownik. isapnp.sys
Zaˆadowany sterownik. pciide.sys
Zaˆadowany sterownik. \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Zaˆadowany sterownik. MountMgr.sys
Zaˆadowany sterownik. ftdisk.sys
Zaˆadowany sterownik. dmload.sys
Zaˆadowany sterownik. dmio.sys
Zaˆadowany sterownik. PartMgr.sys
Zaˆadowany sterownik. VolSnap.sys
Zaˆadowany sterownik. atapi.sys
Zaˆadowany sterownik. nvatabus.sys
Zaˆadowany sterownik. disk.sys
Zaˆadowany sterownik. \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Zaˆadowany sterownik. fltMgr.sys
Zaˆadowany sterownik. sr.sys
Zaˆadowany sterownik. KSecDD.sys
Zaˆadowany sterownik. Ntfs.sys
Zaˆadowany sterownik. NDIS.sys
Zaˆadowany sterownik. aswNdis2.sys
Zaˆadowany sterownik. aswNdis.sys
Zaˆadowany sterownik. nv_agp.sys
Zaˆadowany sterownik. Mup.sys
Zaˆadowany sterownik. aswNdis2.SYS
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\amdk7.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\usbohci.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\usbehci.sys
Zaˆadowany sterownik. \SystemRoot\system32\drivers\ALCXWDM.SYS
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\RTL8139.SYS
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\nv4_mini.sys
Zaˆadowany sterownik. \SystemRoot\System32\Drivers\av8vzhjk.SYS
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\serial.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\serenum.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\parport.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\i8042prt.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\mouclass.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\kbdclass.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\gameenum.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\audstub.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\rasl2tp.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\ndistapi.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\ndiswan.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\raspppoe.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\raspptp.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\ptilink.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\raspti.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\rdpdr.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\termdd.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\swenum.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\update.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\mssmbios.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\usbhub.sys
Zaˆadowany sterownik. \SystemRoot\System32\Drivers\NDProxy.SYS
Sterownik nie zostaˆ zaˆadowany. \SystemRoot\System32\Drivers\NDProxy.SYS
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\cdrom.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\redbook.sys
Sterownik nie zostaˆ zaˆadowany. \SystemRoot\System32\Drivers\lbrtfdc.SYS
Sterownik nie zostaˆ zaˆadowany. \SystemRoot\System32\Drivers\Sfloppy.SYS
Sterownik nie zostaˆ zaˆadowany. \SystemRoot\System32\Drivers\i2omgmt.SYS
Sterownik nie zostaˆ zaˆadowany. \SystemRoot\System32\Drivers\Changer.SYS
Sterownik nie zostaˆ zaˆadowany. \SystemRoot\System32\Drivers\Cdaudio.SYS
Zaˆadowany sterownik. \SystemRoot\System32\Drivers\Fs_Rec.SYS
Zaˆadowany sterownik. \SystemRoot\System32\Drivers\Null.SYS
Zaˆadowany sterownik. \SystemRoot\System32\Drivers\Beep.SYS
Zaˆadowany sterownik. \SystemRoot\System32\drivers\vga.sys
Zaˆadowany sterownik. \SystemRoot\System32\Drivers\mnmdd.SYS
Zaˆadowany sterownik. \SystemRoot\System32\DRIVERS\RDPCDD.sys
Zaˆadowany sterownik. \SystemRoot\System32\Drivers\Msfs.SYS
Zaˆadowany sterownik. \SystemRoot\System32\Drivers\Npfs.SYS
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\rasacd.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\msgpc.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\ipsec.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\tcpip.sys
Zaˆadowany sterownik. \SystemRoot\System32\Drivers\aswFW.SYS
Zaˆadowany sterownik. \SystemRoot\System32\Drivers\aswTdi.SYS
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\netbt.sys
Zaˆadowany sterownik. \SystemRoot\System32\drivers\afd.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\netbios.sys
Sterownik nie zostaˆ zaˆadowany. \SystemRoot\System32\Drivers\PCIDump.SYS
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\rdbss.sys
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\mrxsmb.sys
Sterownik nie zostaˆ zaˆadowany. \SystemRoot\system32\DRIVERS\imapi.sys
Zaˆadowany sterownik. \SystemRoot\System32\Drivers\Fips.SYS
Zaˆadowany sterownik. \SystemRoot\System32\Drivers\aswSP.SYS
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\ipnat.sys
Zaˆadowany sterownik. \SystemRoot\System32\Drivers\aswSnx.SYS
Zaˆadowany sterownik. \SystemRoot\System32\Drivers\Aavmker4.SYS
Zaˆadowany sterownik. \SystemRoot\system32\DRIVERS\wanarp.sys
Zaˆadowany sterownik. \SystemRoot\System32\Drivers\Cdfs.SYS
Dodatek Service Pack 3 8 19 2010 12:26:39.500
Zaˆadowany sterownik. \WINDOWS\system32\ntoskrnl.exe
Zaˆadowany sterownik. \WINDOWS\system32\hal.dll
Zaˆadowany sterownik. \WINDOWS\system32\KDCOM.DLL
Zaˆadowany sterownik. \WINDOWS\system32\BOOTVID.dll
Zaˆadowany sterownik. sptd.sys
Zaˆadowany sterownik. \WINDOWS\System32\Drivers\WMILIB.SYS
Zaˆadowany sterownik. \WINDOWS\System32\Drivers\SCSIPORT.SYS
Zaˆadowany sterownik. ACPI.sys
Zaˆadowany sterownik. pci.sys
Zaˆadowany sterownik. isapnp.sys
Zaˆadowany sterownik. pciide.sys
Zaˆadowany sterownik. \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Zaˆadowany sterownik. MountMgr.sys
Zaˆadowany sterownik. ftdisk.sys
Zaˆadowany sterownik. dmload.sys
Zaˆadowany sterownik. dmio.sys
Zaˆadowany sterownik. PartMgr.sys
Zaˆadowany sterownik. VolSnap.sys
Zaˆadowany sterownik. atapi.sys
Zaˆadowany sterownik. nvatabus.sys
Zaˆadowany sterownik. disk.sys
Zaˆadowany sterownik. \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Zaˆadowany sterownik. fltMgr.sys
Zaˆadowany sterownik. sr.sys
Zaˆadowany sterownik. KSecDD.sys
Zaˆadowany sterownik. Ntfs.sys
Zaˆadowany sterownik. NDIS.sys
Zaˆadowany sterownik. aswNdis2.sys
Zaˆadowany sterownik. aswNdis.sys
Zaˆadowany sterownik. nv_agp.sys
Zaˆadowany sterownik. Mup.sys
Sterownik nie zostaˆ zaˆadowany. Jednoprocesorowy komputer PC z interfejsem ACPI
Sterownik nie zostaˆ zaˆadowany. Kodery-dekodery audio
Sterownik nie zostaˆ zaˆadowany. Starsze sterowniki audio
Sterownik nie zostaˆ zaˆadowany. Urządzenia sterujące mediami
Sterownik nie zostaˆ zaˆadowany. Starsze urządzenia przechwytywania wideo
Sterownik nie zostaˆ zaˆadowany. Kodery-dekodery wideo
Sterownik nie zostaˆ zaˆadowany. Kodery-dekodery audio
Sterownik nie zostaˆ zaˆadowany. Starsze sterowniki audio
Sterownik nie zostaˆ zaˆadowany. Urządzenia sterujące mediami
Sterownik nie zostaˆ zaˆadowany. Starsze urządzenia przechwytywania wideo
Sterownik nie zostaˆ zaˆadowany. Kodery-dekodery wideo
Sterownik nie zostaˆ zaˆadowany. Kodery-dekodery audio
Sterownik nie zostaˆ zaˆadowany. Starsze sterowniki audio
Sterownik nie zostaˆ zaˆadowany. Urządzenia sterujące mediami
Sterownik nie zostaˆ zaˆadowany. Starsze urządzenia przechwytywania wideo
Sterownik nie zostaˆ zaˆadowany. Kodery-dekodery wideo
Sterownik nie zostaˆ zaˆadowany. Procesor AMD K7
Sterownik nie zostaˆ zaˆadowany. Kodery-dekodery audio
Sterownik nie zostaˆ zaˆadowany. Starsze sterowniki audio
Sterownik nie zostaˆ zaˆadowany. Urządzenia sterujące mediami
Sterownik nie zostaˆ zaˆadowany. Starsze urządzenia przechwytywania wideo
Sterownik nie zostaˆ zaˆadowany. Kodery-dekodery wideo
Sterownik nie zostaˆ zaˆadowany. Procesor AMD K7
Sterownik nie zostaˆ zaˆadowany. Kodery-dekodery audio
Sterownik nie zostaˆ zaˆadowany. Starsze sterowniki audio
Sterownik nie zostaˆ zaˆadowany. Urządzenia sterujące mediami
Sterownik nie zostaˆ zaˆadowany. Starsze urządzenia przechwytywania wideo
Sterownik nie zostaˆ zaˆadowany. Kodery-dekodery wideo
Sterownik nie zostaˆ zaˆadowany. Procesor AMD K7
Sterownik nie zostaˆ zaˆadowany. Kodery-dekodery audio
Sterownik nie zostaˆ zaˆadowany. Starsze sterowniki audio
Sterownik nie zostaˆ zaˆadowany. Urządzenia sterujące mediami
Sterownik nie zostaˆ zaˆadowany. Starsze urządzenia przechwytywania wideo
Sterownik nie zostaˆ zaˆadowany. Kodery-dekodery wideo
Sterownik nie zostaˆ zaˆadowany. Procesor AMD K7
Sterownik nie zostaˆ zaˆadowany. Realtek AC'97 Audio
Sterownik nie zostaˆ zaˆadowany. Port komunikacyjny
Sterownik nie zostaˆ zaˆadowany. Port komunikacyjny
Sterownik nie zostaˆ zaˆadowany. Port drukarki ECP
Sterownik nie zostaˆ zaˆadowany. Standardowy port gier[/spoiler]

a tutaj log z ComoFix'a niewiem czy to coś pomoże i czy jest dobrze zrobione , osobiście 1 raz go używałem
[spoiler]ComboFix 10-06-19.03 - Mis 2010-06-20 13:07:09.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.511.326 [GMT 2:00]
Uruchomiony z: c:\documents and settings\Mis\Moje dokumenty\Pobieranie\ComboFix.exe
AV: avast! Internet Security *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\irunin.bmp
c:\windows\irunin.dat
c:\windows\irunin.ini
c:\windows\irunin.lng

.
((((((((((((((((((((((((( Pliki utworzone od 2010-05-20 do 2010-06-20 )))))))))))))))))))))))))))))))
.

