x-kom hosting

Dziwny Alert - logi do sprawdzenia

Makaveli_ns
utworzono
utworzono

Ostatnio gdy próbuje coś ściągnąć np uTorrentem wyskakują mi dziwne ostrzeżenia ze np plik .avi jest zawirusowany i odmawia połączenia. Nie wiem czy to możliwe zeby w pliku avi byl wirus? Czy tez moj antywir swiruje? Chodzi i Avira. Załączam logi do sprawdzenia:

OTL:

OTL.txt:
[log]OTL logfile created on: 2010-11-16 12:31:36 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = D:\Programy\Antywiry\Sprawdzanie logow
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 78,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,07 Gb Total Space | 53,53 Gb Free Space | 55,14% Space Free | Partition Type: NTFS
Drive D: | 201,01 Gb Total Space | 119,57 Gb Free Space | 59,48% Space Free | Partition Type: NTFS
Drive E: | 347,64 Gb Total Space | 113,68 Gb Free Space | 32,70% Space Free | Partition Type: NTFS
Drive F: | 350,99 Gb Total Space | 25,71 Gb Free Space | 7,33% Space Free | Partition Type: NTFS

Computer Name: XXX | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-11-16 12:26:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\Programy\Antywiry\Sprawdzanie logow\OTL.exe
PRC - [2010-11-05 12:10:38 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010-11-05 12:10:37 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-11-05 12:10:37 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010-10-08 01:28:22 | 000,156,776 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2010-08-17 13:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010-08-13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-07-27 17:44:08 | 000,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2010-04-14 12:23:40 | 000,073,960 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2010-02-18 12:33:30 | 000,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2010-01-14 20:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010-01-11 19:03:00 | 000,221,184 | ---- | M] (SnoopFree Software) -- C:\WINDOWS\SnoopFreeUI.exe
PRC - [2010-01-11 19:03:00 | 000,090,112 | ---- | M] () -- C:\WINDOWS\system32\SnoopFreeSvc.exe
PRC - [2009-12-02 14:26:07 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-10-16 17:45:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009-10-16 17:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2009-10-16 17:45:00 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009-10-16 17:45:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2009-10-16 17:45:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2009-10-16 17:45:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2009-10-16 17:45:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2009-10-16 17:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2009-10-16 17:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2009-10-16 17:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2009-10-16 17:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2009-10-16 17:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2009-10-16 17:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2009-10-16 17:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2009-10-16 17:45:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2009-10-16 17:45:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2009-03-05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2006-06-29 19:10:24 | 000,172,032 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
PRC - [2006-06-29 19:07:16 | 000,131,131 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2006-06-29 19:07:00 | 000,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2006-04-03 17:04:02 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2005-04-02 01:51:48 | 000,217,600 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe
PRC - [2004-04-21 11:16:02 | 001,434,848 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\acsd.exe
PRC - [2003-06-19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2003-01-10 16:13:04 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-11-16 12:26:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\Programy\Antywiry\Sprawdzanie logow\OTL.exe
MOD - [2010-08-23 16:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-08-16 08:43:34 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-07-27 06:29:09 | 008,492,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2010-07-16 12:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2010-01-11 19:03:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\SnoopFreeDll.dll
MOD - [2009-12-08 09:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-10-16 17:45:00 | 001,020,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-10-16 17:45:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2009-10-16 17:45:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2009-10-16 17:45:00 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2009-10-16 17:45:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-10-16 17:45:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2009-10-16 17:45:00 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2009-10-16 17:45:00 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2009-10-16 17:45:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2009-10-16 17:45:00 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2009-10-16 17:45:00 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2009-10-16 17:45:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2009-10-16 17:45:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2009-10-16 17:45:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2009-10-16 17:45:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2009-10-16 17:45:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2009-10-16 17:45:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2009-10-16 17:45:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2009-10-16 17:45:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2009-10-16 17:45:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2009-10-16 17:45:00 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-10-16 17:45:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2009-10-16 17:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010-11-05 12:10:38 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010-11-05 12:10:37 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-08-13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-04-14 12:23:40 | 000,073,960 | ---- | M] (tzuk) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2010-01-11 19:03:00 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\SnoopFreeSvc.exe -- (SnoopFreeSvc)
SRV - [2006-11-06 13:21:10 | 000,210,432 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006-06-29 19:10:24 | 000,172,032 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2006-06-29 19:07:16 | 000,131,131 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2006-06-29 19:07:00 | 000,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2006-04-03 17:04:02 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)
SRV - [2005-07-08 15:24:46 | 000,871,424 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2005-04-02 01:51:48 | 000,217,600 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe -- (StarWindService)
SRV - [2004-04-21 11:16:02 | 001,434,848 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\acsd.exe -- (AOL ACS)
SRV - [2003-01-10 16:13:04 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-11-05 12:10:38 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010-11-05 12:10:38 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-10-08 08:30:00 | 009,587,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010-09-22 09:48:44 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010-09-22 09:48:43 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010-04-14 12:23:36 | 000,116,968 | ---- | M] (tzuk) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2010-04-12 08:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010-02-05 09:51:44 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-01-11 19:03:00 | 000,009,472 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SnopFree.sys -- (SnoopFree)
DRV - [2009-10-16 17:45:00 | 000,215,856 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\Si3132r5.sys -- (Si3132r5)
DRV - [2009-10-16 17:45:00 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\Si3531.sys -- (Si3531)
DRV - [2009-10-16 17:45:00 | 000,195,072 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\Si3114r5.sys -- (Si3114r5)
DRV - [2009-10-16 17:45:00 | 000,164,896 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2009-10-16 17:45:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2009-10-16 17:45:00 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2009-10-16 17:45:00 | 000,074,672 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\si3132.sys -- (Si3132)
DRV - [2009-10-16 17:45:00 | 000,069,248 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\si3124.sys -- (Si3124)
DRV - [2009-10-16 17:45:00 | 000,062,336 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2009-07-31 06:12:18 | 000,341,504 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2009-05-11 10:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009-05-11 08:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008-04-13 21:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2007-06-29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007-04-04 23:00:00 | 000,020,856 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt -- (EverestDriver)
DRV - [2007-03-27 20:27:56 | 000,007,680 | ---- | M] (Philips ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SPC520m.sys -- (SPC520m)
DRV - [2007-03-27 20:27:50 | 000,085,504 | ---- | M] (Philips ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SPC520.sys -- (SPC520)
DRV - [2006-11-02 06:55:17 | 000,028,672 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2006-09-24 13:28:47 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006-05-16 11:25:02 | 000,018,944 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006-05-16 11:25:00 | 000,052,736 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006-05-10 10:33:00 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006-05-02 09:12:06 | 000,229,376 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2006-03-17 10:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005-07-08 15:17:54 | 000,099,584 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005-07-08 15:17:36 | 000,029,696 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2004-08-13 02:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2003-01-10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [1996-04-03 19:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1801674531-2025429265-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
IE - HKU\S-1-5-21-1801674531-2025429265-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1801674531-2025429265-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-1801674531-2025429265-682003330-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.gazeta.pl/msn/0,0.html?ocid=iehp
IE - HKU\S-1-5-21-1801674531-2025429265-682003330-1010\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "AOL Search"
FF - prefs.js..browser.search.defaulturl: "http://search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aolTB50CL-chromesbox-en-us"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&invocationType=tb50-ff-aolTB50CL-ab-en-us&query="


FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-11-04 10:16:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-10-14 00:37:44 | 000,000,000 | ---D | M]