2010-06-20 10:48 . 2010-05-06 20:41 99280 ----a-w- c:\windows\system32\drivers\aswFW.sys
2010-06-20 10:48 . 2010-05-06 20:40 190416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2010-06-20 10:48 . 2010-03-19 19:10 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2010-06-20 09:30 . 2010-06-20 09:30 -------- d-----w- c:\program files\Gadu-Gadu 10
2010-06-20 09:24 . 2010-06-20 09:24 -------- d-----w- c:\documents and settings\Mis\Ustawienia lokalne\Dane aplikacji\cache
2010-06-20 09:22 . 2010-06-20 09:28 -------- d-----w- c:\documents and settings\Mis\Dane aplikacji\Gadu-Gadu 10
2010-06-15 21:57 . 2010-03-25 09:27 1107264 ----a-w- c:\documents and settings\Kubus\Dane aplikacji\Mozilla\Firefox\Profiles\x82yvkyv.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
2010-06-10 13:21 . 2010-06-10 13:21 -------- d-----w- c:\documents and settings\Kubus\Dane aplikacji\Gadu-Gadu 10
2010-05-30 12:48 . 2006-08-02 21:12 577536 ----a-w- c:\windows\soundman.exe
2010-05-30 12:48 . 2006-08-01 06:58 143360 ----a-w- c:\windows\system32\RtlCPAPI.dll
2010-05-30 12:48 . 2006-07-31 03:27 217088 ----a-w- c:\windows\Alcrmv.exe
2010-05-30 12:48 . 2006-07-31 03:19 315392 ----a-w- c:\windows\alcupd.exe
2010-05-28 19:36 . 2010-05-28 19:36 -------- d-----w- c:\documents and settings\MuM1N3K\Dane aplikacji\DAEMON Tools Lite
2010-05-28 18:01 . 2010-05-28 18:01 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite
2010-05-28 18:01 . 2010-05-28 18:01 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-05-28 18:01 . 2010-05-28 18:01 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-05-28 17:59 . 2010-05-28 17:59 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-05-28 17:59 . 2010-05-28 18:04 -------- d-----w- c:\documents and settings\Kubus\Dane aplikacji\DAEMON Tools Lite
2010-05-28 17:46 . 2010-05-28 17:46 -------- d-----w- c:\documents and settings\Kubus\Ustawienia lokalne\Dane aplikacji\Mozilla
2010-05-28 14:09 . 2010-05-28 14:09 720896 ----a-w- c:\windows\iun6002.exe
2010-05-28 14:05 . 2010-05-28 14:05 -------- d-----w- c:\documents and settings\Mis\Ustawienia lokalne\Dane aplikacji\Mozilla
2010-05-28 12:11 . 2010-05-28 12:11 -------- d-----w- c:\documents and settings\MuM1N3K\Ustawienia lokalne\Dane aplikacji\cache
2010-05-28 12:10 . 2010-05-28 12:11 -------- d-----w- c:\documents and settings\MuM1N3K\Dane aplikacji\Gadu-Gadu 10
2010-05-28 12:10 . 2010-05-28 12:10 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10
2010-05-28 11:55 . 2010-05-28 11:55 -------- d-----w- c:\documents and settings\MuM1N3K\Ustawienia lokalne\Dane aplikacji\Mozilla
2010-05-25 08:54 . 2010-05-25 08:54 -------- d-----w- c:\windows\nvidia icons
2010-05-25 08:54 . 2010-05-25 08:54 -------- d-----w- c:\windows\nview
2010-05-25 08:54 . 2008-05-03 03:46 442368 ----a-w- c:\windows\system32\nvudisp.exe
2010-05-24 22:01 . 2010-05-24 22:01 -------- d-----w- c:\program files\Damian Pasternak
2010-05-24 17:16 . 2003-04-21 06:18 52608 ----a-r- c:\windows\system32\drivers\nvatabus.sys
2010-05-24 16:50 . 2010-05-25 08:53 -------- d-----w- C:\NVIDIA
2010-05-24 16:20 . 2010-05-24 16:20 -------- d-----w- c:\documents and settings\Adus\Dane aplikacji\ScanSpyware
2010-05-24 16:20 . 2008-09-07 15:22 8704 ----a-w- c:\windows\system32\ssbtsr.exe
2010-05-24 16:20 . 2010-05-24 16:20 -------- d-----w- c:\program files\ScanSpyware
2010-05-24 16:01 . 2008-04-30 15:27 442368 ----a-w- c:\windows\system32\NVUninst.exe
2010-05-24 16:01 . 2007-10-04 16:16 356352 ----a-w- c:\windows\system32\nvuide.exe
2010-05-24 16:01 . 2007-10-04 16:16 356352 ----a-w- c:\windows\system32\nvuenet.exe
2010-05-24 16:01 . 2007-10-04 16:16 356352 ----a-w- c:\windows\system32\nvusmb.exe
2010-05-24 16:01 . 2007-10-04 16:16 356352 ----a-w- c:\windows\system32\nvumctl.exe
2010-05-24 16:00 . 2007-10-04 16:16 356352 ----a-w- c:\windows\system32\nvugart.exe
2010-05-24 16:00 . 2003-03-19 07:51 18688 ----a-r- c:\windows\system32\drivers\nv_agp.SYS
2010-05-24 15:45 . 2010-05-30 12:48 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-24 15:45 . 2010-05-24 15:45 -------- d-----w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\NVIDIA Corporation
2010-05-24 15:45 . 2010-05-24 15:45 -------- d-----w- c:\documents and settings\Adus\Ustawienia lokalne\Dane aplikacji\NVIDIA Corporation
2010-05-24 15:45 . 2010-05-24 15:45 -------- d-----w- c:\program files\NVIDIA Corporation
2010-05-24 15:44 . 2010-05-24 15:44 -------- d-----w- c:\program files\NVIDIA nTune Performance Application
2010-05-23 01:20 . 2010-05-04 17:18 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-05-23 01:20 . 2010-05-04 17:18 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-05-23 01:20 . 2010-05-04 17:18 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-05-23 01:20 . 2010-05-04 12:40 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2010-05-23 01:20 . 2010-05-04 17:18 6067200 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-05-23 01:20 . 2010-05-04 17:18 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll
2010-05-23 01:20 . 2009-06-29 08:33 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
2010-05-23 01:20 . 2010-05-04 17:18 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
2010-05-23 01:06 . 2010-05-06 20:41 307280 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2010-05-23 01:06 . 2010-05-06 20:39 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-05-23 01:06 . 2010-05-06 20:39 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-05-23 01:06 . 2010-05-06 20:34 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-05-23 01:06 . 2010-05-06 20:33 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-05-23 01:06 . 2010-05-06 20:33 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-05-23 01:06 . 2010-05-06 20:33 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-05-23 01:06 . 2010-05-06 20:33 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-05-23 01:06 . 2010-05-06 20:59 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-05-23 01:06 . 2010-04-14 16:47 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-05-23 01:06 . 2010-05-23 01:06 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Alwil Software
2010-05-23 01:04 . 2008-06-14 17:36 273024 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-05-23 01:04 . 2008-06-14 17:36 273024 ------w- c:\windows\system32\drivers\bthport.sys
2010-05-23 01:04 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-30 12:49 . 2010-05-30 12:49 -------- d-----w- c:\program files\Realtek Sound Manager
2010-05-30 12:49 . 2010-05-30 12:49 -------- d-----w- c:\program files\AvRack
2010-05-30 12:49 . 2010-05-30 12:49 -------- d-----w- c:\program files\Realtek AC97
2010-05-28 16:55 . 2010-05-22 22:51 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-05-25 08:54 . 2010-05-23 00:04 -------- d-----w- c:\program files\Common Files\InstallShield
2010-05-24 16:09 . 2001-10-26 17:15 46756 ----a-w- c:\windows\system32\perfc015.dat
2010-05-24 16:09 . 2001-10-26 17:15 349454 ----a-w- c:\windows\system32\perfh015.dat
2010-05-23 01:06 . 2010-05-22 23:26 -------- d-----w- c:\program files\Alwil Software
2010-05-22 23:48 . 2010-05-22 23:48 -------- d-----w- c:\program files\Lavalys
2010-05-22 23:33 . 2010-05-22 23:33 0 ----a-w- c:\windows\nsreg.dat
2010-05-22 23:33 . 2010-05-22 23:33 -------- d-----w- c:\program files\Mozilla ActiveX Control v1.7.1
2010-05-22 23:02 . 2010-05-22 23:02 12328 ----a-w- c:\documents and settings\Adus\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2010-05-22 22:52 . 2010-05-22 22:52 -------- d-----w- c:\program files\microsoft frontpage
2010-05-22 22:50 . 2010-05-22 22:50 -------- d-----w- c:\program files\Usługi online
2010-05-22 22:48 . 2010-05-22 22:48 21856 ----a-w- c:\windows\system32\emptyregdb.dat
2010-05-04 17:18 . 2008-04-14 19:50 832512 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 17:18 . 2008-04-14 19:50 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-05-04 17:18 . 2008-04-14 19:50 17408 ----a-w- c:\windows\system32\corpol.dll
2010-05-04 14:05 . 2010-05-04 14:05 42080 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll
2010-05-04 14:05 . 2010-05-04 14:05 11776 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll
2010-05-02 08:09 . 2008-04-14 18:35 1851520 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:34 . 2008-04-14 19:30 285696 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
@="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
[HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
2010-05-06 21:02 151648 ----a-w- c:\program files\Alwil Software\Avast5\snxPlugins.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu 10"="c:\program files\Gadu-Gadu 10\gg.exe" [2010-06-20 11850344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]
"nwiz"="nwiz.exe" [2008-05-03 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 86016]
"Resume copy"="copyfstq.exe" [2002-03-24 46080]
"SoundMan"="SOUNDMAN.EXE" [2006-08-02 577536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Mis\Menu Start\Programy\Autostart\
Skr˘t do bannerkiller2-[www.legalne.lnk - d:\programy\Gadu Gadu 10 + GGTuner\bannerkiller2-[www.legalne.info].exe [2010-6-20 6144]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Gadu-Gadu 10\\gg.exe"=
"d:\\Games\\Cs1.6\\hl.exe"=
"d:\\Games\\Counter-Strike Source\\hl2.exe"=
"d:\\Games\\Diablo II\\Game.exe"=
"d:\\Games\\Metin 2\\metin2.bin"=
"d:\\Games\\Metin 2\\metin2client.bin"=

R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2010-06-20 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2010-06-20 190416]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2010-06-20 99280]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2010-05-23 307280]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-05-23 164048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-05-23 19024]
R2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [2010-06-20 119200]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-05-28 721904]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2010-05-23 26224]
.
.
------- Skan uzupełniający -------
.
TCP: {502E079E-6463-4ABA-B95F-126029ACBA3C} = 194.204.152.34
FF - ProfilePath - c:\documents and settings\Mis\Dane aplikacji\Mozilla\Firefox\Profiles\1nnxeq7r.default\
FF - prefs.js: browser.startup.homepage - google.pl
FF - plugin: c:\documents and settings\Mis\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- FIREFOX - SPOSÓB POSTĘPOWANIA ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url]
Rootkit scan 2010-06-20 13:21
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
Czas ukończenia: 2010-06-20 13:22:53
ComboFix-quarantined-files.txt 2010-06-20 11:22

Przed: 20 689 260 544 bajtów wolnych
Po: 20 812 709 888 bajtów wolnych

WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - B317E70BB7DA99EDF8044B3A510BB826
[/spoiler]

hmm... system śmiga w trybie awaryjnym bez zastrzeżeń
w miare często na normalnym systemie wyskakuje blue error
m. in. kernel_data_inpage_error
STOP: 0x7a

system był wielokrotnie przeistalowywany , i jest to (chyba)dobrze robione ponieważ brat jest informatykiem i robi to od 15 lat ;]

konfiguracja kompa:
procesor AMD athlon 2400+ podkręcony do 2.0
RAM 512MB
graficzna GF FX5500

jeśli coś jeszcze to napiszcie , to podam info

[color="#ff0000"]//przenoszę do Bezpieki
//raaz[/color]

raazor90
komentarz
komentarz

wykonaj: http://www.forumpc.pl/index.php?showtopic=16074

misiek249
komentarz
komentarz

taki oto błąd mi się pojawił , próbowałem coś z tym zrobić , jednak bez skutku :( jakieś pomysł ?
[img]http://vlep.pl/zpl471.jpg[/img]

raazor90
komentarz
komentarz

Daj loga z OTL przyczyną jest infekcja http://www.forumpc.pl/index.php?showtopic=104338

misiek249
komentarz
komentarz

proszę bardzo:) mam nadzieje że to pomoże :)
[log]OTL logfile created on: 2010-08-25 23:04:36 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Mis\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 296,00 Mb Available Physical Memory | 58,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 13,91 Gb Free Space | 56,97% Space Free | Partition Type: NTFS
Drive D: | 124,63 Gb Total Space | 43,44 Gb Free Space | 34,86% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MISIEK
Current User Name: Mis
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-08-25 22:57:12 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mis\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-07-31 15:12:43 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-07-31 15:12:40 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 21:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-08-25 22:57:12 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mis\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2010-07-27 08:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-07-17 21:04:02 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-10-15 18:36:55 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2008-06-20 19:48:53 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 21:51:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008-04-14 21:51:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008-04-14 21:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 21:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 21:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 21:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 21:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 21:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 21:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 21:50:44 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2008-04-14 21:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 21:50:36 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2008-04-14 21:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 21:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 21:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 21:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 21:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2008-04-14 21:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-06-28 22:57:02 | 000,119,200 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2007-09-04 19:25:44 | 000,131,072 | ---- | M] (NVIDIA) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Mis\USTAWI~1\Temp\catchme.sys -- (catchme)
DRV - [2010-06-28 22:39:55 | 000,099,280 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2010-06-28 22:39:38 | 000,312,912 | ---- | M] (ALWIL Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2010-06-28 22:38:56 | 000,188,168 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-06-28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-06-28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-05-28 19:59:52 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-03-19 21:10:13 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2008-05-03 05:46:00 | 006,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008-04-14 02:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008-04-14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2007-09-04 19:26:32 | 000,029,696 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\nvoclock.sys -- (NVR0Dev)
DRV - [2006-08-18 07:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2003-04-21 08:18:00 | 000,052,608 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2003-03-19 09:51:00 | 000,018,688 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)


[color=#E56717]========== Standard Registry (All) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-790525478-1450960922-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-790525478-1450960922-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-790525478-1450960922-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\S-1-5-21-790525478-1450960922-1417001333-1004\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-790525478-1450960922-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.8

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-31 15:12:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-31 15:12:49 | 000,000,000 | ---D | M]

[2010-05-28 16:05:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Dane aplikacji\Mozilla\Extensions
[2010-05-28 16:05:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mis\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010-08-24 19:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Dane aplikacji\Mozilla\Firefox\Profiles\1nnxeq7r.default\extensions
[2010-08-09 11:45:26 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Mis\Dane aplikacji\Mozilla\Firefox\Profiles\1nnxeq7r.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-05-23 01:32:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-07-31 15:12:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010-07-31 15:12:37 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010-07-31 15:12:37 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007-04-10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2010-02-21 12:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010-07-31 15:12:43 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2010-06-19 21:34:11 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2010-07-31 15:12:44 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-07-31 15:12:44 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-07-31 15:12:44 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010-07-31 15:12:44 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-07-31 15:12:44 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-07-31 15:12:44 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-07-31 15:12:44 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-06-20 13:21:29 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Mis\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-790525478-1450960922-1417001333-1004\..\Toolbar\ShellBrowser: (&Adres) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Resume copy] C:\WINDOWS\COPYFSTQ.EXE ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-790525478-1450960922-1417001333-1004..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-790525478-1450960922-1417001333-1004..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - Startup: C:\Documents and Settings\Mis\Menu Start\Programy\Autostart\Skrót do bannerkiller2-[www.legalne.lnk = D:\Programy\Gadu Gadu 10 + GGTuner\bannerkiller2-[www.legalne.info].exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-1450960922-1417001333-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-790525478-1450960922-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-790525478-1450960922-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-790525478-1450960922-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Moduł wstępnego ładowania interfejsu Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Demon buforu kategorii składników - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-05-23 00:52:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-08-25 15:19:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Starcraft
[2010-08-25 13:30:43 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\SCUnin.exe
[2010-08-25 12:14:05 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2010-08-25 11:14:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard Entertainment
[2010-08-24 23:36:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Performance Toolkit
[2010-08-24 23:35:51 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86)
[2010-08-24 23:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier
[2010-08-24 23:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2010-08-24 23:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010-08-24 23:26:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010-08-24 23:26:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2010-08-24 23:26:53 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010-08-24 23:25:25 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010-08-24 23:24:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010-08-24 23:08:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard Entertainment.temp
[2010-08-24 13:42:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010-08-24 13:41:04 | 000,520,192 | ---- | C] (ScreenTime Media) -- C:\WINDOWS\System32\Side 9 Screensaver.scr
[2010-08-24 13:41:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Side 9 Screensaver dir
[2010-08-24 13:39:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mis\Pulpit\Wygaszacz - dziewczyny myjące monitor
[2010-08-22 19:18:46 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2010-08-22 19:18:40 | 000,303,616 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2010-08-20 21:46:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mis\Ustawienia lokalne\Dane aplikacji\Adobe
[2010-08-16 13:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment.temp
[2010-08-16 12:59:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard
[2010-08-11 11:37:43 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-07-29 17:29:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-07-29 17:29:44 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010-07-29 17:21:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2010-07-13 13:42:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mis\Dane aplikacji\SpeedSim
[2010-07-12 19:11:10 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-07-03 21:49:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010-07-02 13:47:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mis\Dane aplikacji\DAEMON Tools Lite
[2010-07-02 13:25:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mis\Moje dokumenty\My Games
[2010-07-01 22:11:15 | 000,000,000 | ---D | C] -- C:\Downloads
[2010-07-01 22:10:58 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet
[2010-07-01 14:02:35 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-08-25 23:02:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-08-25 22:55:17 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-08-25 22:55:13 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-08-25 22:53:55 | 002,097,152 | -H-- | M] () -- C:\Documents and Settings\Mis\NTUSER.DAT
[2010-08-25 22:53:55 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Mis\ntuser.ini
[2010-08-25 22:53:04 | 001,656,336 | -H-- | M] () -- C:\Documents and Settings\Mis\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-08-25 21:33:36 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-08-25 13:30:50 | 000,021,329 | ---- | M] () -- C:\WINDOWS\SCunin.dat
[2010-08-25 13:30:44 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\SCUnin.exe
[2010-08-25 13:30:44 | 000,000,967 | ---- | M] () -- C:\WINDOWS\SCUnin.pif
[2010-08-25 13:07:06 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Mis\Pulpit\Skrót do Wow.lnk
[2010-08-25 12:23:03 | 000,077,800 | ---- | M] () -- C:\WINDOWS\War3Unin.dat
[2010-08-25 12:18:57 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2010-08-25 12:18:57 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif
[2010-08-25 01:04:34 | 000,140,170 | ---- | M] () -- C:\Documents and Settings\Mis\Pulpit\błąd.JPG
[2010-08-25 00:01:04 | 000,096,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-08-24 23:29:44 | 000,012,328 | ---- | M] () -- C:\Documents and Settings\Mis\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-08-24 23:27:46 | 001,065,412 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-08-24 23:27:46 | 000,484,776 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-08-24 23:27:46 | 000,426,570 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-08-24 23:27:46 | 000,081,252 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-08-24 23:27:46 | 000,065,328 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-08-24 22:54:30 | 000,000,546 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Metin2.lnk
[2010-08-24 13:41:04 | 000,520,192 | ---- | M] (ScreenTime Media) -- C:\WINDOWS\System32\Side 9 Screensaver.scr
[2010-08-16 13:00:12 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\World of Warcraft.lnk.temp
[2010-08-16 02:37:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-08-15 12:49:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-08-11 11:37:47 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2010-08-04 11:34:40 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010-07-29 17:30:56 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-07-27 15:24:53 | 052,866,156 | ---- | M] () -- C:\Documents and Settings\Mis\Pulpit\Wygaszacz - dziewczyny myjące monitor.rar
[2010-07-27 14:36:11 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Mis\Pulpit\megavideo bez limitu.doc
[2010-07-22 18:47:54 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Internet Security.lnk
[2010-07-22 18:47:52 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-07-01 22:11:01 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\BitComet.lnk
[2010-06-28 22:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010-06-28 22:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-06-28 22:39:55 | 000,099,280 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFW.sys
[2010-06-28 22:39:38 | 000,312,912 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2010-06-28 22:38:56 | 000,188,168 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-06-28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-06-28 22:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-06-28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-08-25 13:30:50 | 000,021,329 | ---- | C] () -- C:\WINDOWS\SCunin.dat
[2010-08-25 13:30:44 | 000,000,967 | ---- | C] () -- C:\WINDOWS\SCUnin.pif
[2010-08-25 13:07:06 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Mis\Pulpit\Skrót do Wow.lnk
[2010-08-25 12:14:15 | 000,077,800 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2010-08-25 12:14:05 | 000,002,829 | ---- | C] () -- C:\WINDOWS\War3Unin.pif
[2010-08-25 01:04:34 | 000,140,170 | ---- | C] () -- C:\Documents and Settings\Mis\Pulpit\błąd.JPG
[2010-08-24 23:27:39 | 000,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-08-24 22:54:30 | 000,000,546 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Metin2.lnk
[2010-08-24 13:39:11 | 052,866,156 | ---- | C] () -- C:\Documents and Settings\Mis\Pulpit\Wygaszacz - dziewczyny myjące monitor.rar
[2010-08-17 12:51:54 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-08-16 13:00:12 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\World of Warcraft.lnk.temp
[2010-08-11 11:37:47 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2010-08-04 11:34:40 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010-07-29 17:29:57 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-07-27 14:26:05 | 000,000,312 | ---- | C] () -- C:\Documents and Settings\Mis\Pulpit\megavideo bez limitu.doc
[2010-07-01 22:11:01 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\BitComet.lnk
[2010-06-23 15:07:52 | 000,000,090 | ---- | C] () -- C:\WINDOWS\WA.INI
[2010-05-30 14:49:10 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2010-05-30 14:48:59 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010-05-28 19:59:51 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-05-24 18:33:04 | 000,000,801 | ---- | C] () -- C:\WINDOWS\ScanSpyware.INI
[2010-05-23 02:06:40 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\idecoi.dll
[2010-02-08 07:33:04 | 000,359,320 | ---- | C] () -- C:\WINDOWS\System32\vfprintpthelper.dll
[2008-05-03 05:46:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008-05-03 05:46:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008-05-03 05:46:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008-05-03 05:46:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-05-03 05:46:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007-03-12 12:01:30 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2002-05-04 12:04:45 | 000,094,636 | ---- | C] () -- C:\WINDOWS\dropcpyr.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-07-01 22:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adus\Dane aplikacji\BitComet
[2010-05-24 18:20:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adus\Dane aplikacji\ScanSpyware
[2010-05-23 03:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-05-28 20:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-05-28 14:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-05-28 20:04:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kubus\Dane aplikacji\DAEMON Tools Lite
[2010-06-10 15:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kubus\Dane aplikacji\Gadu-Gadu 10
[2010-07-02 13:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Dane aplikacji\DAEMON Tools Lite
[2010-06-20 11:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Dane aplikacji\Gadu-Gadu 10
[2010-07-13 13:42:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Dane aplikacji\SpeedSim
[2010-05-28 21:36:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MuM1N3K\Dane aplikacji\DAEMON Tools Lite
[2010-05-28 14:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MuM1N3K\Dane aplikacji\Gadu-Gadu 10

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-05-23 00:52:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-05-23 02:00:14 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010-06-20 13:01:14 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2001-07-22 01:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004-08-03 23:00:14 | 000,262,400 | ---- | M] () -- C:\cmldr
[2010-06-20 13:22:54 | 000,014,535 | ---- | M] () -- C:\ComboFix.txt
[2010-05-23 00:52:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-05-23 00:52:08 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-05-23 00:52:08 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 21:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-13 23:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-08-25 23:02:25 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
< End of report >
[/log]

Tomek01
komentarz
komentarz

Odinstaluj Deamon Tools Toolbar.


W OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Klikasz run fix, komputer uruchamia się ponownie.