[2010-01-02 17:45:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Extensions
[2010-11-15 13:38:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\yj5ng0rc.default\extensions
[2010-09-23 10:04:13 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\yj5ng0rc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-08-12 09:05:22 | 000,002,285 | ---- | M] () -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\yj5ng0rc.default\searchplugins\aol-search.xml
[2010-02-05 09:53:49 | 000,002,921 | ---- | M] () -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\yj5ng0rc.default\searchplugins\daemon-search.xml
[2010-11-15 13:38:43 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-12-02 08:23:35 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-12-02 08:23:35 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-12-02 08:23:35 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-12-02 08:23:35 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-12-02 08:23:35 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-12-02 08:23:35 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-11-10 11:36:26 | 000,424,694 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14658 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File not found
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Admin\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKU\S-1-5-21-1801674531-2025429265-682003330-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SnoopFreeUI] C:\WINDOWS\SnoopFreeUI.exe (SnoopFree Software)
O4 - HKU\.DEFAULT..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-18..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-1801674531-2025429265-682003330-1003..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (tzuk)
O4 - HKU\S-1-5-21-1801674531-2025429265-682003330-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1801674531-2025429265-682003330-1010..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (tzuk)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\VPro520.lnk = C:\WINDOWS\VPro520.exe (Philips)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-2025429265-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1801674531-2025429265-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1801674531-2025429265-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1801674531-2025429265-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1801674531-2025429265-682003330-1010\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1801674531-2025429265-682003330-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O15 - HKU\S-1-5-21-1801674531-2025429265-682003330-1003\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-01-02 14:10:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-08-25 12:01:50 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-08-25 12:03:36 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-08-02 08:03:32 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-08-02 08:03:32 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - Services: "WMPNetworkSvc"
MsConfig - Services: "LightScribeService"
MsConfig - Services: "InCDsrv"
MsConfig - Services: "Apple Mobile Device"
MsConfig - Services: "Adobe LM Service"
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-11-14 23:49:33 | 000,000,000 | ---D | C] -- C:\Program Files\THQ
[2010-11-14 23:46:39 | 000,034,304 | ---- | C] (AMD, Inc.) -- C:\WINDOWS\System32\drivers\AmdLLD.sys
[2010-11-14 23:46:37 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2010-11-14 23:46:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Downloaded Installations
[2010-11-12 01:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\My Games
[2010-11-09 18:10:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\iPhone
[2010-11-08 01:13:22 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DSS
[2010-11-08 01:13:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\EA Games
[2010-11-07 23:50:56 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2010-11-07 23:50:56 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2010-11-07 23:50:55 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2010-11-07 23:50:54 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2010-11-06 22:25:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\Need for Speed World
[2010-11-05 16:13:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Ahead
[2010-11-05 15:25:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Pulpit\Tapety
[2010-11-05 12:28:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\ImgBurn
[2010-11-05 12:21:17 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2010-11-04 03:06:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010-11-04 03:06:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010-11-04 03:06:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010-11-04 03:06:20 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010-11-04 03:05:55 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010-11-04 03:05:55 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010-11-04 03:05:55 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010-11-04 03:05:55 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010-11-04 03:05:55 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010-11-04 03:05:55 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010-11-02 11:19:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\Need for Speed World
[2010-11-02 11:08:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Electronic_Arts_Inc
[2010-11-02 11:04:22 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010-11-02 11:03:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010-11-02 11:01:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-10-29 00:59:17 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010-10-29 00:28:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\THE SETTLERS - Rise of an Empire
[2010-10-25 19:53:23 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2010-10-25 19:13:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\StarCraft II
[2010-10-04 06:24:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple
[2010-10-02 19:49:25 | 000,608,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMCTL32.OCX
[2010-10-02 19:49:25 | 000,000,000 | ---D | C] -- C:\Program Files\Rzeznik
[2010-09-30 11:51:41 | 000,000,000 | ---D | C] -- C:\Program Files\AOL Companion
[2010-09-30 11:50:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\AOL Downloads
[2010-09-30 11:50:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\aolshare
[2010-09-30 11:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AOL
[2010-09-30 11:50:14 | 000,000,000 | ---D | C] -- C:\Program Files\America Online 9.0
[2010-09-30 11:49:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2010-09-28 09:47:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Pulpit\Rezerwacja Wizz_pliki
[2010-09-26 17:51:54 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010-09-25 09:36:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Pulpit\Dokumenty tekstowe
[2010-09-22 11:54:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Tages
[2010-09-22 01:31:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited
[2010-09-22 01:16:34 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010-09-22 01:16:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\SecuROM
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-11-16 07:23:02 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\Registry Reviver-Admin-Startup.job
[2010-11-16 07:22:53 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-11-16 07:22:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-11-15 22:46:59 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-11-15 15:58:14 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iTunes.lnk
[2010-11-15 12:33:00 | 000,124,416 | ---- | M] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-15 07:24:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-11-14 23:46:53 | 000,000,293 | RHS- | M] () -- C:\boot.ini
[2010-11-14 23:39:23 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-11-13 16:57:09 | 000,138,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-11-11 23:37:13 | 000,053,200 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\SALSA2.jpg
[2010-11-10 11:36:26 | 000,424,694 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-11-10 07:22:43 | 000,002,114 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2010-11-06 21:52:03 | 000,002,163 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Ventrilo.lnk
[2010-11-05 12:54:21 | 000,423,982 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101110-113626.backup
[2010-11-05 12:42:40 | 000,000,688 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PowerISO.lnk
[2010-11-05 12:21:20 | 000,001,534 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\ImgBurn.lnk
[2010-11-05 12:10:38 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010-11-05 12:10:38 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010-11-05 10:34:28 | 000,490,284 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-11-05 10:34:28 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-11-05 10:34:28 | 000,083,660 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-11-05 10:34:28 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-11-04 10:04:04 | 000,247,104 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-11-01 14:36:25 | 000,113,709 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Pala t.jpg
[2010-10-29 00:59:33 | 000,240,124 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010-10-29 00:59:33 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010-10-29 00:59:28 | 000,240,124 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010-10-29 00:59:28 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010-10-29 00:52:44 | 001,070,751 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\pulpit.jpg
[2010-10-27 00:46:08 | 000,422,512 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101105-125421.backup
[2010-10-15 09:45:47 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-10-08 08:30:00 | 002,293,194 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin
[2010-10-08 08:30:00 | 000,061,440 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010-10-08 08:30:00 | 000,003,445 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb
[2010-10-02 19:49:29 | 000,001,534 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Rzeźnik MPEG'ów .lnk
[2010-09-28 09:47:48 | 000,038,044 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Rezerwacja Wizz.htm
[2010-09-26 17:50:02 | 000,418,700 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101027-014608.backup
[2010-09-22 09:48:44 | 000,281,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010-09-22 09:48:43 | 000,025,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010-09-22 01:16:34 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010-09-22 00:42:38 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 8.lnk
[2010-09-19 00:31:59 | 000,418,632 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100926-185002.backup
[2010-09-18 11:23:44 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42u.dll
[2010-09-18 11:23:44 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42u.dll
[2010-09-18 06:53:42 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42.dll
[2010-09-18 06:53:42 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010-09-18 06:53:41 | 000,954,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc40.dll
[2010-09-18 06:53:41 | 000,954,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll
[2010-09-18 06:53:41 | 000,953,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc40u.dll
[2010-09-18 06:53:41 | 000,953,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-11-11 23:37:09 | 000,053,200 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\SALSA2.jpg
[2010-11-05 12:42:40 | 000,000,688 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PowerISO.lnk
[2010-11-05 12:21:20 | 000,001,534 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\ImgBurn.lnk
[2010-11-01 14:36:24 | 000,113,709 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Pala t.jpg
[2010-10-29 00:59:33 | 000,240,124 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010-10-29 00:59:28 | 000,240,124 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010-10-29 00:59:28 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010-10-29 00:59:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010-10-29 00:59:16 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010-10-29 00:52:42 | 001,070,751 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\pulpit.jpg
[2010-10-02 19:49:29 | 000,001,534 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Rzeźnik MPEG'ów .lnk
[2010-09-28 09:47:46 | 000,038,044 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Rezerwacja Wizz.htm
[2010-07-25 22:44:48 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-07-08 00:13:06 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2010-07-07 22:30:12 | 000,000,030 | ---- | C] () -- C:\WINDOWS\atid.ini
[2010-07-05 10:44:03 | 000,000,765 | ---- | C] () -- C:\WINDOWS\COD.INI
[2010-04-20 20:29:11 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010-04-15 20:45:20 | 000,002,114 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2010-02-18 00:33:10 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Admin\Dane aplikacji\PnkBstrK.sys
[2010-02-18 00:32:48 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2010-01-21 17:08:28 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010-01-21 17:08:28 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010-01-11 18:46:39 | 000,045,056 | ---- | C] () -- C:\WINDOWS\SnoopFreeDll.dll
[2010-01-11 18:46:39 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\SnopFree.sys
[2010-01-11 00:51:56 | 000,001,130 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI
[2010-01-05 17:11:43 | 000,138,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-01-05 00:19:13 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\D2NT.dll
[2010-01-03 22:33:13 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-01-02 19:03:07 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010-01-02 19:03:07 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010-01-02 19:03:07 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010-01-02 17:28:19 | 000,847,360 | ---- | C] () -- C:\WINDOWS\System32\JS32.dll
[2010-01-02 16:25:21 | 000,000,259 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2010-01-02 15:21:55 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
[2010-01-02 15:03:00 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-01-02 14:58:10 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-01-02 14:29:47 | 000,000,396 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2010-01-02 14:29:46 | 000,000,804 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini
[2010-01-02 14:29:03 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2010-01-02 14:29:02 | 000,024,978 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010-01-02 14:28:47 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010-01-02 14:21:32 | 000,124,416 | ---- | C] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2005-12-07 10:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2003-01-07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1996-04-03 19:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2010-09-06 14:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\AnvSoft
[2010-02-05 09:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\DAEMON Tools
[2010-03-14 19:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\FreeCall
[2010-01-02 15:07:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Gadu-Gadu
[2010-05-04 16:14:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Gadu-Gadu 10
[2010-11-05 16:53:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\ImgBurn
[2010-05-22 00:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\maxup
[2010-11-02 11:19:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Need for Speed World
[2010-01-02 15:02:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Nokia
[2010-01-02 18:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Notepad++
[2010-05-04 16:17:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Nowe Gadu-Gadu
[2010-09-06 14:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\OpenCandy
[2010-01-02 15:02:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\PC Suite
[2010-05-04 16:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Qrix
[2010-01-21 15:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\TS3Client
[2010-11-15 16:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\uTorrent
[2010-11-08 01:13:22 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DSS
[2010-11-02 11:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-06-08 12:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios
[2010-01-02 15:02:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2010-09-22 11:57:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tages
[2010-09-22 01:31:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited
[2010-07-07 22:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Viewpoint
[2010-08-26 12:39:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010-02-09 01:57:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010-01-21 10:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\De 2\Dane aplikacji\AutoUpdate
[2010-01-09 16:55:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\De 2\Dane aplikacji\Gadu-Gadu
[2010-11-10 12:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\De 2\Dane aplikacji\Kamerzysta
[2010-11-16 07:23:02 | 000,000,378 | ---- | M] () -- C:\WINDOWS\Tasks\Registry Reviver-Admin-Startup.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-01-02 14:10:04 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-01-18 00:52:18 | 000,000,223 | ---- | M] () -- C:\Boot.bak
[2010-11-14 23:46:53 | 000,000,293 | RHS- | M] () -- C:\boot.ini
[2009-10-16 17:45:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004-08-03 22:00:14 | 000,262,400 | ---- | M] () -- C:\cmldr
[2010-01-02 14:10:04 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-05-05 16:24:24 | 000,000,178 | -H-- | M] () -- C:\GG8+.url
[2010-01-02 14:10:04 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-05-05 15:46:16 | 000,000,175 | -H-- | M] () -- C:\legalne.url
[2010-01-02 14:10:04 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009-10-16 17:45:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009-10-16 17:45:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-11-16 07:22:20 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2009-05-06 10:20:10 | 000,000,185 | -H-- | M] () -- C:\SGG.url
[2010-01-11 21:50:45 | 000,000,027 | ---- | M] () -- C:\sledzik.css.txt
[2009-05-05 16:24:16 | 000,000,178 | -H-- | M] () -- C:\Strona GG8+.url


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-10-16 17:45:00 | 017,820,258 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-10-16 17:45:00 | 017,820,258 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-13 22:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008-04-13 22:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-10-16 17:45:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys
[2009-10-16 17:45:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2009-10-16 17:45:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-10-16 17:45:00 | 017,820,258 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009-10-16 17:45:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2009-10-16 17:45:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2009-10-16 17:45:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2009-10-16 17:45:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-10-16 17:45:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2009-10-16 17:45:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2009-10-16 17:45:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-10-16 17:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2009-10-16 17:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2009-10-16 17:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

< End of report >
[/log]

Extras.txt
[log]OTL Extras logfile created on: 2010-11-16 12:31:36 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = D:\Programy\Antywiry\Sprawdzanie logow
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 78,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,07 Gb Total Space | 53,53 Gb Free Space | 55,14% Space Free | Partition Type: NTFS
Drive D: | 201,01 Gb Total Space | 119,57 Gb Free Space | 59,48% Space Free | Partition Type: NTFS
Drive E: | 347,64 Gb Total Space | 113,68 Gb Free Space | 32,70% Space Free | Partition Type: NTFS
Drive F: | 350,99 Gb Total Space | 25,71 Gb Free Space | 7,33% Space Free | Partition Type: NTFS

Computer Name: XXX | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1801674531-2025429265-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- (America Online, Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"E:\Program Files\Call of Duty\CoDMP.exe" = E:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP -- ()
"C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"E:\Program Files\Anno 1701\Anno1701.exe" = E:\Program Files\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701 -- (Related Designs Software GmbH)
"E:\Program Files\Anno 1701\Anno1701AddOn.exe" = E:\Program Files\Anno 1701\Anno1701AddOn.exe:*:Enabled:Anno 1701 Add-On 01 -- (Related Designs Software GmbH)
"C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" = C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe:*:Enabled:FreeCall -- (FreeCall)
"E:\Program Files\Gadu-Gadu\gg.exe" = E:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.)
"E:\Program Files\StarCraft II\StarCraft II.exe" = E:\Program Files\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Documents and Settings\Admin\Pulpit\utorrent.exe" = C:\Documents and Settings\Admin\Pulpit\utorrent.exe:*:Enabled:µTorrent -- File not found
"C:\Program Files\Common Files\aol\acs\AOLDial.exe" = C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- File not found
"C:\Program Files\Common Files\aol\acs\AOLacsd.exe" = C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- File not found
"C:\Program Files\Common Files\aol\1281603717\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1281603717\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- File not found
"C:\Program Files\AOL 9.5\waol.exe" = C:\Program Files\AOL 9.5\waol.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- File not found
"C:\Program Files\Common Files\aol\Loader\aolload.exe" = C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader -- File not found
"C:\Program Files\Common Files\aol\System Information\sinf.exe" = C:\Program Files\Common Files\aol\System Information\sinf.exe:*:Enabled:AOL System Information -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"E:\Obrazy plyt\Test Drive Unlimited\TDU\TestDriveUnlimited.exe" = E:\Obrazy plyt\Test Drive Unlimited\TDU\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited -- File not found
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- (Ubisoft)
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- (America Online, Inc.)
"E:\Program Files\THE SETTLERS - Narodziny Imperium\base\bin\Settlers6.exe" = E:\Program Files\THE SETTLERS - Narodziny Imperium\base\bin\Settlers6.exe:*:Enabled:THE SETTLERS - Narodziny Imperium -- (Blue Byte GmbH)
"C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe" = C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Enabled:Need for Speed World -- (Electronic Arts)
"C:\Program Files\THQ\Company of Heroes\BugReport\BugReport.exe" = C:\Program Files\THQ\Company of Heroes\BugReport\BugReport.exe:*:Enabled:BugReport -- ()


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04F3BF74-9E34-4D3E-93C3-D3D1F24199C8}" = PC Connectivity Solution
"{0B3A8956-FAF7-4DB7-897C-86926C5323D2}" = Philips VLounge
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{4CE0B4BA-8862-444D-A94D-EF39AD48C8BC}" = Nokia PC Suite
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}" = Anno 1701 - Add-On
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.4
"{AF877D9F-EBA4-4FAA-83D1-6A0C866AF4BD}" = Philips SPC520NC Webcam
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 260.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 260.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}" = THE SETTLERS - Narodziny Imperium
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{F7963BA0-EE1C-11D4-9FA5-00A0C9E6A342}" = Commandos 2: Men of Courage
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1)
"2B0430566DEE7109F019A317398EA7F8DA53B293" = Pakiet sterowników systemu Windows - Philips (SPC520) Image (03/27/2007 1.00.2.6000)
"46D650DC11A19D8E1347F194E1244412C0FAFCF1" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
"4CFD94C379217A02D5EA067615FF789CD731BCDB" = Windows Driver Package - Nokia (WUDFRd) WPD (11/03/2006 6.82.26.2)
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"America Online us" = America Online (Choose which version to remove)
"Any Video Converter_is1" = Any Video Converter 3.0.7
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AolCoach" = AOL Coach Version 1.0(Build:20030807.3)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BadCopy Pro" = BadCopy Pro
"Call of Duty" = Call of Duty
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"Cossacks : Back To War" = Cossacks - Back To War
"CWK" = CWK (Czasowy Wyłącznik Komputera)
"Diablo II" = Diablo II
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.00
"FLVPlayer" = FLV Player 1.3.3
"FreeCall_is1" = FreeCall
"ImgBurn" = ImgBurn
"InCD!UninstallKey" = InCD
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"Kamerzysta" = Kamerzysta (deinstalacja)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Standard)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.1
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PowerISO" = PowerISO
"RealAlt_is1" = Real Alternative 1.9.0 Lite
"Rzeźnik MPEGów 1.1.991_is1" = Rzeźnik MPEGów 1.1.991
"S4Uninst" = The Settlers IV
"Sandboxie" = Sandboxie 3.45.07
"SkanerOnline" = Skaner on-line mks_vir
"SnoopFreePrivacyShield" = SnoopFree Privacy Shield
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SpeedFan" = SpeedFan (remove only)
"Starcraft" = Starcraft
"StarCraft II" = StarCraft II
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SubEdit-Player_is1" = SubEdit-Player
"SystemRequirementsLab" = System Requirements Lab
"uTorrent" = µTorrent
"ViewpointMediaPlayer" = Viewpoint Media Player
"Winamp" = Winamp (remove only)
"Winamp PL" = Winamp 5.33 PL
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1801674531-2025429265-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-09-30 07:49:17 | Computer Name = XXX | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca aolsetup.exe, wersja 11.2.1.1, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-09-30 07:49:36 | Computer Name = XXX | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca aolsetup.exe, wersja 11.2.1.1, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-10-02 15:45:51 | Computer Name = XXX | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca Game.exe, wersja 1.0.13.60, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-10-07 06:19:36 | Computer Name = XXX | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu.