Wrzuć log z usuwania oraz nowe logi OTL i RSIT.

misiek249
komentarz
komentarz

trochę późno , ale w pracy byłem i nie mogłem ,
oto i logi
usuwanie daemon'a
[log] All processes killed
========== PROCESSES ==========
No active process named Explorer.exe was found!
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Adus
->Temp folder emptied: 55829343 bytes
->Temporary Internet Files folder emptied: 362646 bytes
->FireFox cache emptied: 40559815 bytes
->Flash cache emptied: 948 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Kubus
->Temp folder emptied: 82018591 bytes
->Temporary Internet Files folder emptied: 769056 bytes
->FireFox cache emptied: 51634074 bytes
->Flash cache emptied: 20245 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Mis
->Temp folder emptied: 57081182 bytes
->Temporary Internet Files folder emptied: 2445302 bytes
->FireFox cache emptied: 49878430 bytes
->Flash cache emptied: 1787 bytes

User: MuM1N3K
->Temp folder emptied: 155216153 bytes
->Temporary Internet Files folder emptied: 166966 bytes
->FireFox cache emptied: 97780845 bytes
->Flash cache emptied: 9991 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2352022 bytes
%systemroot%\System32 .tmp files removed: 273956 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2048464 bytes
RecycleBin emptied: 1613 bytes

Total Files Cleaned = 571,00 mb


OTL by OldTimer - Version 3.2.10.0 log created on 08302010_170658

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
[/log]
nowy log z OTL
[log]OTL logfile created on: 2010-08-30 17:27:03 - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Mis\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 273,00 Mb Available Physical Memory | 53,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 14,14 Gb Free Space | 57,93% Space Free | Partition Type: NTFS
Drive D: | 124,63 Gb Total Space | 43,44 Gb Free Space | 34,86% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MISIEK
Current User Name: Mis
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-08-25 22:57:12 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mis\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-07-31 15:12:43 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-07-31 15:12:40 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 21:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-08-25 22:57:12 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mis\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2010-07-27 08:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-07-17 21:04:02 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-10-15 18:36:55 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2008-06-20 19:48:53 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 21:51:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008-04-14 21:51:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008-04-14 21:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 21:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 21:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 21:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 21:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 21:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 21:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 21:50:44 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2008-04-14 21:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 21:50:36 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2008-04-14 21:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 21:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 21:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 21:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 21:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2008-04-14 21:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-06-28 22:57:02 | 000,119,200 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2007-09-04 19:25:44 | 000,131,072 | ---- | M] (NVIDIA) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Mis\USTAWI~1\Temp\catchme.sys -- (catchme)
DRV - [2010-08-26 13:06:36 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-06-28 22:39:55 | 000,099,280 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2010-06-28 22:39:38 | 000,312,912 | ---- | M] (ALWIL Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2010-06-28 22:38:56 | 000,188,168 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-06-28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-06-28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-03-19 21:10:13 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2008-05-03 05:46:00 | 006,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008-04-14 02:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008-04-14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2007-09-04 19:26:32 | 000,029,696 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\nvoclock.sys -- (NVR0Dev)
DRV - [2006-08-18 07:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2003-04-21 08:18:00 | 000,052,608 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2003-03-19 09:51:00 | 000,018,688 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-790525478-1450960922-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-08-27 14:06:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-31 15:12:49 | 000,000,000 | ---D | M]

[2010-05-28 16:05:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Dane aplikacji\Mozilla\Extensions
[2010-08-24 19:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Dane aplikacji\Mozilla\Firefox\Profiles\1nnxeq7r.default\extensions
[2010-08-09 11:45:26 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Mis\Dane aplikacji\Mozilla\Firefox\Profiles\1nnxeq7r.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-05-23 01:32:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-02-21 12:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010-07-31 15:12:44 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-07-31 15:12:44 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-07-31 15:12:44 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-07-31 15:12:44 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-07-31 15:12:44 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-07-31 15:12:44 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-06-20 13:21:29 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Mis\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Resume copy] C:\WINDOWS\COPYFSTQ.EXE ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-790525478-1450960922-1417001333-1004..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - Startup: C:\Documents and Settings\Mis\Menu Start\Programy\Autostart\Skrót do bannerkiller2-[www.legalne.lnk = D:\Programy\Gadu Gadu 10 + GGTuner\bannerkiller2-[www.legalne.info].exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-1450960922-1417001333-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-790525478-1450960922-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-790525478-1450960922-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-790525478-1450960922-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-05-23 00:52:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-08-30 17:06:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-08-25 15:19:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Starcraft
[2010-08-25 13:30:43 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\SCUnin.exe
[2010-08-25 12:14:05 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2010-08-25 11:14:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard Entertainment
[2010-08-24 23:36:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Performance Toolkit
[2010-08-24 23:35:51 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86)
[2010-08-24 23:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier
[2010-08-24 23:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2010-08-24 23:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010-08-24 23:26:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010-08-24 23:26:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2010-08-24 23:26:53 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010-08-24 23:25:25 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010-08-24 23:24:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010-08-24 23:08:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard Entertainment.temp
[2010-08-24 13:42:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010-08-24 13:41:04 | 000,520,192 | ---- | C] (ScreenTime Media) -- C:\WINDOWS\System32\Side 9 Screensaver.scr
[2010-08-24 13:41:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Side 9 Screensaver dir
[2010-08-24 13:39:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mis\Pulpit\Wygaszacz - dziewczyny myjące monitor
[2010-08-22 19:18:46 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2010-08-20 21:46:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mis\Ustawienia lokalne\Dane aplikacji\Adobe
[2010-08-16 13:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment.temp
[2010-08-16 12:59:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard
[2010-08-11 11:37:43 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-07-29 17:29:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-07-29 17:29:44 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010-07-29 17:21:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2010-07-13 13:42:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mis\Dane aplikacji\SpeedSim
[2010-07-12 19:11:10 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-07-03 21:49:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010-07-02 13:47:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mis\Dane aplikacji\DAEMON Tools Lite
[2010-07-02 13:25:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mis\Moje dokumenty\My Games
[2010-07-01 22:11:15 | 000,000,000 | ---D | C] -- C:\Downloads
[2010-07-01 22:10:58 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-08-30 17:24:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-08-30 17:22:09 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-08-30 17:22:05 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-08-30 17:08:10 | 002,097,152 | -H-- | M] () -- C:\Documents and Settings\Mis\NTUSER.DAT
[2010-08-30 17:08:10 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Mis\ntuser.ini
[2010-08-30 17:02:23 | 003,228,728 | -H-- | M] () -- C:\Documents and Settings\Mis\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-08-26 13:06:36 | 000,721,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-08-25 23:57:17 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-08-25 13:30:50 | 000,021,329 | ---- | M] () -- C:\WINDOWS\SCunin.dat
[2010-08-25 13:30:44 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\SCUnin.exe
[2010-08-25 13:30:44 | 000,000,967 | ---- | M] () -- C:\WINDOWS\SCUnin.pif
[2010-08-25 13:07:06 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Mis\Pulpit\Skrót do Wow.lnk
[2010-08-25 12:23:03 | 000,077,800 | ---- | M] () -- C:\WINDOWS\War3Unin.dat
[2010-08-25 12:18:57 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2010-08-25 12:18:57 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif
[2010-08-25 01:04:34 | 000,140,170 | ---- | M] () -- C:\Documents and Settings\Mis\Pulpit\błąd.JPG
[2010-08-25 00:01:04 | 000,096,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-08-24 23:29:44 | 000,012,328 | ---- | M] () -- C:\Documents and Settings\Mis\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-08-24 23:27:46 | 001,065,412 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-08-24 23:27:46 | 000,484,776 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-08-24 23:27:46 | 000,426,570 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-08-24 23:27:46 | 000,081,252 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-08-24 23:27:46 | 000,065,328 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-08-24 22:54:30 | 000,000,546 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Metin2.lnk
[2010-08-24 13:41:04 | 000,520,192 | ---- | M] (ScreenTime Media) -- C:\WINDOWS\System32\Side 9 Screensaver.scr
[2010-08-16 13:00:12 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\World of Warcraft.lnk.temp
[2010-08-16 02:37:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-08-15 12:49:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-08-11 11:37:47 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2010-08-04 11:34:40 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010-07-29 17:30:56 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-07-27 15:24:53 | 052,866,156 | ---- | M] () -- C:\Documents and Settings\Mis\Pulpit\Wygaszacz - dziewczyny myjące monitor.rar
[2010-07-27 14:36:11 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Mis\Pulpit\megavideo bez limitu.doc
[2010-07-22 18:47:54 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Internet Security.lnk
[2010-07-22 18:47:52 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-07-01 22:11:01 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\BitComet.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-08-25 13:30:50 | 000,021,329 | ---- | C] () -- C:\WINDOWS\SCunin.dat
[2010-08-25 13:30:44 | 000,000,967 | ---- | C] () -- C:\WINDOWS\SCUnin.pif
[2010-08-25 13:07:06 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Mis\Pulpit\Skrót do Wow.lnk
[2010-08-25 12:14:15 | 000,077,800 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2010-08-25 12:14:05 | 000,002,829 | ---- | C] () -- C:\WINDOWS\War3Unin.pif
[2010-08-25 01:04:34 | 000,140,170 | ---- | C] () -- C:\Documents and Settings\Mis\Pulpit\błąd.JPG
[2010-08-24 23:27:39 | 000,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-08-24 22:54:30 | 000,000,546 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Metin2.lnk
[2010-08-24 13:39:11 | 052,866,156 | ---- | C] () -- C:\Documents and Settings\Mis\Pulpit\Wygaszacz - dziewczyny myjące monitor.rar
[2010-08-17 12:51:54 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-08-16 13:00:12 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\World of Warcraft.lnk.temp
[2010-08-11 11:37:47 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2010-08-04 11:34:40 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010-07-29 17:29:57 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-07-27 14:26:05 | 000,000,312 | ---- | C] () -- C:\Documents and Settings\Mis\Pulpit\megavideo bez limitu.doc
[2010-07-01 22:11:01 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\BitComet.lnk
[2010-06-23 15:07:52 | 000,000,090 | ---- | C] () -- C:\WINDOWS\WA.INI
[2010-05-30 14:49:10 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2010-05-30 14:48:59 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010-05-28 19:59:51 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-05-24 18:33:04 | 000,000,801 | ---- | C] () -- C:\WINDOWS\ScanSpyware.INI
[2010-05-23 02:06:40 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\idecoi.dll
[2010-02-08 07:33:04 | 000,359,320 | ---- | C] () -- C:\WINDOWS\System32\vfprintpthelper.dll
[2008-05-03 05:46:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008-05-03 05:46:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008-05-03 05:46:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008-05-03 05:46:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-05-03 05:46:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007-03-12 12:01:30 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2002-05-04 12:04:45 | 000,094,636 | ---- | C] () -- C:\WINDOWS\dropcpyr.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-07-01 22:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adus\Dane aplikacji\BitComet
[2010-05-24 18:20:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adus\Dane aplikacji\ScanSpyware
[2010-05-23 03:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-05-28 20:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-05-28 14:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-05-28 20:04:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kubus\Dane aplikacji\DAEMON Tools Lite
[2010-06-10 15:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kubus\Dane aplikacji\Gadu-Gadu 10
[2010-07-02 13:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Dane aplikacji\DAEMON Tools Lite
[2010-06-20 11:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Dane aplikacji\Gadu-Gadu 10
[2010-07-13 13:42:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Dane aplikacji\SpeedSim
[2010-05-28 21:36:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MuM1N3K\Dane aplikacji\DAEMON Tools Lite
[2010-05-28 14:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MuM1N3K\Dane aplikacji\Gadu-Gadu 10