Error - 2010-10-15 05:44:34 | Computer Name = XXX | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd snoopfreeui.exe, wersja 1.0.0.0, moduł powodujący
błąd snoopfreeui.exe, wersja 1.0.0.0, adres błędu 0x00004ffa.

Error - 2010-10-15 05:45:13 | Computer Name = XXX | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca gg.exe, wersja 7.7.0.3746, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-10-26 05:00:56 | Computer Name = XXX | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd snoopfreeui.exe, wersja 1.0.0.0, moduł powodujący
błąd ntdll.dll, wersja 5.1.2600.5755, adres błędu 0x00010c8e.

Error - 2010-10-31 07:21:08 | Computer Name = XXX | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu.

Error - 2010-11-01 06:24:53 | Computer Name = XXX | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd snoopfreeui.exe, wersja 1.0.0.0, moduł powodujący
błąd ntdll.dll, wersja 5.1.2600.5755, adres błędu 0x00010aeb.

Error - 2010-11-02 07:36:38 | Computer Name = XXX | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd nfsw.exe, wersja 1.0.0.139, moduł powodujący
błąd nfsw.exe, wersja 1.0.0.139, adres błędu 0x0030b1b9.

[ System Events ]
Error - 2010-11-14 06:48:37 | Computer Name = XXX | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: nvatabus Si3112 Si3124 Si3132 Si3132r5 Si3531

Error - 2010-11-14 07:23:54 | Computer Name = XXX | Source = DCOM | ID = 10016
Description = Zgodnie z ustawieniami uprawnień domyślne ustawienia komputera nie
jest udzielane uprawnienie Lokalne Aktywacja do aplikacji serwera COM z identyfikatorem
klasy {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1} użytkownikowi ZARZĄDZANIE NT\USŁUGA
LOKALNA o identyfikatorze zabezpieczeń (S-1-5-19). To uprawnienie zabezpieczeń
można modyfikować przy użyciu narzędzia administracyjnego usług składowych.

Error - 2010-11-14 16:34:22 | Computer Name = XXX | Source = DCOM | ID = 10016
Description = Zgodnie z ustawieniami uprawnień domyślne ustawienia komputera nie
jest udzielane uprawnienie Lokalne Aktywacja do aplikacji serwera COM z identyfikatorem
klasy {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1} użytkownikowi ZARZĄDZANIE NT\USŁUGA
SIECIOWA o identyfikatorze zabezpieczeń (S-1-5-20). To uprawnienie zabezpieczeń
można modyfikować przy użyciu narzędzia administracyjnego usług składowych.

Error - 2010-11-14 20:55:10 | Computer Name = XXX | Source = DCOM | ID = 10016
Description = Zgodnie z ustawieniami uprawnień domyślne ustawienia komputera nie
jest udzielane uprawnienie Lokalne Aktywacja do aplikacji serwera COM z identyfikatorem
klasy {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1} użytkownikowi ZARZĄDZANIE NT\USŁUGA
LOKALNA o identyfikatorze zabezpieczeń (S-1-5-19). To uprawnienie zabezpieczeń
można modyfikować przy użyciu narzędzia administracyjnego usług składowych.

Error - 2010-11-15 03:01:35 | Computer Name = XXX | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Java Quick Starter z powodu następującego
błędu: %%2

Error - 2010-11-15 03:01:40 | Computer Name = XXX | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: nvatabus Si3112 Si3124 Si3132 Si3132r5 Si3531

Error - 2010-11-15 08:25:48 | Computer Name = XXX | Source = DCOM | ID = 10016
Description = Zgodnie z ustawieniami uprawnień domyślne ustawienia komputera nie
jest udzielane uprawnienie Lokalne Aktywacja do aplikacji serwera COM z identyfikatorem
klasy {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1} użytkownikowi ZARZĄDZANIE NT\USŁUGA
LOKALNA o identyfikatorze zabezpieczeń (S-1-5-19). To uprawnienie zabezpieczeń
można modyfikować przy użyciu narzędzia administracyjnego usług składowych.

Error - 2010-11-15 12:22:49 | Computer Name = XXX | Source = DCOM | ID = 10016
Description = Zgodnie z ustawieniami uprawnień domyślne ustawienia komputera nie
jest udzielane uprawnienie Lokalne Aktywacja do aplikacji serwera COM z identyfikatorem
klasy {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1} użytkownikowi ZARZĄDZANIE NT\USŁUGA
LOKALNA o identyfikatorze zabezpieczeń (S-1-5-19). To uprawnienie zabezpieczeń
można modyfikować przy użyciu narzędzia administracyjnego usług składowych.

Error - 2010-11-16 03:23:34 | Computer Name = XXX | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Java Quick Starter z powodu następującego
błędu: %%2

Error - 2010-11-16 03:23:34 | Computer Name = XXX | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: nvatabus Si3112 Si3124 Si3132 Si3132r5 Si3531


< End of report >
[/log]


RSIT:

Info.txt
[log]info.txt logfile of random's system information tool 1.08 2010-11-16 12:41:57

======Uninstall list======

-->MsiExec /X{1C4551A6-4743-4093-91E4-1477CD655043}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
AC3Filter 1.63b-->"C:\Program Files\AC3Filter\unins000.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10k_Plugin.exe -maintain plugin
Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x9
Adobe Reader 8.2.4-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A82000000003}
Aktualizacja dla systemu Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2360131)-->"C:\WINDOWS\ie8updates\KB2360131-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Aktualizacja zabezpieczeń dla systemu Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe"
America Online (Choose which version to remove)-->C:\Program Files\Common Files\aolshare\Aolunins_us.exe
Anno 1701 - Add-On-->"C:\Program Files\InstallShield Installation Information\{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}\Setup.exe" -runfromtemp -l0x0015 -removeonly
Anno 1701-->"C:\Program Files\InstallShield Installation Information\{A2433A63-5F5D-40E5-B529-9123C2B3E734}\SETUP.EXE" -runfromtemp -l0x0015 -removeonly
Any Video Converter 3.0.7-->"C:\Program Files\AnvSoft\Any Video Converter\unins000.exe"
AOL Coach Version 1.0(Build:20030807.3)-->C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe
Apple Application Support-->MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
Apple Mobile Device Support-->MsiExec.exe /I{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}
Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
BadCopy Pro-->C:\PROGRA~1\Jufsoft\BadCopy\UNWISE.EXE C:\PROGRA~1\Jufsoft\BadCopy\INSTALL.LOG
Bonjour-->MsiExec.exe /X{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}
Call of Duty Modern Warfare 2-->"C:\Program Files\Activision\Modern Warfare 2\unins000.exe"
Call of Duty-->E:\Program Files\CALLOF~1\Uninstall\Unwise.exe /u E:\Program Files\CALLOF~1\Uninstall\Install.log
Commandos 2: Men of Courage-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7963BA0-EE1C-11D4-9FA5-00A0C9E6A342}\setup.exe"
Company of Heroes-->MsiExec.exe /X{199E6632-EB28-4F73-AECB-3E192EB92D18}
Cossacks - Back To War-->C:\WINDOWS\una2setup.exe
CWK (Czasowy Wyłącznik Komputera)-->"C:\Program Files\Damian Pasternak\CWK\CWK.exe" /uninstall
Diablo II-->C:\WINDOWS\DIIUnin.exe C:\WINDOWS\DIIUnin.dat
Download Updater (AOL LLC)-->C:\Program Files\Common Files\Software Update Utility\uninstall.exe
Dual-Core Optimizer-->MsiExec.exe /X{9FD6F1A8-5550-46AF-8509-271DF0E768B5}
DVD Solution-->"C:\Program Files\Uninstall_CDS.exe"
EasyCleaner-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly
EVEREST Ultimate Edition v4.00-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
FLV Player 1.3.3-->"C:\Program Files\FLVPlayer\uninstall.exe"
FreeCall-->"C:\Program Files\FreeCall.com\FreeCall\unins000.exe"
GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
ImgBurn-->"C:\Program Files\ImgBurn\uninstall.exe"
InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
iTunes-->MsiExec.exe /I{350FB27C-CF62-4EF3-AF9D-70FF313FE221}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Kamerzysta (deinstalacja)-->"C:\Program Files\Onet\Kamerzysta\odinstaluj.exe"
K-Lite Codec Pack 6.2.0 (Standard)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
LG ODD Auto Firmware Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\setup.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Medal of Honor (TM)-->MsiExec.exe /X{415030B8-3E8B-462A-8C03-41D95AA3AB3B}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{91110409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mozilla Firefox (3.5.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NAPIPROJEKT 1.0.6.1-->"C:\Program Files\NAPI-PROJEKT\unins000.exe"
Need for Speed™ Most Wanted-->e:\Program Files\Need for Speed Most Wanted\EAUninstall.exe
Need For Speed™ World-->"e:\Program Files\Electronic Arts\Need For Speed World\unins000.exe"
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nokia PC Suite-->MsiExec.exe /I{4CE0B4BA-8862-444D-A94D-EF39AD48C8BC}
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l1033
NVIDIA nView 135.36-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.NView
NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
NVIDIA PhysX-->MsiExec.exe /X{1C4551A6-4743-4093-91E4-1477CD655043}
NVIDIA Sterownik graficzny 260.89-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Driver
Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_1DD56D2122DDFA3E4C3B165E3A5CFA613B48BDC7\amdk8.inf
Pakiet sterowników systemu Windows - Philips (SPC520) Image (03/27/2007 1.00.2.6000)-->C:\PROGRA~1\DIFX\270581355A767BF1\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\spc520_2393375C41A81CBA8FE7B4BD848464BF36BCAC40\spc520.inf
PC Connectivity Solution-->MsiExec.exe /I{04F3BF74-9E34-4D3E-93C3-D3D1F24199C8}
Philips SPC520NC Webcam-->C:\Program Files\InstallShield Installation Information\{AF877D9F-EBA4-4FAA-83D1-6A0C866AF4BD}\Setup.exe -runfromtemp -l0x0015 -removeonly
Philips VLounge-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B3A8956-FAF7-4DB7-897C-86926C5323D2}\Setup.exe" -l0x9
Poprawka dla systemu Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
QuickTime-->MsiExec.exe /I{EB900AF8-CC61-4E15-871B-98D1EA3E8025}
Real Alternative 1.9.0 Lite-->"C:\Program Files\Real Alternative\unins000.exe"
Rzeźnik MPEGów 1.1.991-->"C:\Program Files\Rzeznik\unins000.exe"
Sandboxie 3.45.07-->"C:\WINDOWS\Installer\SandboxieInstall32.exe" /remove
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Skaner on-line mks_vir-->C:\WINDOWS\system32\SkanerOnlineUninstall.exe
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SnoopFree Privacy Shield-->SnoopFreeUI.exe /U
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x15 -removeonly
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
StarCraft II-->C:\Program Files\Common Files\Blizzard Entertainment\StarCraft II\Uninstall.exe
Starcraft-->C:\WINDOWS\SCunin.exe C:\WINDOWS\SCunin.dat
SubEdit-Player-->"C:\Program Files\SubEdit-Player\unins000.exe"
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
THE SETTLERS - Narodziny Imperium-->"C:\Program Files\InstallShield Installation Information\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}\setup.exe" -runfromtemp -l0x0015 -removeonly
The Settlers IV-->C:\WINDOWS\IsUninst.exe -f"e:\Program Files\The Settlers IV\Uninst.isu" -c"e:\Program Files\The Settlers IV\BBINST.DLL"
Ubisoft Game Launcher-->"C:\Program Files\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
Uninstall AOL Emergency Connect Utility 1.0-->C:\Program Files\Common Files\AOL\ECU\uninst.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Ventrilo-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
Winamp 5.33 PL-->"C:\Program Files\Winamp\uninst-winamp_pl.exe"
Windows Driver Package - Nokia (WUDFRd) WPD (11/03/2006 6.82.26.2)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_6B630EE2E66584353C6CD8683D447072872F34D8\pccswpddriver.inf
Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567\nokbtmdm.inf
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======System event log======

Computer Name: XXX
Event Code: 7035
Message: Do usługi PnkBstrK został pomyślnie wysłany kod sterowania uruchom.