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-05-23 00:52:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-05-23 02:00:14 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010-06-20 13:01:14 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2001-07-22 01:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004-08-03 23:00:14 | 000,262,400 | ---- | M] () -- C:\cmldr
[2010-06-20 13:22:54 | 000,014,535 | ---- | M] () -- C:\ComboFix.txt
[2010-05-23 00:52:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-05-23 00:52:08 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-05-23 00:52:08 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 21:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-13 23:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-08-30 17:23:58 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
< End of report >
[2010-08-30 17:30:02 | 000,212,992 | -H-- | M] () -- C:\Documents and Settings\Mis\ntuser.dat.LOG
[2010-08-30 17:30:02 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Mis\Recent
[2010-08-30 17:24:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-08-30 17:22:09 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-08-30 17:22:05 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-08-30 17:08:10 | 002,097,152 | -H-- | M] () -- C:\Documents and Settings\Mis\NTUSER.DAT
[2010-08-30 17:08:10 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Mis\ntuser.ini
[2010-08-30 17:03:26 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Toolbar
[2010-08-30 17:02:23 | 003,228,728 | -H-- | M] () -- C:\Documents and Settings\Mis\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-08-30 17:01:05 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Mis\Cookies
[2010-08-26 13:06:36 | 000,721,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-08-25 23:57:17 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-08-25 13:30:50 | 000,021,329 | ---- | M] () -- C:\WINDOWS\SCunin.dat
[2010-08-25 13:30:44 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\SCUnin.exe
[2010-08-25 13:30:44 | 000,000,967 | ---- | M] () -- C:\WINDOWS\SCUnin.pif
[2010-08-25 13:14:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Pulpit
[2010-08-25 13:07:06 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Mis\Pulpit\Skrót do Wow.lnk
[2010-08-25 13:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Pulpit
[2010-08-25 12:58:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Mis\Ustawienia lokalne
[2010-08-25 12:23:03 | 000,077,800 | ---- | M] () -- C:\WINDOWS\War3Unin.dat
[2010-08-25 12:18:57 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2010-08-25 12:18:57 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif
[2010-08-25 11:42:36 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji
[2010-08-25 11:42:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard Entertainment
[2010-08-25 01:04:34 | 000,140,170 | ---- | M] () -- C:\Documents and Settings\Mis\Pulpit\błąd.JPG
[2010-08-25 00:22:28 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010-08-25 00:01:04 | 000,096,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-08-24 23:36:07 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Windows Performance Toolkit
[2010-08-24 23:36:00 | 000,000,000 | ---D | M] -- C:\Program Files\Debugging Tools for Windows (x86)
[2010-08-24 23:35:43 | 000,000,000 | ---D | M] -- C:\Program Files\Application Verifier
[2010-08-24 23:31:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SDKs
[2010-08-24 23:29:44 | 000,012,328 | ---- | M] () -- C:\Documents and Settings\Mis\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-08-24 23:27:46 | 001,065,412 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-08-24 23:27:46 | 000,484,776 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-08-24 23:27:46 | 000,426,570 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-08-24 23:27:46 | 000,081,252 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-08-24 23:27:46 | 000,065,328 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-08-24 23:27:39 | 000,064,200 | ---- | M] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-08-24 23:26:53 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010-08-24 23:25:01 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010-08-24 23:24:55 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Microsoft Shared
[2010-08-24 23:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard Entertainment.temp
[2010-08-24 22:56:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Mis\NetHood
[2010-08-24 22:54:30 | 000,000,546 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Metin2.lnk
[2010-08-24 14:37:03 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010-08-24 14:37:03 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010-08-24 13:41:04 | 000,520,192 | ---- | M] (ScreenTime Media) -- C:\WINDOWS\System32\Side 9 Screensaver.scr
[2010-08-22 19:18:46 | 000,000,000 | ---D | M] -- C:\Program Files\Rockstar Games
[2010-08-20 21:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Ustawienia lokalne\Dane aplikacji\Adobe
[2010-08-20 21:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Dane aplikacji\Adobe
[2010-08-16 13:00:12 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Blizzard Entertainment.temp
[2010-08-16 13:00:12 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\World of Warcraft.lnk.temp
[2010-08-16 12:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard
[2010-08-16 02:37:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-08-16 02:35:25 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010-08-15 12:49:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-08-11 11:37:48 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Lite
[2010-08-11 11:37:47 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2010-08-09 15:43:03 | 000,000,000 | ---D | M] -- C:\Program Files\Gadu-Gadu 10
[2010-08-04 11:34:40 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010-07-31 15:13:01 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010-07-29 17:30:56 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-07-29 17:30:44 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Adobe
[2010-07-29 17:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2010-07-29 17:29:44 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010-07-27 15:24:53 | 052,866,156 | ---- | M] () -- C:\Documents and Settings\Mis\Pulpit\Wygaszacz - dziewczyny myjące monitor.rar
[2010-07-27 14:36:11 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Mis\Pulpit\megavideo bez limitu.doc
[2010-07-22 18:47:54 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Internet Security.lnk
[2010-07-22 18:47:52 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-07-13 13:42:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Dane aplikacji\SpeedSim
[2010-07-13 13:42:01 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Mis\Dane aplikacji
[2010-07-03 21:49:24 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2010-07-02 13:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Dane aplikacji\DAEMON Tools Lite
[2010-07-02 13:25:30 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Mis\Dane aplikacji\Microsoft
[2010-07-02 13:25:30 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Mis\Moje dokumenty
[2010-07-01 22:11:02 | 000,000,000 | ---D | M] -- C:\Program Files\BitComet
[2010-07-01 22:11:01 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\BitComet.lnk
[2010-05-23 02:42:34 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Mis\Dane aplikacji\desktop.ini
[2010-05-23 02:42:34 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-08-30 17:24:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-08-30 17:22:09 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-08-30 17:22:05 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-08-30 17:08:10 | 002,097,152 | -H-- | M] () -- C:\Documents and Settings\Mis\NTUSER.DAT
[2010-08-30 17:08:10 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Mis\ntuser.ini
[2010-08-30 17:02:23 | 003,228,728 | -H-- | M] () -- C:\Documents and Settings\Mis\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-08-26 13:06:36 | 000,721,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-08-25 23:57:17 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-08-25 13:30:50 | 000,021,329 | ---- | M] () -- C:\WINDOWS\SCunin.dat
[2010-08-25 13:30:44 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\SCUnin.exe
[2010-08-25 13:30:44 | 000,000,967 | ---- | M] () -- C:\WINDOWS\SCUnin.pif
[2010-08-25 13:07:06 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Mis\Pulpit\Skrót do Wow.lnk
[2010-08-25 12:23:03 | 000,077,800 | ---- | M] () -- C:\WINDOWS\War3Unin.dat
[2010-08-25 12:18:57 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2010-08-25 12:18:57 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif
[2010-08-25 01:04:34 | 000,140,170 | ---- | M] () -- C:\Documents and Settings\Mis\Pulpit\błąd.JPG
[2010-08-25 00:01:04 | 000,096,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-08-24 23:29:44 | 000,012,328 | ---- | M] () -- C:\Documents and Settings\Mis\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-08-24 23:27:46 | 001,065,412 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-08-24 23:27:46 | 000,484,776 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-08-24 23:27:46 | 000,426,570 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-08-24 23:27:46 | 000,081,252 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-08-24 23:27:46 | 000,065,328 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-08-24 22:54:30 | 000,000,546 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Metin2.lnk
[2010-08-24 13:41:04 | 000,520,192 | ---- | M] (ScreenTime Media) -- C:\WINDOWS\System32\Side 9 Screensaver.scr
[2010-08-16 13:00:12 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\World of Warcraft.lnk.temp
[2010-08-16 02:37:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-08-15 12:49:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-08-11 11:37:47 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2010-08-04 11:34:40 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010-07-29 17:30:56 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-07-27 15:24:53 | 052,866,156 | ---- | M] () -- C:\Documents and Settings\Mis\Pulpit\Wygaszacz - dziewczyny myjące monitor.rar
[2010-07-27 14:36:11 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Mis\Pulpit\megavideo bez limitu.doc
[2010-07-22 18:47:54 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Internet Security.lnk
[2010-07-22 18:47:52 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-07-01 22:11:01 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\BitComet.lnk

[color=#E56717]========== LOP Check ==========[/color]

[2010-07-01 22:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adus\Dane aplikacji\BitComet
[2010-05-24 18:20:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adus\Dane aplikacji\ScanSpyware
[2010-05-23 03:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-05-28 20:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-05-28 14:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-05-28 20:04:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kubus\Dane aplikacji\DAEMON Tools Lite
[2010-06-10 15:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kubus\Dane aplikacji\Gadu-Gadu 10
[2010-07-02 13:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Dane aplikacji\DAEMON Tools Lite
[2010-06-20 11:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Dane aplikacji\Gadu-Gadu 10
[2010-07-13 13:42:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mis\Dane aplikacji\SpeedSim
[2010-05-28 21:36:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MuM1N3K\Dane aplikacji\DAEMON Tools Lite
[2010-05-28 14:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MuM1N3K\Dane aplikacji\Gadu-Gadu 10

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-05-23 00:52:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-05-23 02:00:14 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010-06-20 13:01:14 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2001-07-22 01:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004-08-03 23:00:14 | 000,262,400 | ---- | M] () -- C:\cmldr
[2010-06-20 13:22:54 | 000,014,535 | ---- | M] () -- C:\ComboFix.txt
[2010-05-23 00:52:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-05-23 00:52:08 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-05-23 00:52:08 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 21:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-13 23:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-08-30 17:23:58 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

< End of report >
[/log]
log z RSIT
[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Mis at 2010-08-30 17:34:34
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 14 GB (58%) free of 25 GB
Total RAM: 511 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:36:07, on 2010-08-30
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17080)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Mis\Moje dokumenty\Pobieranie\RSIT.exe
C:\Program Files\trend micro\Mis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wow-europe.com/en/ptr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Mis\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files\Gadu-Gadu 10\gg.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Skrót do bannerkiller2-[www.legalne.lnk = D:\Programy\Gadu Gadu 10 + GGTuner\bannerkiller2-[www.legalne.info].exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{502E079E-6463-4ABA-B95F-126029ACBA3C}: NameServer = 194.204.152.34
O17 - HKLM\System\CCS\Services\Tcpip\..\{5EB559A3-FBBC-4394-8098-F38D38C31F08}: NameServer = 194.204.152.34
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5386 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll [2010-06-22 734512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]
IEPluginBHO Class - C:\Documents and Settings\Mis\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll [2009-12-21 37376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
"Resume copy"=copyfstq.exe /startup []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu 10"=C:\Program Files\Gadu-Gadu 10\gg.exe [2010-06-20 11850344]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\Mis\Menu Start\Programy\Autostart
Skrót do bannerkiller2-[www.legalne.lnk - D:\Programy\Gadu Gadu 10 + GGTuner\bannerkiller2-[www.legalne.info].exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10"
"D:\Games\Cs1.6\hl.exe"="D:\Games\Cs1.6\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Games\Counter-Strike Source\hl2.exe"="D:\Games\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"D:\Games\Diablo II\Game.exe"="D:\Games\Diablo II\Game.exe:*:Disabled:Diablo II"
"D:\Games\Metin 2\metin2.bin"="D:\Games\Metin 2\metin2.bin:*:Enabled:metin2"
"D:\Games\Metin 2\metin2client.bin"="D:\Games\Metin 2\metin2client.bin:*:Enabled:metin2client"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"D:\Games\Kyodai\kyodai.exe"="D:\Games\Kyodai\kyodai.exe:*:Enabled:kyodai"
"D:\Games\World of Warcraft.temp\World of Warcraft\Launcher.exe"="D:\Games\World of Warcraft.temp\World of Warcraft\Launcher.exe:*:Disabled:Blizzard Launcher"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 2 months======