Record Number: 20817
Source Name: Service Control Manager
Time Written: 20101014185536.000000+060
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: XXX
Event Code: 7035
Message: Do usługi PnkBstrB został pomyślnie wysłany kod sterowania uruchom.

Record Number: 20816
Source Name: Service Control Manager
Time Written: 20101014185508.000000+060
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: XXX
Event Code: 7036
Message: Usługa PnkBstrB weszła w stan uruchomienia.

Record Number: 20815
Source Name: Service Control Manager
Time Written: 20101014185508.000000+060
Event Type: informacje
User:

Computer Name: XXX
Event Code: 7035
Message: Do usługi PnkBstrB został pomyślnie wysłany kod sterowania zatrzymaj.

Record Number: 20814
Source Name: Service Control Manager
Time Written: 20101014185504.000000+060
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: XXX
Event Code: 7036
Message: Usługa PnkBstrB weszła w stan zatrzymania.

Record Number: 20813
Source Name: Service Control Manager
Time Written: 20101014185504.000000+060
Event Type: informacje
User:

=====Application event log=====

Computer Name: PAWEL
Event Code: 4096
Message: The AntiVir service has been started successfully!

Record Number: 189
Source Name: Avira AntiVir
Time Written: 20100107082357.000000+000
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: PAWEL
Event Code: 1000
Message: Aplikacja powodująca błąd iexplore.exe, wersja 8.0.6001.18702, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.5755, adres błędu 0x00029265.

Record Number: 188
Source Name: Application Error
Time Written: 20100106225001.000000+000
Event Type: błąd
User:

Computer Name: PAWEL
Event Code: 1000
Message: Aplikacja powodująca błąd iexplore.exe, wersja 8.0.6001.18702, moduł powodujący błąd msvcrt.dll, wersja 7.0.2600.5512, adres błędu 0x00037410.

Record Number: 187
Source Name: Application Error
Time Written: 20100106224847.000000+000
Event Type: błąd
User:

Computer Name: PAWEL
Event Code: 1000
Message: Aplikacja powodująca błąd iexplore.exe, wersja 8.0.6001.18702, moduł powodujący błąd mshtml.dll, wersja 8.0.6001.22918, adres błędu 0x0008ddc2.

Record Number: 186
Source Name: Application Error
Time Written: 20100106214430.000000+000
Event Type: błąd
User:

Computer Name: PAWEL
Event Code: 1000
Message: Aplikacja powodująca błąd iexplore.exe, wersja 8.0.6001.18702, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.5755, adres błędu 0x00029265.

Record Number: 185
Source Name: Application Error
Time Written: 20100106214415.000000+000
Event Type: błąd
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\QuickTime\QTSystem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4b02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"asl.log"=Destination=file;OnFirstLog=command,environment,parent
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
[/log]

log.txt
[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Admin at 2010-11-16 12:41:45
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 55 GB (55%) free of 99 GB
Total RAM: 3070 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:41:56, on 2010-11-16
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\System32\SnoopFreeSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SnoopFreeUI.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Programy\Antywiry\Sprawdzanie logow\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (file missing)
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Admin\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll
O4 - HKLM\..\Run: [SnoopFreeUI] SnoopFreeUI.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-21-1801674531-2025429265-682003330-1010\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'De 2')
O4 - HKUS\S-1-5-21-1801674531-2025429265-682003330-1010\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" (User 'De 2')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: VPro520.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O19 - User stylesheet: C:\sledzik.css.txt
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Usługa Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Snoop Free Service (SnoopFreeSvc) - Unknown owner - C:\WINDOWS\System32\SnoopFreeSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 8994 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Registry Reviver-Admin-Startup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-06-16 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-19 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]
IEPluginBHO Class - C:\Documents and Settings\Admin\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll [2009-12-02 37376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SnoopFreeUI"=C:\WINDOWS\SnoopFreeUI.exe [2010-01-11 221184]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-11-05 281768]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-10-08 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-10-08 13851752]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-08-25 1753192]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2010-04-14 395496]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-10-16 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"LightScribeService"=2
"InCDsrv"=2
"Apple Mobile Device"=2
"Adobe LM Service"=3

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
VPro520.lnk - C:\WINDOWS\VPro520.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2009-10-16 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"E:\Program Files\Call of Duty\CoDMP.exe"="E:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"C:\Program Files\Gadu-Gadu\gg.exe"="C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"E:\Program Files\Anno 1701\Anno1701.exe"="E:\Program Files\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701"
"E:\Program Files\Anno 1701\Anno1701AddOn.exe"="E:\Program Files\Anno 1701\Anno1701AddOn.exe:*:Enabled:Anno 1701 Add-On 01"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe"="C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe:*:Enabled:FreeCall"
"E:\Program Files\Gadu-Gadu\gg.exe"="E:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny"
"E:\Program Files\StarCraft II\StarCraft II.exe"="E:\Program Files\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\Documents and Settings\Admin\Pulpit\utorrent.exe"="C:\Documents and Settings\Admin\Pulpit\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Common Files\aol\acs\AOLDial.exe"="C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer"
"C:\Program Files\Common Files\aol\acs\AOLacsd.exe"="C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service"
"C:\Program Files\Common Files\aol\1281603717\ee\aolsoftware.exe"="C:\Program Files\Common Files\aol\1281603717\ee\aolsoftware.exe:*:Enabled:AOL Shared Components"
"C:\Program Files\AOL 9.5\waol.exe"="C:\Program Files\AOL 9.5\waol.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe"="C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
"C:\Program Files\Common Files\aol\Loader\aolload.exe"="C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Common Files\aol\System Information\sinf.exe"="C:\Program Files\Common Files\aol\System Information\sinf.exe:*:Enabled:AOL System Information"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Usługa Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"E:\Obrazy plyt\Test Drive Unlimited\TDU\TestDriveUnlimited.exe"="E:\Obrazy plyt\Test Drive Unlimited\TDU\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"
"E:\Program Files\THE SETTLERS - Narodziny Imperium\base\bin\Settlers6.exe"="E:\Program Files\THE SETTLERS - Narodziny Imperium\base\bin\Settlers6.exe:*:Enabled:THE SETTLERS - Narodziny Imperium"
"C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe"="C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Enabled:Need for Speed World"
"C:\Program Files\THQ\Company of Heroes\BugReport\BugReport.exe"="C:\Program Files\THQ\Company of Heroes\BugReport\BugReport.exe:*:Enabled:BugReport"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"

======List of files/folders created in the last 2 months======

2010-11-16 12:41:45 ----D---- C:\rsit
2010-11-14 23:49:33 ----D---- C:\Program Files\THQ
2010-11-14 23:46:39 ----A---- C:\WINDOWS\system32\drivers\AmdLLD.sys
2010-11-14 23:46:37 ----D---- C:\Program Files\AMD
2010-11-08 01:13:22 ----SHD---- C:\Documents and Settings\All Users\Dane aplikacji\DSS
2010-11-07 23:50:56 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-11-07 23:50:56 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-11-07 23:50:55 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-11-07 23:50:54 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-11-05 12:28:15 ----D---- C:\Documents and Settings\Admin\Dane aplikacji\ImgBurn
2010-11-05 12:21:17 ----D---- C:\Program Files\ImgBurn
2010-11-05 10:35:53 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-11-04 03:06:33 ----D---- C:\WINDOWS\system32\XPSViewer
2010-11-04 03:06:29 ----D---- C:\Program Files\MSBuild
2010-11-04 03:06:27 ----D---- C:\WINDOWS\system32\en-US
2010-11-04 03:06:20 ----D---- C:\Program Files\Reference Assemblies
2010-11-04 03:05:55 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-11-04 03:05:55 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-11-04 03:05:55 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-11-02 11:19:54 ----D---- C:\Documents and Settings\Admin\Dane aplikacji\Need for Speed World
2010-11-02 11:04:22 ----RSD---- C:\WINDOWS\assembly
2010-11-02 11:03:40 ----D---- C:\WINDOWS\Microsoft.NET
2010-11-02 11:01:16 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
2010-10-29 00:59:17 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-10-29 00:59:16 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2010-10-29 00:59:16 ----A---- C:\WINDOWS\system32\nvgenco32.dll
2010-10-29 00:59:16 ----A---- C:\WINDOWS\system32\nvdispco32.dll
2010-10-29 00:59:16 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2010-10-29 00:59:16 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2010-10-29 00:59:16 ----A---- C:\WINDOWS\system32\nvcuda.dll
2010-10-29 00:59:14 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-10-29 00:59:14 ----A---- C:\WINDOWS\system32\nvapi.dll
2010-10-25 19:53:23 ----D---- C:\Program Files\StarCraft II
2010-10-15 09:45:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2010-10-15 09:40:39 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-10-15 09:37:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$
2010-10-15 09:37:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2010-10-15 09:37:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2010-10-15 09:37:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2010-10-15 09:37:17 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2010-10-15 09:37:08 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2010-10-15 09:34:17 ----HDC---- C:\WINDOWS\$NtUninstallKB981957$
2010-10-15 09:34:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2010-10-08 01:28:44 ----A---- C:\WINDOWS\system32\nvwddi.dll
2010-10-08 01:28:42 ----A---- C:\WINDOWS\system32\nvrsth.dll
2010-10-08 01:28:42 ----A---- C:\WINDOWS\system32\nvrseng.dll
2010-10-08 01:28:38 ----A---- C:\WINDOWS\system32\nvrszht.dll
2010-10-08 01:28:38 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2010-10-08 01:28:38 ----A---- C:\WINDOWS\system32\nvrsel.dll
2010-10-08 01:28:36 ----A---- C:\WINDOWS\system32\nvrshe.dll
2010-10-08 01:28:36 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2010-10-08 01:28:36 ----A---- C:\WINDOWS\system32\nvrsda.dll
2010-10-08 01:28:34 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2010-10-08 01:28:34 ----A---- C:\WINDOWS\system32\nvrssl.dll
2010-10-08 01:28:34 ----A---- C:\WINDOWS\system32\nvrsru.dll
2010-10-08 01:28:34 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2010-10-08 01:28:34 ----A---- C:\WINDOWS\system32\nvrshu.dll
2010-10-08 01:28:34 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2010-10-08 01:28:32 ----A---- C:\WINDOWS\system32\nvrstr.dll
2010-10-08 01:28:30 ----A---- C:\WINDOWS\system32\nvrssv.dll
2010-10-08 01:28:30 ----A---- C:\WINDOWS\system32\nvrsko.dll
2010-10-08 01:28:30 ----A---- C:\WINDOWS\system32\nvrses.dll
2010-10-08 01:28:30 ----A---- C:\WINDOWS\system32\nvrscs.dll
2010-10-08 01:28:28 ----A---- C:\WINDOWS\system32\nvrssk.dll
2010-10-08 01:28:28 ----A---- C:\WINDOWS\system32\nvrsde.dll
2010-10-08 01:28:28 ----A---- C:\WINDOWS\system32\nvrsar.dll
2010-10-08 01:28:26 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2010-10-08 01:28:26 ----A---- C:\WINDOWS\system32\nvrspt.dll
2010-10-08 01:28:26 ----A---- C:\WINDOWS\system32\nvrspl.dll
2010-10-08 01:28:26 ----A---- C:\WINDOWS\system32\nvrsno.dll
2010-10-08 01:28:26 ----A---- C:\WINDOWS\system32\nvrsit.dll
2010-10-08 01:28:24 ----A---- C:\WINDOWS\system32\nvrsja.dll
2010-10-08 01:28:24 ----A---- C:\WINDOWS\system32\nvmctray.dll
2010-10-08 01:28:24 ----A---- C:\WINDOWS\system32\nvmccs.dll
2010-10-08 01:28:24 ----A---- C:\WINDOWS\system32\nvcpl.dll
2010-10-08 01:28:22 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2010-10-08 01:28:22 ----A---- C:\WINDOWS\system32\nvcolor.exe
2010-10-02 19:49:25 ----D---- C:\Program Files\Rzeznik
2010-09-30 14:47:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2158563$
2010-09-30 11:51:41 ----D---- C:\Program Files\AOL Companion
2010-09-30 11:50:46 ----A---- C:\WINDOWS\system32\jgdwmie.dll
2010-09-30 11:50:46 ----A---- C:\WINDOWS\system32\aolddial.dll
2010-09-30 11:50:27 ----A---- C:\WINDOWS\wanmpsvc.exe
2010-09-30 11:50:22 ----A---- C:\WINDOWS\system32\drivers\wanatw4.sys
2010-09-30 11:50:16 ----D---- C:\Program Files\Common Files\aolshare
2010-09-30 11:50:14 ----D---- C:\Program Files\America Online 9.0
2010-09-30 11:50:14 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\AOL
2010-09-30 11:49:40 ----D---- C:\Program Files\Common Files\AOL
2010-09-26 17:51:54 ----D---- C:\Program Files\Ubisoft
2010-09-22 11:54:22 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Tages
2010-09-22 01:31:43 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited
2010-09-22 01:16:34 ----RHD---- C:\Documents and Settings\Admin\Dane aplikacji\SecuROM
2010-09-22 01:16:34 ----A---- C:\WINDOWS\system32\CmdLineExt.dll

======List of files/folders modified in the last 2 months======

2010-11-16 12:41:47 ----D---- C:\Program Files\trend micro
2010-11-16 12:38:45 ----D---- C:\WINDOWS\Prefetch
2010-11-16 10:30:03 ----D---- C:\Program Files\Mozilla Firefox
2010-11-16 10:27:55 ----D---- C:\WINDOWS\temp
2010-11-16 07:23:40 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-16 02:11:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-16 02:10:51 ----D---- C:\Documents and Settings\Admin\Dane aplikacji\Skype
2010-11-16 00:07:02 ----D---- C:\Documents and Settings\Admin\Dane aplikacji\skypePM
2010-11-15 16:22:19 ----A---- C:\WINDOWS\win.ini
2010-11-15 16:16:21 ----D---- C:\Documents and Settings\Admin\Dane aplikacji\uTorrent
2010-11-15 16:08:43 ----HD---- C:\WINDOWS\inf
2010-11-15 16:06:05 ----D---- C:\WINDOWS\system32\NtmsData
2010-11-15 16:01:36 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2010-11-15 16:01:36 ----D---- C:\Documents and Settings\Admin\Dane aplikacji\Adobe
2010-11-15 16:00:02 ----D---- C:\WINDOWS\Registration
2010-11-15 07:01:41 ----D---- C:\WINDOWS
2010-11-14 23:52:43 ----SHD---- C:\WINDOWS\Installer
2010-11-14 23:50:21 ----D---- C:\WINDOWS\system32\DirectX
2010-11-14 23:49:33 ----D---- C:\Program Files
2010-11-14 23:47:51 ----D---- C:\Program Files\Adobe
2010-11-14 23:46:53 ----RSH---- C:\boot.ini
2010-11-14 23:46:50 ----D---- C:\WINDOWS\system32\drivers
2010-11-14 23:39:23 ----A---- C:\WINDOWS\NeroDigital.ini
2010-11-13 16:56:41 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-11-12 01:59:58 ----D---- C:\Program Files\SpeedFan
2010-11-11 11:44:14 ----A---- C:\WINDOWS\system32\MRT.exe
2010-11-10 11:36:26 ----D---- C:\WINDOWS\system32\drivers\etc
2010-11-10 07:22:43 ----A---- C:\WINDOWS\Sandboxie.ini
2010-11-07 23:50:56 ----D---- C:\WINDOWS\system32
2010-11-07 23:46:57 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-11-07 23:46:27 ----D---- C:\Program Files\AGEIA Technologies
2010-11-05 12:45:08 ----D---- C:\Program Files\PowerISO
2010-11-05 10:36:13 ----D---- C:\WINDOWS\system32\CatRoot
2010-11-05 10:36:03 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-11-05 10:34:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-05 10:34:11 ----D---- C:\WINDOWS\WinSxS
2010-11-04 03:06:25 ----RSD---- C:\WINDOWS\Fonts
2010-11-04 03:06:04 ----D---- C:\WINDOWS\system32\spool
2010-11-04 03:04:19 ----D---- C:\WINDOWS\system32\mui
2010-11-04 03:04:19 ----D---- C:\Program Files\Internet Explorer
2010-11-02 11:26:45 ----SD---- C:\Documents and Settings\Admin\Dane aplikacji\Microsoft
2010-10-29 01:01:04 ----D---- C:\WINDOWS\Help
2010-10-29 01:01:04 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation
2010-10-29 01:01:00 ----D---- C:\Program Files\NVIDIA Corporation
2010-10-29 00:48:15 ----D---- C:\WINDOWS\Minidump
2010-10-28 13:10:56 ----HD---- C:\Program Files\InstallShield Installation Information
2010-10-18 21:51:28 ----RD---- C:\Sandbox
2010-10-15 09:45:47 ----A---- C:\WINDOWS\imsins.BAK
2010-10-15 09:45:27 ----HD---- C:\WINDOWS\$hf_mig$
2010-10-15 09:36:48 ----D---- C:\WINDOWS\ie8updates
2010-10-08 08:30:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2010-09-30 11:51:38 ----D---- C:\WINDOWS\occache
2010-09-30 11:50:16 ----D---- C:\Program Files\Common Files
2010-09-29 21:04:22 ----SHD---- C:\RECYCLER
2010-09-27 09:44:09 ----D---- C:\Program Files\NAPI-PROJEKT
2010-09-27 09:15:54 ----D---- C:\Program Files\uTorrent
2010-09-18 11:23:44 ----A---- C:\WINDOWS\system32\mfc42u.dll
2010-09-18 06:53:42 ----A---- C:\WINDOWS\system32\mfc42.dll
2010-09-18 06:53:41 ----A---- C:\WINDOWS\system32\mfc40u.dll
2010-09-18 06:53:41 ----A---- C:\WINDOWS\system32\mfc40.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2009-10-16 164896]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-07 43528]
R0 SnoopFree;SnoopFree Driver; C:\WINDOWS\System32\Drivers\SnopFree.sys [2010-01-11 9472]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-02-05 717296]
R1 AmdK8;Sterownik procesora AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43520]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-11-05 126856]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-08 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-11-02 28672]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2009-10-16 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-09-22 281760]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-11-05 60936]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-09-22 25888]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-05-02 229376]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-26 93824]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2009-10-16 144384]
R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2009-10-16 10368]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2009-10-16 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-10-08 9587776]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-05-16 52736]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-05-16 18944]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys []
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 SPC520;Philips SPC520NC PC Camera; C:\WINDOWS\system32\drivers\SPC520.sys [2007-03-27 85504]
R3 SPC520m;Philips SPC520NC PC Cameram; C:\WINDOWS\system32\drivers\SPC520m.sys [2007-03-27 7680]
R3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-08 99584]
S0 nvatabus;nvatabus; C:\WINDOWS\system32\drivers\nvatabus.sys [2009-10-16 100736]
S0 Si3112;Si3112; C:\WINDOWS\system32\drivers\Si3112.sys [2009-10-16 62336]
S0 Si3114r5;Si3114r5; C:\WINDOWS\system32\drivers\Si3114r5.sys [2009-10-16 195072]
S0 Si3124;Si3124; C:\WINDOWS\system32\drivers\Si3124.sys [2009-10-16 69248]
S0 Si3132;Si3132; C:\WINDOWS\system32\drivers\Si3132.sys [2009-10-16 74672]
S0 Si3132r5;Si3132r5; C:\WINDOWS\system32\drivers\Si3132r5.sys [2009-10-16 215856]
S0 Si3531;Si3531; C:\WINDOWS\system32\drivers\Si3531.sys [2009-10-16 212520]
S3 addosiu5;addosiu5; C:\WINDOWS\system32\drivers\addosiu5.sys []
S3 ayo39r8b;ayo39r8b; C:\WINDOWS\system32\drivers\ayo39r8b.sys []
S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt []
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Vista Driver; C:\WINDOWS\system32\DRIVERS\wg111v3.sys [2009-07-31 341504]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-10-16 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-10-16 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-11-05 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-11-05 267944]
R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe [2004-04-21 1434848]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 Bonjour Service;Usługa Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [2006-06-29 172032]
R2 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2006-04-03 20543]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2006-06-29 131131]
R2 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2006-06-29 65599]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-10-08 156776]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-02-18 66872]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2010-04-14 73960]
R2 SnoopFreeSvc;Snoop Free Service; C:\WINDOWS\System32\SnoopFreeSvc.exe [2010-01-11 90112]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe [2005-04-02 217600]
R2 WANMiniportService;WAN Miniport (ATW) Service; C:\WINDOWS\wanmpsvc.exe [2003-01-10 65536]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-01-02 68096]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Usługa iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-09-01 820008]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2006-11-06 210432]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-10-16 14336]
S4 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-08 871424]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]

-----------------EOF-----------------
[/log]


GMER:

Gmer log 1:
[log]GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-11-16 17:33:30
Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Scsi\nvgts2Port3Path0Target0Lun0 ST332062 rev.3.AA
Running: eigfe6qs.exe; Driver: C:\DOCUME~1\Admin\USTAWI~1\Temp\pgtdipow.sys


---- System - GMER 1.0.15 ----

SSDT B87B06E6 ZwCreateKey
SSDT SnopFree.sys ZwCreateProcessEx [0xB84BC9E4]
SSDT B87B06DC ZwCreateThread
SSDT B87B06EB ZwDeleteKey
SSDT B87B06F5 ZwDeleteValueKey
SSDT spnv.sys ZwEnumerateKey [0xB7EC6CA2]
SSDT spnv.sys ZwEnumerateValueKey [0xB7EC7030]
SSDT B87B06FA ZwLoadKey
SSDT spnv.sys ZwOpenKey [0xB7EA80C0]
SSDT B87B06C8 ZwOpenProcess
SSDT B87B06CD ZwOpenThread
SSDT spnv.sys ZwQueryKey [0xB7EC7108]
SSDT spnv.sys ZwQueryValueKey [0xB7EC6F88]
SSDT B87B0704 ZwReplaceKey
SSDT B87B06FF ZwRestoreKey
SSDT B87B06F0 ZwSetValueKey
SSDT SnopFree.sys ZwTerminateProcess [0xB84BC9F4]

INT 0x62 ? 8AE4ABF8
INT 0x63 ? 8ADD4BF8
INT 0x73 ? 8ADD4BF8
INT 0x83 ? 8ADD4BF8
INT 0xB1 ? 8ADD4BF8
INT 0xB1 ? 8ADD4BF8
INT 0xB4 ? 8ADCFBF8

Code B86AFC9C ZwRequestPort
Code B86AFD3C ZwRequestWaitReplyPort
Code B86AFBFC ZwTraceEvent
Code B86AFC9B NtRequestPort
Code B86AFD3B NtRequestWaitReplyPort
Code B86AFBFB NtTraceEvent