2010-08-30 17:34:34 ----D---- C:\rsit
2010-08-30 17:34:34 ----D---- C:\Program Files\trend micro
2010-08-30 17:06:58 ----D---- C:\_OTL
2010-08-25 22:38:37 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2010-08-25 15:19:23 ----D---- C:\WINDOWS\Starcraft
2010-08-25 13:30:44 ----A---- C:\WINDOWS\SCUnin.pif
2010-08-25 13:30:43 ----A---- C:\WINDOWS\SCUnin.exe
2010-08-25 12:14:05 ----A---- C:\WINDOWS\War3Unin.pif
2010-08-25 12:14:05 ----A---- C:\WINDOWS\War3Unin.exe
2010-08-25 11:14:11 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard Entertainment
2010-08-24 23:36:07 ----D---- C:\Program Files\Microsoft Windows Performance Toolkit
2010-08-24 23:35:51 ----D---- C:\Program Files\Debugging Tools for Windows (x86)
2010-08-24 23:35:40 ----D---- C:\Program Files\Application Verifier
2010-08-24 23:31:42 ----D---- C:\Program Files\Microsoft SDKs
2010-08-24 23:28:51 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2010-08-24 23:27:05 ----D---- C:\Program Files\MSBuild
2010-08-24 23:26:59 ----D---- C:\WINDOWS\system32\XPSViewer
2010-08-24 23:26:54 ----D---- C:\WINDOWS\system32\en-us
2010-08-24 23:26:53 ----D---- C:\Program Files\Reference Assemblies
2010-08-24 23:26:18 ----N---- C:\WINDOWS\system32\spmsg2.dll
2010-08-24 23:25:25 ----RSD---- C:\WINDOWS\assembly
2010-08-24 23:24:50 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-24 23:08:58 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard Entertainment.temp
2010-08-24 13:42:07 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-08-24 13:41:03 ----D---- C:\WINDOWS\system32\Side 9 Screensaver dir
2010-08-22 19:18:46 ----D---- C:\Program Files\Rockstar Games
2010-08-22 19:18:40 ----A---- C:\WINDOWS\IsUninst.exe
2010-08-19 12:20:59 ----A---- C:\WINDOWS\ntbtlog.txt
2010-08-16 13:00:12 ----D---- C:\Program Files\Common Files\Blizzard Entertainment.temp
2010-08-16 12:59:36 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard
2010-08-16 02:37:00 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-16 02:36:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-16 02:36:48 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-16 02:36:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-16 02:36:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-16 02:36:32 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-16 02:35:23 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-16 02:35:17 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-11 11:37:43 ----D---- C:\Program Files\DAEMON Tools Lite
2010-08-03 18:50:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-07-29 17:29:44 ----D---- C:\Program Files\Common Files\Adobe
2010-07-29 17:29:44 ----D---- C:\Program Files\Adobe
2010-07-29 17:21:18 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2010-07-14 10:42:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-07-13 13:42:01 ----D---- C:\Documents and Settings\Mis\Dane aplikacji\SpeedSim
2010-07-12 19:11:10 ----SHD---- C:\RECYCLER
2010-07-03 21:49:24 ----D---- C:\Program Files\MSXML 4.0
2010-07-02 13:47:00 ----D---- C:\Documents and Settings\Mis\Dane aplikacji\DAEMON Tools Lite
2010-07-01 22:11:15 ----D---- C:\Downloads
2010-07-01 22:10:58 ----D---- C:\Program Files\BitComet

======List of files/folders modified in the last 2 months======

2010-08-30 17:34:34 ----RD---- C:\Program Files
2010-08-30 17:22:59 ----D---- C:\WINDOWS\Temp
2010-08-30 17:08:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-30 17:07:20 ----D---- C:\WINDOWS\system32
2010-08-30 17:07:20 ----D---- C:\WINDOWS
2010-08-30 17:03:26 ----D---- C:\Program Files\DAEMON Tools Toolbar
2010-08-29 18:17:19 ----SHD---- C:\WINDOWS\CSC
2010-08-25 22:38:38 ----D---- C:\WINDOWS\system32\drivers
2010-08-25 22:38:35 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-25 14:07:37 ----HD---- C:\WINDOWS\inf
2010-08-25 12:47:16 ----D---- C:\WINDOWS\Prefetch
2010-08-25 01:01:46 ----SHD---- C:\WINDOWS\Installer
2010-08-24 23:28:40 ----D---- C:\WINDOWS\system32\pl-pl
2010-08-24 23:28:26 ----D---- C:\WINDOWS\system32\mui
2010-08-24 23:27:59 ----D---- C:\WINDOWS\WinSxS
2010-08-24 23:27:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-24 23:27:03 ----RSD---- C:\WINDOWS\Fonts
2010-08-24 23:26:33 ----D---- C:\WINDOWS\system32\spool
2010-08-24 23:26:20 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-24 23:25:01 ----D---- C:\Program Files\Internet Explorer
2010-08-24 23:24:55 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-08-24 23:24:50 ----D---- C:\WINDOWS\pchealth
2010-08-24 14:37:03 ----D---- C:\Program Files\Common Files
2010-08-20 21:46:23 ----D---- C:\Documents and Settings\Mis\Dane aplikacji\Adobe
2010-08-16 02:37:20 ----A---- C:\WINDOWS\imsins.BAK
2010-08-16 02:37:09 ----D---- C:\WINDOWS\ie7updates
2010-08-16 02:36:59 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-16 02:35:25 ----D---- C:\Program Files\Movie Maker
2010-08-09 15:43:03 ----D---- C:\Program Files\Gadu-Gadu 10
2010-08-03 20:09:31 ----A---- C:\WINDOWS\system32\MRT.exe
2010-07-31 15:13:01 ----D---- C:\Program Files\Mozilla Firefox
2010-07-30 10:54:50 ----D---- C:\WINDOWS\Minidump
2010-07-27 08:30:33 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-02 13:25:30 ----SD---- C:\Documents and Settings\Mis\Dane aplikacji\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\aswNdis.sys [2010-03-19 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\WINDOWS\system32\drivers\aswNdis2.sys [2010-06-28 188168]
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2003-03-19 18688]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2003-04-21 52608]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-08-26 721904]
R1 aswFW;avast! TDI Firewall driver; C:\WINDOWS\system32\drivers\aswFW.sys [2010-06-28 99280]
R3 rtl8139;Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-14 20992]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
S1 AmdK7;Sterownik procesora AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2010-06-28 312912]
S1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
S3 adie4br2;adie4br2; C:\WINDOWS\system32\drivers\adie4br2.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
S3 catchme;catchme; \??\C:\DOCUME~1\Mis\USTAWI~1\Temp\catchme.sys []
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
S3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe []
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2010-06-28 119200]
S2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------
[/log]
i info
[log] info.txt logfile of random's system information tool 1.08 2010-08-30 17:36:08

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin
Adobe Reader 9.3.3 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A93000000001}
Aktualizacja dla systemu Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB980182)-->"C:\WINDOWS\$NtUninstallKB980182$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB2183461)-->"C:\WINDOWS\ie7updates\KB2183461-IE7\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7updates\KB982381-IE7\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Aktualizacja zabezpieczeń dla systemu Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Application Verifier-->MsiExec.exe /I{39556553-8C77-4C5E-8F30-4083274948A2}
Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe
avast! Internet Security-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
BitComet 1.22-->C:\Program Files\BitComet\uninst.exe
CWK (Czasowy Wyłącznik Komputera)-->"C:\Program Files\Damian Pasternak\CWK\CWK.exe" /uninstall
Debugging Tools for Windows (x86)-->MsiExec.exe /I{D09605BE-5587-4B0C-86C8-69B5092CB80F}
EVEREST Ultimate Edition v5.00-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Gadu-Gadu 10-->C:\Program Files\Gadu-Gadu 10\Uninstall.exe
Grand Theft Auto-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Rockstar Games\Grand Theft Auto\Uninst.isu"
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK-->MsiExec.exe /I{036FD544-AED6-3F33-856D-A2292D0CF471}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK-->MsiExec.exe /I{7C77393F-8237-3825-A88A-AFAF3C69C072}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5 Language Pack - plk-->MsiExec.exe /I{F31E509D-3597-324E-83CF-0C160B2320F0}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft Windows Performance Toolkit-->MsiExec.exe /I{E7F9E526-2324-437B-A609-E8C5309465CB}
Microsoft Windows SDK for Windows 7 (7.1)-->"C:\Program Files\Microsoft SDKs\Windows\v7.1\Setup\Setup.exe" -x "-source:http://download.microsoft.com/download/A/6/A/A6AC035D-DA3F-4F0C-ADA4-37C8E5D34E3D/setup;C:\Program Files\Microsoft SDKs\Windows\v7.1\;C:\Program Files\Microsoft SDKs\Windows\v7.1\Setup\1033\;http://download.microsoft.com/download/A/6/A/A6AC035D-DA3F-4F0C-ADA4-37C8E5D34E3D/setup/WinSDK/"
Mozilla ActiveX Control v1.7.1-->C:\Program Files\Mozilla ActiveX Control v1.7.1\uninst.exe
Mozilla Firefox (3.6.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA nTune-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} /l1045
Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - plk\setup.exe
Poprawka dla systemu Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x15 -removeonly
ScanSpyware 3.9.1.9-->"C:\Program Files\ScanSpyware\3.9.1.9\unins000.exe"
Side 9 Screensaver-->C:\WINDOWS\system32\Side 9 Screensaver.scr /u
Starcraft-->C:\WINDOWS\SCunin.exe C:\WINDOWS\SCunin.dat
TotalCopy 1.2 (Luki Edition)-->C:\WINDOWS\iun6002.exe "C:\WINDOWS\irunin.ini"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======System event log======

Computer Name: MISIEK
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Dodatek Service Pack 3 Uniprocessor Free.

Record Number: 644
Source Name: EventLog
Time Written: 20100820204750.000000+120
Event Type: informacje
User:

Computer Name: MISIEK
Event Code: 7036
Message: Usługa Zgodność szybkiego przełączania użytkowników weszła w stan uruchomienia.

Record Number: 643
Source Name: Service Control Manager
Time Written: 20100820204655.000000+120
Event Type: informacje
User:

Computer Name: MISIEK
Event Code: 7035
Message: Do usługi Zgodność szybkiego przełączania użytkowników został pomyślnie wysłany kod sterowania uruchom.

Record Number: 642
Source Name: Service Control Manager
Time Written: 20100820204655.000000+120
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: MISIEK
Event Code: 7036
Message: Usługa Usługi terminalowe weszła w stan uruchomienia.

Record Number: 641
Source Name: Service Control Manager
Time Written: 20100820204655.000000+120
Event Type: informacje
User:

Computer Name: MISIEK
Event Code: 7036
Message: Usługa Karta wydajności WMI weszła w stan zatrzymania.

Record Number: 640
Source Name: Service Control Manager
Time Written: 20100820204652.000000+120
Event Type: informacje
User:

=====Application event log=====

Computer Name: MISIEK
Event Code: 1800
Message: Usługa Centrum zabezpieczeń systemu Windows została uruchomiona.

Record Number: 902
Source Name: SecurityCenter
Time Written: 20100808220554.000000+120
Event Type: informacje
User:

Computer Name: MISIEK
Event Code: 4609
Message: Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył zły kod powrotu. HRESULT to 8007043C z w wierszu 44 z d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błąd.
Record Number: 901
Source Name: EventSystem
Time Written: 20100808201538.000000+120
Event Type: błąd
User:

Computer Name: MISIEK
Event Code: 1800
Message: Usługa Centrum zabezpieczeń systemu Windows została uruchomiona.

Record Number: 900
Source Name: SecurityCenter
Time Written: 20100808194045.000000+120
Event Type: informacje
User:

Computer Name: MISIEK
Event Code: 4609
Message: Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył zły kod powrotu. HRESULT to 8007043C z w wierszu 44 z d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błąd.
Record Number: 899
Source Name: EventSystem
Time Written: 20100808184615.000000+120
Event Type: błąd
User:

Computer Name: MISIEK
Event Code: 1800
Message: Usługa Centrum zabezpieczeń systemu Windows została uruchomiona.

Record Number: 898
Source Name: SecurityCenter
Time Written: 20100808184430.000000+120
Event Type: informacje
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0801
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SAFEBOOT_OPTION"=NETWORK

-----------------EOF-----------------
[/log]

btw. po co miałem daemona usunąć ?;>

[color="#FF0000"]//Ja nie kazałem usuwać Deamona :nono:
//Miałeś odinstalować Deamon Tools Toolbar.
//Tom01[/color]

Tomek01
komentarz
komentarz

W logach nic niepokojącego nie widzę.

W OTL użyj funkcji Clean Up.

Profilaktycznie, dla pewności wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki podaj na forum.

misiek249
komentarz
komentarz (edytowane)

co do przskanowania to zaraz to zrobie , ale mam pytanko , czemu uważasz że to wirusy ?;> na komputerze ciągle działa avast , był robiony format kilka krotnie (nawet kilka razy z rzędu ) dysk był zerowany, moim zdaniem to któryś z podzespołów , płyta główna lub dysk , miałem pokazać informacje z plików minidump ale nie mogę otworzyć programu ;/


EDIT:
skanowanie nic nie wykazało :)

Tomek01
komentarz
komentarz

Więc mamy pewność, że infekcji nie ma.
Udaj się z problemem do subforum: BSOD

misiek249
komentarz
komentarz

ten temat tam był , tylko został tu przeniesiony -_- , można by go tam z powrotem przenieść ?;>


[color="#0000FF"]//Przenoszę, wirusów nie ma.
//Tom01[/color]

udało mi się uruchomić program na 2 komputerze , także zamieszczam wykazy z plików minidump
mam nadzieje że jest to dobrze zrobione , starałem się nie wklejać powtarzających się
[log] Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 10000012, {1, 0, 0, 0}

Probably caused by : srv.sys ( srv!WorkerThread+68 )

Followup: MachineOwner
---------

[/log]
[log] *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {f, 0, 0, 0}

Probably caused by : kmixer.sys ( kmixer!MxPrivateWorkerThread+da )

Followup: MachineOwner
[/log]
[log] Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 10000012, {1, 4000, 0, 0}

Probably caused by : nv4_disp.dll ( nv4_disp+373d )

Followup: MachineOwner
[/log]
[log]Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {f, 0, 0, 0}

Probably caused by : kmixer.sys ( kmixer!MxPrivateWorkerThread+da )

Followup: MachineOwner [/log]
trochę inny błąd
[log] *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {f, 0, 0, 0}

Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

Followup: MachineOwner
---------

kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

UNEXPECTED_KERNEL_MODE_TRAP_M (1000007f)
This means a trap occurred in kernel mode, and it's a trap of a kind
that the kernel isn't allowed to have/catch (bound trap) or that
is always instant death (double fault). The first number in the
bugcheck params is the number of the trap (8 = double fault, etc)
Consult an Intel x86 family manual to learn more about what these
traps are. Here is a *portion* of those codes:
If kv shows a taskGate
use .tss on the part before the colon, then kv.
Else if kv shows a trapframe
use .trap on that value
Else
.trap on the appropriate frame will show where the trap was taken
(on x86, this will be the ebp that goes with the procedure KiTrap)
Endif
kb will then show the corrected stack.
Arguments:
Arg1: 0000000f, EXCEPTION_RESERVED_TRAP
Arg2: 00000000
Arg3: 00000000
Arg4: 00000000

Debugging Details:
------------------


BUGCHECK_STR: 0x7f_f

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

PROCESS_NAME: starcraft.exe

LAST_CONTROL_TRANSFER: from 004d940f to 004599a1

STACK_TEXT:
WARNING: Frame IP not in any known module. Following frames may be wrong.
0012fe44 004d940f 004d9914 0012b4a2 0012fe6c 0x4599a1
0012fe5c 004d9a6f 0000000a 00000001 0012fe8c 0x4d940f
0012fe6c 004e07fa 00000004 004e09ac 7c80b741 0x4d9a6f
0012fe8c 004e0b20 00000000 0012ffc0 00404da5 0x4e07fa
0012fe98 00404da5 00400000 00000000 00152395 0x4e0b20
0012ffd0 8054b6b8 0012ffc8 81d9a540 ffffffff 0x404da5
0012fff0 00000000 00404c21 00000000 00000000 nt!ExFreePoolWithTag+0x676


STACK_COMMAND: kb

SYMBOL_NAME: ANALYSIS_INCONCLUSIVE

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: Unknown_Module

IMAGE_NAME: Unknown_Image

DEBUG_FLR_IMAGE_TIMESTAMP: 0

BUCKET_ID: INVALID_KERNEL_CONTEXT

Followup: MachineOwner
---------
[/log]
[log]Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {f, 0, 0, 0}

Probably caused by : kmixer.sys ( kmixer!MxPrivateWorkerThread+da )

Followup: MachineOwner
--------- [/log]
[log] Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 10000012, {1, 0, 0, 0}

Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

Followup: MachineOwner
---------

kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

TRAP_CAUSE_UNKNOWN (12)
Arguments:
Arg1: 00000001, Unexpected interrupt.
Arg2: 00000000, Unknown floating point exception.
Arg3: 00000000, The enabled and asserted status bits (see processor definition).
Arg4: 00000000

Debugging Details:
------------------


CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0x12

PROCESS_NAME: AvastSvc.exe

LAST_CONTROL_TRANSFER: from 68301ba2 to 68303286

STACK_TEXT:
WARNING: Frame IP not in any known module. Following frames may be wrong.
077ffaf8 68301ba2 077ffb0c 077ffc48 6510d735 0x68303286
077ffafc 077ffb0c 077ffc48 6510d735 077ffb40 0x68301ba2
077ffb00 077ffc48 6510d735 077ffb40 00000400 0x77ffb0c
077ffb0c 00000000 077ffc48 09c966dc 08fe56f8 0x77ffc48


STACK_COMMAND: kb

SYMBOL_NAME: ANALYSIS_INCONCLUSIVE

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: Unknown_Module

IMAGE_NAME: Unknown_Image

DEBUG_FLR_IMAGE_TIMESTAMP: 0

BUCKET_ID: INVALID_KERNEL_CONTEXT

Followup: MachineOwner
---------

[/log]
[log]
Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {f, 0, 0, 0}

Probably caused by : ntoskrnl.exe ( nt!KiSwapThread+68 )

Followup: MachineOwner
---------
[/log]
ten się kilkakrotnie powtarza
[log]Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {f, 0, 0, 0}

Probably caused by : kmixer.sys ( kmixer!MxPrivateWorkerThread+da )

Followup: MachineOwner
--------- [/log]
[log]Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {f, 0, 0, 0}

Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

Followup: MachineOwner
---------

kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

UNEXPECTED_KERNEL_MODE_TRAP_M (1000007f)
This means a trap occurred in kernel mode, and it's a trap of a kind
that the kernel isn't allowed to have/catch (bound trap) or that
is always instant death (double fault). The first number in the
bugcheck params is the number of the trap (8 = double fault, etc)
Consult an Intel x86 family manual to learn more about what these
traps are. Here is a *portion* of those codes:
If kv shows a taskGate
use .tss on the part before the colon, then kv.
Else if kv shows a trapframe
use .trap on that value
Else
.trap on the appropriate frame will show where the trap was taken
(on x86, this will be the ebp that goes with the procedure KiTrap)
Endif
kb will then show the corrected stack.
Arguments:
Arg1: 0000000f, EXCEPTION_RESERVED_TRAP
Arg2: 00000000
Arg3: 00000000
Arg4: 00000000

Debugging Details:
------------------


BUGCHECK_STR: 0x7f_f

CUSTOMER_CRASH_COUNT: 3

DEFAULT_BUCKET_ID: DRIVER_FAULT

PROCESS_NAME: hl.exe

LAST_CONTROL_TRANSFER: from 00000000 to 01d1696b

STACK_TEXT:
0013faa0 00000000 02c4ffb0 00ae4dc8 02e62754 0x1d1696b


STACK_COMMAND: kb

SYMBOL_NAME: ANALYSIS_INCONCLUSIVE

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: Unknown_Module

IMAGE_NAME: Unknown_Image

DEBUG_FLR_IMAGE_TIMESTAMP: 0

BUCKET_ID: INVALID_KERNEL_CONTEXT

Followup: MachineOwner
---------
[/log]
[log] *******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {f, 0, 0, 0}

Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

Followup: MachineOwner
---------

kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

UNEXPECTED_KERNEL_MODE_TRAP_M (1000007f)
This means a trap occurred in kernel mode, and it's a trap of a kind
that the kernel isn't allowed to have/catch (bound trap) or that
is always instant death (double fault). The first number in the
bugcheck params is the number of the trap (8 = double fault, etc)
Consult an Intel x86 family manual to learn more about what these
traps are. Here is a *portion* of those codes:
If kv shows a taskGate
use .tss on the part before the colon, then kv.
Else if kv shows a trapframe
use .trap on that value
Else
.trap on the appropriate frame will show where the trap was taken
(on x86, this will be the ebp that goes with the procedure KiTrap)
Endif
kb will then show the corrected stack.
Arguments:
Arg1: 0000000f, EXCEPTION_RESERVED_TRAP
Arg2: 00000000
Arg3: 00000000
Arg4: 00000000

Debugging Details:
------------------


BUGCHECK_STR: 0x7f_f

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

PROCESS_NAME: hl.exe

LAST_CONTROL_TRANSFER: from 6973c4bd to 7c901015

STACK_TEXT:
WARNING: Frame IP not in any known module. Following frames may be wrong.
0013fa0c 6973c4bd 69cea188 00000040 00000002 0x7c901015
0013fa10 69cea188 00000040 00000002 69845c71 0x6973c4bd
0013fa14 00000000 00000002 69845c71 00000223 0x69cea188


STACK_COMMAND: kb

SYMBOL_NAME: ANALYSIS_INCONCLUSIVE

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: Unknown_Module

IMAGE_NAME: Unknown_Image

DEBUG_FLR_IMAGE_TIMESTAMP: 0

BUCKET_ID: INVALID_KERNEL_CONTEXT

Followup: MachineOwner
---------[/log]
[log]
Use !analyze -v to get detailed debugging information.

BugCheck 10000012, {1, 0, 0, 0}

Unable to load image aswSP.SYS, Win32 error 0n2
*** WARNING: Unable to verify timestamp for aswSP.SYS
*** ERROR: Module load completed but symbols could not be loaded for aswSP.SYS
Probably caused by : swmidi.sys ( swmidi!MIDIRecorder::InitTables+d )

Followup: MachineOwner
--------- [/log]
[log]
Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {f, 0, 0, 0}

Probably caused by : ntoskrnl.exe ( nt!KiSwapThread+68 )

Followup: MachineOwner
---------
[/log]
[log]
Use !analyze -v to get detailed debugging information.