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!NtTraceEvent 8053512C 5 Bytes JMP B86AFC00
PAGE ntkrnlpa.exe!NtRequestPort 805A2A3C 5 Bytes JMP B86AFCA0
PAGE ntkrnlpa.exe!NtRequestWaitReplyPort 805A2D68 5 Bytes JMP B86AFD40
.text SnopFree.sys B84BCD42 5 Bytes JMP B86AF8E0
.text SnopFree.sys B84BCDA8 5 Bytes JMP B86AF3E0
? C:\WINDOWS\system32\drivers\SnopFree.sys Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces.
? spnv.sys Nie można odnaleźć określonego pliku. !
.text USBPORT.SYS!DllUnload B75DA8AC 5 Bytes JMP 8ADCF1D8
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB6AF83A0, 0x5C77B9, 0xE8000020]
? System32\Drivers\aiap83yi.SYS System nie może odnaleźć określonej ścieżki. !
.text arp8u3h2.SYS B6323386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text arp8u3h2.SYS B63233AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text arp8u3h2.SYS B63233C4 3 Bytes [00, 70, 02] {ADD [EAX+0x2], DH}
.text arp8u3h2.SYS B63233C9 1 Byte [2E]
.text arp8u3h2.SYS B63233C9 11 Bytes [2E, 00, 00, 00, 5A, 02, 00, ...]
.text ...
init C:\WINDOWS\system32\drivers\Senfilt.sys entry point in "init" section [0xB4132A00]
.text win32k.sys!EngAcquireSemaphore + 20F0 BF8082B4 5 Bytes JMP B86AF480
.text win32k.sys!EngCopyBits + 68D BF838F47 5 Bytes JMP B86AF5C0
.text win32k.sys!EngCreateBitmap + 6F4 BF83E159 5 Bytes JMP B86AF700
.text win32k.sys!EngMultiByteToWideChar + 789E BF869E5D 5 Bytes JMP B86AFA20
.text win32k.sys!EngMulDiv + 819D BF872D73 5 Bytes JMP B86AF660
.text win32k.sys!EngCreatePalette + 1CB BF87EACD 5 Bytes JMP B86AF520
.text win32k.sys!EngAlphaBlend + 2998 BF8C3203 5 Bytes JMP B86AF7A0
.text win32k.sys!PATHOBJ_bCloseFigure + 19F1 BF8F9885 5 Bytes JMP B86AF980
.text win32k.sys!EngCreateClip + 19B2 BF9138F1 5 Bytes JMP B86AFAC0
.text win32k.sys!EngCreateClip + 1F42 BF913E81 5 Bytes JMP B86AFB60
.text win32k.sys!EngCreateClip + 2588 BF9144C7 5 Bytes JMP B86AF840
.text C:\WINDOWS\system32\DRIVERS\atksgt.sys section is writeable [0xA2AAD300, 0x3B6D8, 0xE8000020]
.text C:\WINDOWS\system32\DRIVERS\lirsgt.sys section is writeable [0xABE64300, 0x1BEE, 0xE8000020]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B7EA9040] spnv.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B7EA913C] spnv.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B7EA90BE] spnv.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B7EA97FC] spnv.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B7EA96D2] spnv.sys
IAT \SystemRoot\System32\Drivers\arp8u3h2.SYS[HAL.dll!KfAcquireSpinLock] C0840CEC
IAT \SystemRoot\System32\Drivers\arp8u3h2.SYS[HAL.dll!READ_PORT_UCHAR] 053C0D74
IAT \SystemRoot\System32\Drivers\arp8u3h2.SYS[HAL.dll!KeGetCurrentIrql] 57B80974
IAT \SystemRoot\System32\Drivers\arp8u3h2.SYS[HAL.dll!KfRaiseIrql] 8B000000
IAT \SystemRoot\System32\Drivers\arp8u3h2.SYS[HAL.dll!KfLowerIrql] 56C35DE5
IAT \SystemRoot\System32\Drivers\arp8u3h2.SYS[HAL.dll!HalGetInterruptVector] 8D08758B
IAT \SystemRoot\System32\Drivers\arp8u3h2.SYS[HAL.dll!HalTranslateBusAddress] 8D51FC4D
IAT \SystemRoot\System32\Drivers\arp8u3h2.SYS[HAL.dll!KeStallExecutionProcessor] 8D52FD55
IAT \SystemRoot\System32\Drivers\arp8u3h2.SYS[HAL.dll!KfReleaseSpinLock] 8D51FE4D
IAT \SystemRoot\System32\Drivers\arp8u3h2.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 8D52FF55
IAT \SystemRoot\System32\Drivers\arp8u3h2.SYS[HAL.dll!READ_PORT_USHORT] 8D51F84D
IAT \SystemRoot\System32\Drivers\arp8u3h2.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 5052F455
IAT \SystemRoot\System32\Drivers\arp8u3h2.SYS[HAL.dll!WRITE_PORT_UCHAR] EACAE856
IAT \SystemRoot\System32\Drivers\arp8u3h2.SYS[WMILIB.SYS!WmiSystemControl] 0FC08520
IAT \SystemRoot\System32\Drivers\arp8u3h2.SYS[WMILIB.SYS!WmiCompleteRequest] 0001B185
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B7EB9048] spnv.sys

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8AE451F8
Device \Driver\usbohci \Device\USBPDO-0 8ADD01F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8ADD21F8
Device \Driver\dmio \Device\DmControl\DmConfig 8ADD21F8
Device \Driver\dmio \Device\DmControl\DmPnP 8ADD21F8
Device \Driver\dmio \Device\DmControl\DmInfo 8ADD21F8
Device \Driver\usbehci \Device\USBPDO-1 8AE491F8
Device \Driver\PCI_PNP7558 \Device\00000052 spnv.sys
Device \Driver\PCI_PNP7558 \Device\00000053 spnv.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{1392BF3B-04DB-4FF2-B6EB-5835A832A4E5} 89DD71F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 8AE4B1F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 8AE4B1F8
Device \Driver\Cdrom \Device\CdRom0 8AE481F8
Device \Driver\Ftdisk \Device\HarddiskVolume3 8AE4B1F8
Device \Driver\Cdrom \Device\CdRom1 8AE481F8
Device \Driver\atapi \Device\Ide\IdePort0 [B7DFBB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [B7DFBB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 [B7DFBB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c [B7DFBB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Ftdisk \Device\HarddiskVolume4 8AE4B1F8
Device \Driver\Cdrom \Device\CdRom2 8AE481F8
Device \Driver\Cdrom \Device\CdRom3 8AE481F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 89DD71F8
Device \Driver\sptd \Device\1790571308 spnv.sys
Device \Driver\NetBT \Device\NetbiosSmb 89DD71F8
Device \Driver\sptd \Device\1790415058 spnv.sys
Device \Driver\usbohci \Device\USBFDO-0 8ADD01F8
Device \Driver\usbehci \Device\USBFDO-1 8AE491F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 89E001F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 89E001F8
Device \Driver\Ftdisk \Device\FtControl 8AE4B1F8
Device \Driver\aiap83yi \Device\Scsi\aiap83yi1Port5Path0Target1Lun0 8A9D6500
Device \Driver\nvgts \Device\Scsi\nvgts2Port3Path1Target1Lun0 8ADD11F8
Device \Driver\aiap83yi \Device\Scsi\aiap83yi1 8A9D6500
Device \Driver\nvgts \Device\Scsi\nvgts2Port3Path0Target0Lun0 8ADD11F8
Device \Driver\nvgts \Device\Scsi\nvgts1 8ADD11F8
Device \Driver\nvgts \Device\Scsi\nvgts2 8ADD11F8
Device \Driver\nvgts \Device\Scsi\nvgts3 8ADD11F8
Device \Driver\arp8u3h2 \Device\Scsi\arp8u3h21 8A9B91F8
Device \Driver\aiap83yi \Device\Scsi\aiap83yi1Port5Path0Target0Lun0 8A9D6500
Device \FileSystem\Cdfs \Cdfs 8ABC1500

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x58 0xD0 0x2A 0x09 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 52\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5A 0x24 0xB5 0x7E ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x27 0xB7 0x65 0x3C ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41@ujdew 0xBE 0x39 0x6D 0x99 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x16 0x1D 0xDF 0x73 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x81 0xF7 0x2E 0x3B ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x0F 0x42 0xAE 0x1F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 -764495635
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 -1033911924
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x58 0xD0 0x2A 0x09 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 52\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5A 0x24 0xB5 0x7E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x3F 0x3F 0xCC 0x45 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41@ujdew 0x43 0xD4 0xAA 0x72 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x16 0x1D 0xDF 0x73 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x81 0xF7 0x2E 0x3B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x0F 0x42 0xAE 0x1F ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x58 0xD0 0x2A 0x09 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 52\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5A 0x24 0xB5 0x7E ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x3F 0x3F 0xCC 0x45 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41@ujdew 0x43 0xD4 0xAA 0x72 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x16 0x1D 0xDF 0x73 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x81 0xF7 0x2E 0x3B ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x0F 0x42 0xAE 0x1F ...

---- EOF - GMER 1.0.15 ----
[/log]

Gmer log 2:
[log]GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-11-16 17:35:10
Windows 5.1.2600 Dodatek Service Pack 3
Running: eigfe6qs.exe; Driver: C:\DOCUME~1\Admin\USTAWI~1\Temp\pgtdipow.sys