BugCheck 10000012, {1, 0, 0, 0}

Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

Followup: MachineOwner
---------

kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

TRAP_CAUSE_UNKNOWN (12)
Arguments:
Arg1: 00000001, Unexpected interrupt.
Arg2: 00000000, Unknown floating point exception.
Arg3: 00000000, The enabled and asserted status bits (see processor definition).
Arg4: 00000000

Debugging Details:
------------------


CUSTOMER_CRASH_COUNT: 3

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0x12

PROCESS_NAME: AvastSvc.exe

LAST_CONTROL_TRANSFER: from 68301fa2 to 683047c8

STACK_TEXT:
WARNING: Frame IP not in any known module. Following frames may be wrong.
079bfaf8 68301fa2 079bfb0c 079bfc48 6510d735 0x683047c8
079bfafc 079bfb0c 079bfc48 6510d735 079bfb40 0x68301fa2
079bfb00 079bfc48 6510d735 079bfb40 00000400 0x79bfb0c
079bfb0c 00000000 079bfc48 ac174e22 00cc9df0 0x79bfc48


STACK_COMMAND: kb

SYMBOL_NAME: ANALYSIS_INCONCLUSIVE

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: Unknown_Module

IMAGE_NAME: Unknown_Image

DEBUG_FLR_IMAGE_TIMESTAMP: 0

BUCKET_ID: INVALID_KERNEL_CONTEXT

Followup: MachineOwner
--------- [/log]
[log]Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {f, 0, 0, 0}

Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

Followup: MachineOwner
---------

kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

UNEXPECTED_KERNEL_MODE_TRAP_M (1000007f)
This means a trap occurred in kernel mode, and it's a trap of a kind
that the kernel isn't allowed to have/catch (bound trap) or that
is always instant death (double fault). The first number in the
bugcheck params is the number of the trap (8 = double fault, etc)
Consult an Intel x86 family manual to learn more about what these
traps are. Here is a *portion* of those codes:
If kv shows a taskGate
use .tss on the part before the colon, then kv.
Else if kv shows a trapframe
use .trap on that value
Else
.trap on the appropriate frame will show where the trap was taken
(on x86, this will be the ebp that goes with the procedure KiTrap)
Endif
kb will then show the corrected stack.
Arguments:
Arg1: 0000000f, EXCEPTION_RESERVED_TRAP
Arg2: 00000000
Arg3: 00000000
Arg4: 00000000

Debugging Details:
------------------


BUGCHECK_STR: 0x7f_f

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

PROCESS_NAME: AvastSvc.exe

LAST_CONTROL_TRANSFER: from 64207f8f to 64208580

STACK_TEXT:
WARNING: Frame IP not in any known module. Following frames may be wrong.
0406668c 64207f8f 06c7c008 00021000 00ca2248 0x64208580
04066690 06c7c008 00021000 00ca2248 00ca22c8 0x64207f8f
04066694 00021000 00ca2248 00ca22c8 00000010 0x6c7c008
04066698 00ca2248 00ca22c8 00000010 00021000 0x21000
0406669c 00ca22c8 00000010 00021000 00ca2248 0xca2248
040666a0 00000000 00021000 00ca2248 04066700 0xca22c8


STACK_COMMAND: kb

SYMBOL_NAME: ANALYSIS_INCONCLUSIVE

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: Unknown_Module

IMAGE_NAME: Unknown_Image

DEBUG_FLR_IMAGE_TIMESTAMP: 0

BUCKET_ID: INVALID_KERNEL_CONTEXT

Followup: MachineOwner
--------- [/log]
[log]
Use !analyze -v to get detailed debugging information.

BugCheck 10000012, {1, 100, 0, 0}

Probably caused by : tcpip.sys ( tcpip!InsertIntoTimerWheel+ac )

Followup: MachineOwner
--------- [/log]
[log]
Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {f, 0, 0, 0}

Probably caused by : ntoskrnl.exe ( nt!KeWaitForSingleObject+2e5 )

Followup: MachineOwner
--------- [/log]
[log]
Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {f, 0, 0, 0}

Probably caused by : memory_corruption ( nt!MmCheckCachedPageState+461 )

Followup: MachineOwner
--------- [/log]
[log]
Use !analyze -v to get detailed debugging information.

BugCheck 10000012, {1, 0, 0, 0}

Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

Followup: MachineOwner
---------

kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

TRAP_CAUSE_UNKNOWN (12)
Arguments:
Arg1: 00000001, Unexpected interrupt.
Arg2: 00000000, Unknown floating point exception.
Arg3: 00000000, The enabled and asserted status bits (see processor definition).
Arg4: 00000000

Debugging Details:
------------------


CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0x12

PROCESS_NAME: gg.exe

LAST_CONTROL_TRANSFER: from 00000000 to 058a50ab

STACK_TEXT:
0012a940 00000000 00000002 00000002 00000000 0x58a50ab


STACK_COMMAND: kb

SYMBOL_NAME: ANALYSIS_INCONCLUSIVE

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: Unknown_Module

IMAGE_NAME: Unknown_Image

DEBUG_FLR_IMAGE_TIMESTAMP: 0

BUCKET_ID: INVALID_KERNEL_CONTEXT

Followup: MachineOwner [/log]
[log]Use !analyze -v to get detailed debugging information.

BugCheck 10000012, {1, 0, 0, 0}

Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

Followup: MachineOwner
---------

kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

TRAP_CAUSE_UNKNOWN (12)
Arguments:
Arg1: 00000001, Unexpected interrupt.
Arg2: 00000000, Unknown floating point exception.
Arg3: 00000000, The enabled and asserted status bits (see processor definition).
Arg4: 00000000

Debugging Details:
------------------


CUSTOMER_CRASH_COUNT: 2

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0x12

PROCESS_NAME: AvastSvc.exe

LAST_CONTROL_TRANSFER: from 2f95c994 to 07b417f2

STACK_TEXT:
WARNING: Frame IP not in any known module. Following frames may be wrong.
084afa44 2f95c994 0946b090 05a26898 08026bc8 0x7b417f2
084afa48 0946b090 05a26898 08026bc8 00000000 0x2f95c994
084afa4c 05a26898 08026bc8 00000000 00000000 0x946b090
084afa50 08026bc8 00000000 00000000 084afcbc 0x5a26898
084afa54 00000000 00000000 084afcbc 00000000 0x8026bc8


STACK_COMMAND: kb

SYMBOL_NAME: ANALYSIS_INCONCLUSIVE

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: Unknown_Module

IMAGE_NAME: Unknown_Image

DEBUG_FLR_IMAGE_TIMESTAMP: 0

BUCKET_ID: INVALID_KERNEL_CONTEXT

Followup: MachineOwner
--------- [/log]
[log]Use !analyze -v to get detailed debugging information.

BugCheck 10000012, {1, 100, 0, 0}

Unable to load image nv4_disp.dll, Win32 error 0n2
*** WARNING: Unable to verify timestamp for nv4_disp.dll
*** ERROR: Module load completed but symbols could not be loaded for nv4_disp.dll
Probably caused by : nv4_disp.dll ( nv4_disp+b5474 )

Followup: MachineOwner
--------- [/log]
[log]Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {f, 0, 0, 0}

Unable to load image nv4_disp.dll, Win32 error 0n2
*** WARNING: Unable to verify timestamp for nv4_disp.dll
*** ERROR: Module load completed but symbols could not be loaded for nv4_disp.dll
Probably caused by : nv4_disp.dll ( nv4_disp+b5474 )

Followup: MachineOwner
---------

[/log]
[log]Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {f, 0, 0, 0}

Probably caused by : win32k.sys ( win32k!RawInputThread+4f3 )

Followup: MachineOwner
--------- [/log]
[log]
Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {f, 0, 0, 0}

Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

Followup: MachineOwner
---------

kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

UNEXPECTED_KERNEL_MODE_TRAP_M (1000007f)
This means a trap occurred in kernel mode, and it's a trap of a kind
that the kernel isn't allowed to have/catch (bound trap) or that
is always instant death (double fault). The first number in the
bugcheck params is the number of the trap (8 = double fault, etc)
Consult an Intel x86 family manual to learn more about what these
traps are. Here is a *portion* of those codes:
If kv shows a taskGate
use .tss on the part before the colon, then kv.
Else if kv shows a trapframe
use .trap on that value
Else
.trap on the appropriate frame will show where the trap was taken
(on x86, this will be the ebp that goes with the procedure KiTrap)
Endif
kb will then show the corrected stack.
Arguments:
Arg1: 0000000f, EXCEPTION_RESERVED_TRAP
Arg2: 00000000
Arg3: 00000000
Arg4: 00000000

Debugging Details:
------------------


BUGCHECK_STR: 0x7f_f

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

PROCESS_NAME: hl.exe

LAST_CONTROL_TRANSFER: from 019643e4 to 019b462a

STACK_TEXT:
WARNING: Frame IP not in any known module. Following frames may be wrong.
0013ed48 019643e4 05feb9ac 01a21490 01a20f90 0x19b462a
0013ed4c 05feb9ac 01a21490 01a20f90 f5b5bf10 0x19643e4
0013ed50 01a21490 01a20f90 f5b5bf10 02c3c130 0x5feb9ac
0013ed54 01a20f90 f5b5bf10 02c3c130 42d01000 0x1a21490
0013ed58 f5b5bf10 02c3c130 42d01000 01a2e800 0x1a20f90
0013ed5c 02c3c130 42d01000 01a2e800 01a32208 0xf5b5bf10
0013ed60 42d01000 01a2e800 01a32208 0000000b 0x2c3c130
0013ed64 01a2e800 01a32208 0000000b 3feff7ce 0x42d01000
0013ed68 01a32208 0000000b 3feff7ce 00000000 0x1a2e800
0013ed6c 00000000 3feff7ce 00000000 05feb390 0x1a32208


STACK_COMMAND: kb

SYMBOL_NAME: ANALYSIS_INCONCLUSIVE

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: Unknown_Module

IMAGE_NAME: Unknown_Image

DEBUG_FLR_IMAGE_TIMESTAMP: 0

BUCKET_ID: INVALID_KERNEL_CONTEXT

Followup: MachineOwner
--------- [/log]
[log]Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {f, 0, 0, 0}

Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

Followup: MachineOwner
---------

kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

UNEXPECTED_KERNEL_MODE_TRAP_M (1000007f)
This means a trap occurred in kernel mode, and it's a trap of a kind
that the kernel isn't allowed to have/catch (bound trap) or that
is always instant death (double fault). The first number in the
bugcheck params is the number of the trap (8 = double fault, etc)
Consult an Intel x86 family manual to learn more about what these
traps are. Here is a *portion* of those codes:
If kv shows a taskGate
use .tss on the part before the colon, then kv.
Else if kv shows a trapframe
use .trap on that value
Else
.trap on the appropriate frame will show where the trap was taken
(on x86, this will be the ebp that goes with the procedure KiTrap)
Endif
kb will then show the corrected stack.
Arguments:
Arg1: 0000000f, EXCEPTION_RESERVED_TRAP
Arg2: 00000000
Arg3: 00000000
Arg4: 00000000

Debugging Details:
------------------


BUGCHECK_STR: 0x7f_f

CUSTOMER_CRASH_COUNT: 2

DEFAULT_BUCKET_ID: DRIVER_FAULT

PROCESS_NAME: AvastSvc.exe

LAST_CONTROL_TRANSFER: from 6420813f to 64208730

STACK_TEXT:
WARNING: Frame IP not in any known module. Following frames may be wrong.
041161f8 6420813f 06ca0008 00099000 00c474d0 0x64208730
041161fc 06ca0008 00099000 00c474d0 00c47550 0x6420813f
04116200 00099000 00c474d0 00c47550 00000010 0x6ca0008
04116204 00c474d0 00c47550 00000010 00099000 0x99000
04116208 00c47550 00000010 00099000 00c474d0 0xc474d0
0411620c 00000000 00099000 00c474d0 04116270 0xc47550


STACK_COMMAND: kb

SYMBOL_NAME: ANALYSIS_INCONCLUSIVE

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: Unknown_Module

IMAGE_NAME: Unknown_Image

DEBUG_FLR_IMAGE_TIMESTAMP: 0

BUCKET_ID: INVALID_KERNEL_CONTEXT

Followup: MachineOwner
---------
[/log]
w razie potrzeby umieszczam też cały wykaz
[log]
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [E:\inne\minidump\Mini073010-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows XP Kernel Version 2600 (Service Pack 3) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 2600.xpsp_sp3_gdr.100216-1514
Machine Name:
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055b1c0
Debug session time: Fri Jul 30 10:53:47.578 2010 (UTC + 2:00)
System Uptime: 0 days 0:05:53.172
Loading Kernel Symbols
...............................................................
....................................................
Loading User Symbols
Loading unloaded module list
.........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {f, 0, 0, 0}

Probably caused by : kmixer.sys ( kmixer!DitherFloatToLong+c9 )

Followup: MachineOwner
---------
[/log]

raazor90
komentarz
komentarz

[quote]Probably caused by : kmixer.sys ( kmixer!MxPrivateWorkerThread+da )[/quote]

Problem z sterownikiem karty dźwiękowej, spróbuj reinstalacji lub aktualizacji

misiek249
komentarz
komentarz

przeinstalowałem system, bo stary się zepsuł przez deinstalacje sterowników , zainstalowałem najnowsze i nadal to samo , zacina się

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.