---- Services - GMER 1.0.15 ----

Service .NET CLR Data
Service .NET CLR Networking
Service .NET Data Provider for Oracle
Service .NET Data Provider for SqlServer
Service .NETFramework
Service [DISABLED] Abiosdsk
Service [DISABLED] abp480n5
Service C:\WINDOWS\system32\DRIVERS\ACPI.sys (Sterownik ACPI dla systemu NT/Microsoft Corporation) [BOOT] ACPI
Service (Sterownik kontrolera osadzonego interfejsu ACPI/Microsoft Corporation) [DISABLED] ACPIEC
Service C:\WINDOWS\system32\drivers\ADIHdAud.sys (High Definition Audio Function Driver/Analog Devices, Inc.) [MANUAL] ADIHdAudAddService
Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [MANUAL] Adobe LM Service
Service [DISABLED] adpu160m
Service C:\WINDOWS\system32\drivers\AEAudio.sys (Audio Noise Filtering Driver (32-bit)/Andrea Electronics Corporation) [MANUAL] AEAudio
Service C:\WINDOWS\system32\drivers\aec.sys (Microsoft Acoustic Echo Canceller/Microsoft Corporation) [MANUAL] aec
Service C:\WINDOWS\System32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) [SYSTEM] AFD
Service [DISABLED] Aha154x
Service ahcix86
Service [DISABLED] aic78u2
Service [DISABLED] aic78xx
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Alerter
Service C:\WINDOWS\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) [MANUAL] ALG
Service [DISABLED] AliIde
Service amdide
Service C:\WINDOWS\system32\DRIVERS\AmdK8.sys (AMD Processor Driver/Advanced Micro Devices) [SYSTEM] AmdK8
Service C:\WINDOWS\system32\DRIVERS\AmdLLD.sys (AMD Low Level Device Driver/AMD, Inc.) [MANUAL] AmdLLD
Service [DISABLED] amsint
Service C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) [AUTO] AntiVirSchedulerService
Service C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) [AUTO] AntiVirService
Service C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe (AOL Connectivity Service/America Online, Inc.) [AUTO] AOL ACS
Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Mobile Device Service/Apple Inc.) [AUTO] Apple Mobile Device
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] AppMgmt
Service [DISABLED] asc
Service [DISABLED] asc3350p
Service [DISABLED] asc3550
Service ASP.NET
Service ASP.NET_2.0.50727
Service C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft ASP.NET State Server/Microsoft Corporation) [MANUAL] aspnet_state
Service C:\WINDOWS\system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac
Service C:\WINDOWS\system32\DRIVERS\atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) [BOOT] atapi
Service [DISABLED] Atdisk
Service C:\WINDOWS\system32\DRIVERS\atksgt.sys [AUTO] atksgt
Service C:\WINDOWS\system32\DRIVERS\atmarpc.sys (IP/ATM Arp Client/Microsoft Corporation) [MANUAL] Atmarpc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] AudioSrv
Service C:\WINDOWS\system32\DRIVERS\audstub.sys (AudStub Driver/Microsoft Corporation) [MANUAL] audstub
Service C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira AntiVir Support for Minifilter/Avira GmbH) [SYSTEM] avgio
Service C:\WINDOWS\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) [AUTO] avgntflt
Service C:\WINDOWS\system32\DRIVERS\avipbb.sys (Avira Driver for Security Enhancement/Avira GmbH) [SYSTEM] avipbb
Service BattC
Service (BEEP Driver/Microsoft Corporation) [SYSTEM] Beep
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] BITS
Service C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service/Apple Inc.) [AUTO] Bonjour Service
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Browser
Service (CardBus/PCMCIA IDE Miniport Driver/Microsoft Corporation) [DISABLED] cbidf2k
Service C:\WINDOWS\system32\DRIVERS\CCDECODE.sys (WDM Closed Caption VBI Codec/Microsoft Corporation) [MANUAL] CCDECODE
Service [DISABLED] cd20xrnt
Service (CD-ROM Audio Filter Driver/Microsoft Corporation) [SYSTEM] Cdaudio
Service (CD-ROM File System Driver/Microsoft Corporation) [DISABLED] Cdfs
Service C:\WINDOWS\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) [SYSTEM] Cdrom
Service [SYSTEM] Changer
Service C:\WINDOWS\system32\cisvc.exe (Content Index service/Microsoft Corporation) [MANUAL] CiSvc
Service C:\WINDOWS\system32\clipsrv.exe (Windows NT DDE Server/Microsoft Corporation) [MANUAL] ClipSrv
Service C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [MANUAL] clr_optimization_v2.0.50727_32
Service [DISABLED] CmdIde
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] COMSysApp
Service ContentFilter
Service ContentIndex
Service [MANUAL] Cpcudnntr
Service [DISABLED] Cpqarray
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] CryptSvc
Service [DISABLED] dac2w2k
Service [DISABLED] dac960nt
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] DcomLaunch
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dhcp
Service C:\WINDOWS\system32\DRIVERS\disk.sys (PnP Disk Driver/Microsoft Corporation) [BOOT] Disk
Service C:\WINDOWS\System32\dmadmin.exe (Proces usługi Menedżera dysków logicznych/Microsoft Corp., Veritas Software) [MANUAL] dmadmin
Service C:\WINDOWS\System32\drivers\dmboot.sys (Sterownik uruchamiania Menedżera dysków NT/Microsoft Corp., Veritas Software) [DISABLED] dmboot
Service C:\WINDOWS\System32\drivers\dmio.sys (Sterownik We/Wy menedżera dysków NT/Microsoft Corp., Veritas Software) [BOOT] dmio
Service C:\WINDOWS\System32\drivers\dmload.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software.) [BOOT] dmload
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] dmserver
Service C:\WINDOWS\system32\drivers\DMusic.sys (Microsoft Kernel DLS Synthesizer/Microsoft Corporation) [MANUAL] DMusic
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dnscache
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Dot3svc
Service [DISABLED] dpti2o
Service C:\WINDOWS\system32\drivers\drmkaud.sys (Microsoft Kernel DRM Audio Descrambler Filter/Microsoft Corporation) [MANUAL] drmkaud
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] EapHost
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ERSvc
Service C:\WINDOWS\system32\services.exe (Usługi i aplikacja Kontroler/Microsoft Corporation) [AUTO] Eventlog
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] EventSystem
Service C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [MANUAL] EverestDriver
Service (Fast FAT File System Driver/Microsoft Corporation) [DISABLED] Fastfat
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] FastUserSwitchingCompatibility
Service C:\WINDOWS\system32\DRIVERS\fdc.sys (Floppy Disk Controller Driver/Microsoft Corporation) [MANUAL] Fdc
Service (Sterownik kryptografii FIPS/Microsoft Corporation) [SYSTEM] Fips
Service C:\WINDOWS\system32\DRIVERS\flpydisk.sys (Floppy Driver/Microsoft Corporation) [MANUAL] Flpydisk
Service C:\WINDOWS\system32\DRIVERS\fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) [BOOT] FltMgr
Service C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (PresentationFontCache.exe/Microsoft Corporation) [MANUAL] FontCache3.0.0.0
Service C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [AUTO] ForceWare Intelligent Application Manager (IAM)
Service C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe (Apache HTTP Server/Apache Software Foundation) [AUTO] ForcewareWebInterface
Service (File System Recognizer Driver/Microsoft Corporation) [SYSTEM] Fs_Rec
Service C:\WINDOWS\system32\DRIVERS\ftdisk.sys (Sterownik dysku FT/Microsoft Corporation) [BOOT] Ftdisk
Service C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) [MANUAL] GEARAspiWDM
Service C:\WINDOWS\system32\giveio.sys [BOOT] giveio
Service C:\WINDOWS\system32\DRIVERS\msgpc.sys (MS General Packet Classifier/Microsoft Corporation) [MANUAL] Gpc
Service C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows (R) Server 2003 DDK provider) [MANUAL] HDAudBus
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] helpsvc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] HidServ
Service C:\WINDOWS\system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) [MANUAL] hidusb
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] hkmsvc
Service [DISABLED] hpn
Service C:\WINDOWS\System32\Drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) [MANUAL] HTTP
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] HTTPFilter
Service [SYSTEM] i2omgmt
Service [DISABLED] i2omp
Service C:\WINDOWS\system32\DRIVERS\i8042prt.sys (Sterownik portu i8042/Microsoft Corporation) [SYSTEM] i8042prt
Service iaStor
Service C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Windows CardSpace/Microsoft Corporation) [MANUAL] idsvc
Service C:\WINDOWS\system32\DRIVERS\imapi.sys (IMAPI Kernel Driver/Microsoft Corporation) [SYSTEM] Imapi
Service C:\WINDOWS\system32\imapi.exe (Image Mastering API/Microsoft Corporation) [MANUAL] ImapiService
Service (InCD File System Driver/Nero AG) [DISABLED] InCDfs
Service C:\WINDOWS\System32\DRIVERS\InCDPass.sys (Ahead RW Filter Driver/Nero AG) [SYSTEM] InCDPass
Service (InCD File System Recognizer/Nero AG) [SYSTEM] InCDrec
Service (Ahead MRW Filter Driver/Nero AG) [SYSTEM] incdrm
Service C:\Program Files\Ahead\InCD\InCDsrv.exe (incdsrv/Nero AG) [DISABLED] InCDsrv
Service inetaccs
Service [DISABLED] ini910u
Service Inport
Service [DISABLED] IntelIde
Service C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys (IPv6 Windows Firewall Driver/Microsoft Corporation) [MANUAL] Ip6Fw
Service C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation) [MANUAL] IpFilterDriver
Service C:\WINDOWS\system32\DRIVERS\ipinip.sys (IP in IP Encapsulation Driver/Microsoft Corporation) [MANUAL] IpInIp
Service C:\WINDOWS\system32\DRIVERS\ipnat.sys (IP Network Address Translator/Microsoft Corporation) [MANUAL] IpNat
Service C:\Program Files\iPod\bin\iPodService.exe (iPodService Module (32-bit)/Apple Inc.) [MANUAL] iPod Service
Service C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec Driver/Microsoft Corporation) [SYSTEM] IPSec
Service C:\WINDOWS\system32\DRIVERS\irenum.sys (Infra-Red Bus Enumerator/Microsoft Corporation) [MANUAL] IRENUM
Service ISAPISearch
Service C:\WINDOWS\system32\DRIVERS\isapnp.sys (Sterownik magistrali ISA PNP/Microsoft Corporation) [BOOT] isapnp
Service C:\Program Files\Java\jre6\bin\jqs.exe [AUTO] JavaQuickStarterService
Service Jraid
Service C:\WINDOWS\system32\DRIVERS\kbdclass.sys (Sterownik klasy klawiatury/Microsoft Corporation) [SYSTEM] Kbdclass
Service C:\WINDOWS\system32\drivers\kmixer.sys (Kernel Mode Audio Mixer/Microsoft Corporation) [MANUAL] kmixer
Service (Kernel Security Support Provider Interface/Microsoft Corporation) [BOOT] KSecDD
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] LanmanServer
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] lanmanworkstation
Service [SYSTEM] lbrtfdc
Service ldap
Service LicenseService
Service C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company) [DISABLED] LightScribeService
Service C:\WINDOWS\system32\DRIVERS\lirsgt.sys [AUTO] lirsgt
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] LmHosts
Service C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Machine Debug Manager/Microsoft Corporation) [AUTO] MDM
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Messenger
Service (Frame buffer simulator/Microsoft Corporation) [SYSTEM] mnmdd
Service C:\WINDOWS\system32\mnmsrvc.exe (Zdalne udostępnianie pulpitu NetMeeting/Microsoft Corporation) [MANUAL] mnmsrvc
Service (Sterownik modemu/Microsoft Corporation) [MANUAL] Modem
Service C:\WINDOWS\system32\DRIVERS\mouclass.sys (Sterownik klasy myszy/Microsoft Corporation) [SYSTEM] Mouclass
Service C:\WINDOWS\system32\DRIVERS\mouhid.sys (Sterownik filtru myszy HID/Microsoft Corporation) [MANUAL] mouhid
Service (Mount Manager/Microsoft Corporation) [BOOT] MountMgr
Service [DISABLED] mraid35x
Service C:\WINDOWS\system32\DRIVERS\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV
Service C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [SYSTEM] MRxSmb
Service C:\WINDOWS\system32\msdtc.exe (MS DTC console program/Microsoft Corporation) [MANUAL] MSDTC
Service MSDTC Bridge 3.0.0.0
Service (Mailslot driver/Microsoft Corporation) [SYSTEM] Msfs
Service C:\WINDOWS\system32\msiexec.exe (Windows® installer/Microsoft Corporation) [MANUAL] MSIServer
Service C:\WINDOWS\system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV
Service C:\WINDOWS\system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK
Service C:\WINDOWS\system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM
Service C:\WINDOWS\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [MANUAL] mssmbios
Service C:\WINDOWS\system32\drivers\MSTEE.sys (WDM Tee/Communication Transform Filter /Microsoft Corporation) [MANUAL] MSTEE
Service C:\WINDOWS\system32\DRIVERS\ASACPI.sys [MANUAL] MTsensor
Service (Multiple UNC Provider driver/Microsoft Corporation) [BOOT] Mup
Service C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys (WDM NABTS/FEC VBI Codec/Microsoft Corporation) [MANUAL] NABTSFEC
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] napagent
Service (NDIS 5.1 wrapper driver/Microsoft Corporation) [BOOT] NDIS
Service C:\WINDOWS\system32\DRIVERS\NdisIP.sys (Microsoft IP Driver/Microsoft Corporation) [MANUAL] NdisIP
Service C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) [MANUAL] NdisTapi
Service C:\WINDOWS\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O Driver/Microsoft Corporation) [MANUAL] Ndisuio
Service C:\WINDOWS\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) [MANUAL] NdisWan
Service (NDIS Proxy/Microsoft Corporation) [MANUAL] NDProxy
Service C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) [SYSTEM] NetBIOS
Service C:\WINDOWS\system32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) [SYSTEM] NetBT
Service C:\WINDOWS\system32\netdde.exe (DDE sieci - komunikacja DDE/Microsoft Corporation) [DISABLED] NetDDE
Service C:\WINDOWS\system32\netdde.exe (DDE sieci - komunikacja DDE/Microsoft Corporation) [DISABLED] NetDDEdsdm
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] Netlogon
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Netman
Service C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (SMSvcHost.exe/Microsoft Corporation) [DISABLED] NetTcpPortSharing
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Nla
Service (NPFS Driver/Microsoft Corporation) [SYSTEM] Npfs
Service C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe (ActiveArmor Firewall IP Service/NVIDIA Corporation) [AUTO] nSvcIp
Service C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe (nSvcLog/NVIDIA Corporation) [AUTO] nSvcLog
Service (NT File System Driver/Microsoft Corporation) [DISABLED] Ntfs
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] NtLmSsp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] NtmsSvc
Service (NULL Driver/Microsoft Corporation) [SYSTEM] Null
Service C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Compatible Windows 2000 Miniport Driver, Version 260.89 /NVIDIA Corporation) [MANUAL] nv
Service (NVIDIA® nForce(TM) IDE Performance Driver/NVIDIA Corporation) [BOOT] nvatabus
Service C:\WINDOWS\system32\DRIVERS\NVENETFD.sys (NVIDIA Networking Function Driver./NVIDIA Corporation) [MANUAL] NVENETFD
Service C:\WINDOWS\system32\DRIVERS\nvgts.sys (NVIDIA® nForce(TM) Sata Performance Driver/NVIDIA Corporation) [BOOT] nvgts
Service C:\WINDOWS\system32\DRIVERS\nvnetbus.sys (NVIDIA Networking Bus Driver./NVIDIA Corporation) [MANUAL] nvnetbus
Service nvraid
Service nvrd32
Service C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Driver Helper Service, Version 260.89/NVIDIA Corporation) [AUTO] nvsvc
Service C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys (NWLINK2 Traffic Filter Driver/Microsoft Corporation) [MANUAL] NwlnkFlt
Service C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys (NWLINK2 Forwarder Driver/Microsoft Corporation) [MANUAL] NwlnkFwd
Service C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Office Source Engine/Microsoft Corporation) [MANUAL] ose
Service Outlook
Service C:\WINDOWS\system32\DRIVERS\parport.sys (Sterownik portu równoległego/Microsoft Corporation) [MANUAL] Parport
Service (Partition Manager/Microsoft Corporation) [BOOT] PartMgr
Service (VDM Parallel Driver/Microsoft Corporation) [AUTO] ParVdm
Service C:\WINDOWS\system32\DRIVERS\pci.sys (Licznik NT Plug and Play PCI/Microsoft Corporation) [BOOT] PCI
Service [SYSTEM] PCIDump
Service C:\WINDOWS\system32\DRIVERS\pciide.sys (Rodzajowy sterownik magistrali PCI IDE/Microsoft Corporation) [BOOT] PCIIde
Service (Sterownik magistrali PCMCIA/Microsoft Corporation) [DISABLED] Pcmcia
Service [MANUAL] PDCOMP
Service [MANUAL] PDFRAME
Service [MANUAL] PDRELI
Service [MANUAL] PDRFRAME
Service [DISABLED] perc2
Service [DISABLED] perc2hib
Service PerfDisk
Service PerfNet
Service PerfOS
Service PerfProc
Service C:\WINDOWS\system32\services.exe (Usługi i aplikacja Kontroler/Microsoft Corporation) [AUTO] PlugPlay
Service C:\WINDOWS\system32\PnkBstrA.exe [AUTO] PnkBstrA
Service PnP680
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] PolicyAgent
Service C:\WINDOWS\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) [MANUAL] PptpMiniport
Service C:\WINDOWS\system32\DRIVERS\processr.sys (Sterownik urządzenia procesora/Microsoft Corporation) [SYSTEM] Processor
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] ProtectedStorage
Service C:\WINDOWS\system32\DRIVERS\psched.sys (MS QoS Packet Scheduler/Microsoft Corporation) [MANUAL] PSched
Service C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink
Service C:\WINDOWS\System32\Drivers\PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) [BOOT] PxHelp20
Service [DISABLED] ql1080
Service [DISABLED] Ql10wnt
Service [DISABLED] ql12160
Service [DISABLED] ql1240
Service [DISABLED] ql1280
Service C:\WINDOWS\system32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) [SYSTEM] RasAcd
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasAuto
Service C:\WINDOWS\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Rasl2tp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasMan
Service C:\WINDOWS\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) [MANUAL] RasPppoe
Service C:\WINDOWS\system32\DRIVERS\raspti.sys (PTI DirectParallel(R) mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Raspti
Service C:\WINDOWS\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) [SYSTEM] Rdbss
Service C:\WINDOWS\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPCDD
Service RDPDD
Service C:\WINDOWS\system32\DRIVERS\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) [MANUAL] rdpdr
Service RDPNP
Service (RDP Terminal Stack Driver (US/Canada Only, Not for Export)/Microsoft Corporation) [MANUAL] RDPWD
Service C:\WINDOWS\system32\sessmgr.exe (Menedżer sesji pomocy pulpitu zdalnego Microsoft®/Microsoft Corporation) [MANUAL] RDSessMgr
Service C:\WINDOWS\system32\DRIVERS\redbook.sys (Sterownik filtru audio Redbook/Microsoft Corporation) [SYSTEM] redbook
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] RemoteAccess
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RemoteRegistry
Service C:\WINDOWS\system32\locator.exe (Rpc Locator/Microsoft Corporation) [MANUAL] RpcLocator
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RpcSs
Service C:\WINDOWS\system32\rsvp.exe (Microsoft RSVP/Microsoft Corporation) [MANUAL] RSVP
Service C:\WINDOWS\system32\DRIVERS\wg111v3.sys (NETGEAR WG111v3 Wireless-G USB Adapter NDIS Driver/Realtek Semiconductor Corporation ) [MANUAL] RTL8187B
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] SamSs
Service C:\Program Files\Sandboxie\SbieDrv.sys (Sandboxie Kernel Mode Driver/tzuk) [MANUAL] SbieDrv
Service C:\Program Files\Sandboxie\SbieSvc.exe (Sandboxie Service/tzuk) [AUTO] SbieSvc
Service C:\WINDOWS\System32\SCardSvr.exe (Smart Card Resource Management Server/Microsoft Corporation) [MANUAL] SCardSvr
Service (PowerISO Virtual Drive/PowerISO Computing, Inc.) [SYSTEM] SCDEmu
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Schedule
Service C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [MANUAL] Secdrv
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] seclogon
Service C:\WINDOWS\system32\drivers\Senfilt.sys (Sensaura WDM 3D Audio Driver/Sensaura) [MANUAL] SenFiltService
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SENS
Service C:\WINDOWS\system32\DRIVERS\serenum.sys (Serial Port Enumerator/Microsoft Corporation) [MANUAL] serenum
Service C:\WINDOWS\system32\DRIVERS\serial.sys (Sterownik urządzenia szeregowego/Microsoft Corporation) [SYSTEM] Serial
Service C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (ServiceLayer Module/Nokia.) [MANUAL] ServiceLayer
Service ServiceModelEndpoint 3.0.0.0
Service ServiceModelOperation 3.0.0.0
Service ServiceModelService 3.0.0.0
Service (SCSI Floppy Driver/Microsoft Corporation) [SYSTEM] Sfloppy
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SharedAccess
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ShellHWDetection
Service (Serial ATA miniport driver/Silicon Image, Inc.) [BOOT] Si3112
Service Si3114
Service (SATA SoftRAID 5 miniport driver/Silicon Image, Inc) [BOOT] Si3114r5
Service (Serial ATA miniport driver/Silicon Image, Inc.) [BOOT] Si3124
Service Si3124r5
Service (Serial ATA miniport driver/Silicon Image, Inc.) [BOOT] Si3132
Service (SATA SoftRAID 5 miniport driver/Silicon Image, Inc) [BOOT] Si3132r5
Service (SATA Controller miniport driver/Silicon Image, Inc) [BOOT] Si3531
Service [DISABLED] Simbad
Service C:\WINDOWS\system32\DRIVERS\SLIP.sys (Microsoft Slip Deframing Filter Minidriver/Microsoft Corporation) [MANUAL] SLIP
Service SMSvcHost 3.0.0.0
Service C:\WINDOWS\System32\Drivers\SnopFree.sys [BOOT] SnoopFree
Service C:\WINDOWS\System32\SnoopFreeSvc.exe [AUTO] SnoopFreeSvc
Service [DISABLED] Sparrow
Service C:\WINDOWS\system32\drivers\SPC520.sys (Philips SPC520 Camera Driver (WDM Main Driver)/Philips ) [MANUAL] SPC520
Service C:\WINDOWS\system32\drivers\SPC520m.sys (Philips SPC520 Camera Driver (DS MiniDriver) /Philips ) [MANUAL] SPC520m
Service C:\WINDOWS\system32\speedfan.sys (SpeedFan Device Driver/Windows (R) 2000 DDK provider) [BOOT] speedfan
Service C:\WINDOWS\system32\drivers\splitter.sys (Microsoft Kernel Audio Splitter/Microsoft Corporation) [MANUAL] splitter
Service C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) [AUTO] Spooler
Service C:\WINDOWS\System32\Drivers\sptd.sys [BOOT] sptd
Service C:\WINDOWS\system32\DRIVERS\sr.sys (Sterownik filtru systemu plików Przywracania systemu/Microsoft Corporation) [BOOT] sr
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] srservice
Service C:\WINDOWS\system32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] Srv
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] SSDPSRV
Service C:\WINDOWS\system32\DRIVERS\ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) [SYSTEM] ssmdrv
Service C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe (StarWind iSCSI Target (Alcohol Edition)/Rocket Division Software) [AUTO] StarWindService
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] stisvc
Service C:\WINDOWS\system32\DRIVERS\StreamIP.sys (Microsoft IP Test Driver/Microsoft Corporation) [MANUAL] streamip
Service C:\WINDOWS\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum
Service C:\WINDOWS\system32\drivers\swmidi.sys (Microsoft GS Wavetable Synthesizer/Microsoft Corporation) [MANUAL] swmidi
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] SwPrv
Service [DISABLED] symc810
Service [DISABLED] symc8xx
Service [DISABLED] sym_hi
Service [DISABLED] sym_u3
Service C:\WINDOWS\system32\drivers\sysaudio.sys (System Audio WDM Filter/Microsoft Corporation) [MANUAL] sysaudio
Service C:\WINDOWS\system32\smlogsvc.exe (Usługa dzienników wydajności i alertów/Microsoft Corporation) [MANUAL] SysmonLog
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TapiSrv
Service C:\WINDOWS\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation) [SYSTEM] Tcpip
Service (Named Pipe Transport Driver/Microsoft Corporation) [MANUAL] TDPIPE
Service (TCP Transport Driver/Microsoft Corporation) [MANUAL] TDTCP
Service C:\WINDOWS\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) [SYSTEM] TermDD
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TermService
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Themes
Service C:\WINDOWS\system32\tlntsvr.exe (Usługa Telnet/Microsoft Corporation) [MANUAL] TlntSvr
Service [DISABLED] TosIde
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] TrkWks
Service TSDDD
Service (UDF File System Driver/Microsoft Corporation) [DISABLED] Udfs
Service [DISABLED] ultra
Service C:\WINDOWS\system32\DRIVERS\update.sys (Update Driver/Microsoft Corporation) [MANUAL] Update
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] upnphost
Service C:\WINDOWS\System32\ups.exe (UPS Service/Microsoft Corporation) [MANUAL] UPS
Service C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple Mobile Device USB Driver/Apple, Inc.) [MANUAL] USBAAPL
Service C:\WINDOWS\system32\drivers\usbaudio.sys (USB Audio Class Driver/Microsoft Corporation) [MANUAL] usbaudio
Service C:\WINDOWS\system32\DRIVERS\usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation) [MANUAL] usbccgp
Service C:\WINDOWS\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) [MANUAL] usbehci
Service C:\WINDOWS\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) [MANUAL] usbhub
Service C:\WINDOWS\system32\DRIVERS\usbohci.sys (OHCI USB Miniport Driver/Microsoft Corporation) [MANUAL] usbohci
Service C:\WINDOWS\system32\DRIVERS\usbscan.sys (USB Scanner Driver/Microsoft Corporation) [MANUAL] usbscan
Service C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation) [MANUAL] USBSTOR
Service C:\WINDOWS\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [SYSTEM] VgaSave
Service [DISABLED] ViaIde
Service viamraid
Service (Sterownik kopiowania woluminów w tle/Microsoft Corporation) [BOOT] VolSnap
Service C:\WINDOWS\System32\vssvc.exe (Usługa kopiowania woluminów w tle Microsoft®/Microsoft Corporation) [MANUAL] VSS
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] W32Time
Service W3SVC
Service C:\WINDOWS\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) [MANUAL] Wanarp
Service C:\WINDOWS\system32\DRIVERS\wanatw4.sys (Wan Miniport (ATW)/America Online, Inc.) [MANUAL] wanatw
Service C:\WINDOWS\wanmpsvc.exe (Wan Miniport (ATW) Service/America Online, Inc.) [AUTO] WANMiniportService
Service [MANUAL] WDICA
Service C:\WINDOWS\system32\drivers\wdmaud.sys (MMSYSTEM Wave/Midi API mapper/Microsoft Corporation) [MANUAL] wdmaud
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WebClient
Service Windows Workflow Foundation 3.0.0.0
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] winmgmt
Service [MANUAL] Winsock
Service WinSock2
Service WinTrust
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] WmdmPmSN
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Wmi
Service WmiApRpl
Service C:\WINDOWS\system32\wbem\wmiapsrv.exe (Usługa karty wydajności WMI/Microsoft Corporation) [MANUAL] WmiApSrv
Service C:\Program Files\Windows Media Player\WMPNetwk.exe (Usługa udostępniania w sieci programu Windows Media Player/Microsoft Corporation) [DISABLED] WMPNetworkSvc
Service C:\WINDOWS\System32\drivers\ws2ifsl.sys (Winsock2 IFS Layer/Microsoft Corporation) [SYSTEM] WS2IFSL
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wscsvc
Service C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS (WDM WST Codec Driver/Microsoft Corporation) [MANUAL] WSTCODEC
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wuauserv
Service C:\WINDOWS\system32\DRIVERS\WudfPf.sys (Windows Driver Foundation - User-mode Driver Framework Platform Driver/Microsoft Corporation) [MANUAL] WudfPf
Service C:\WINDOWS\system32\DRIVERS\wudfrd.sys (Windows Driver Foundation - User-mode Driver Framework Reflector/Microsoft Corporation) [MANUAL] WudfRd
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] WudfSvc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WZCSVC
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] xmlprov
Service {1392BF3B-04DB-4FF2-B6EB-5835A832A4E5}
Service {5B372BBB-2744-4B5A-883D-1DF92341242E}
Service {C2460799-C1C2-4AF9-A3ED-5C620AF8767F}

---- EOF - GMER 1.0.15 ----
[/log]


Catchme:

[log]catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-16 17:36:57
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:58,d0,2a,09,2a,d6,10,63,ff,25,0e,83,d2,61,df,eb,ca,14,be,8f,40,..
"p0"="C:\Program Files\Alcohol Soft\Alcohol 52\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000001
"khjeh"=hex:16,1d,df,73,24,b7,8e,34,7e,b5,12,67,77,f4,1f,4f,42,ab,6d,0f,92,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,62,bc,b9,89,da,41,05,cd,3e,d3,a9,53,c2,68,8e,f2,d4,..
"khjeh"=hex:81,f7,2e,3b,f2,c3,f0,73,ed,49,74,5c,99,1f,78,d2,a6,d4,fd,5e,61,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:0f,42,ae,1f,51,29,f9,70,87,9b,4c,0d,57,22,99,b8,9e,f9,0d,b9,bb,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:d26eb8ed
"s2"=dword:c25fc18c
"h0"=dword:00000002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:58,d0,2a,09,2a,d6,10,63,ff,25,0e,83,d2,61,df,eb,ca,14,be,8f,40,..
"p0"="C:\Program Files\Alcohol Soft\Alcohol 52\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000001
"khjeh"=hex:16,1d,df,73,24,b7,8e,34,7e,b5,12,67,77,f4,1f,4f,42,ab,6d,0f,92,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,62,bc,b9,89,da,41,05,cd,3e,d3,a9,53,c2,68,8e,f2,d4,..
"khjeh"=hex:81,f7,2e,3b,f2,c3,f0,73,ed,49,74,5c,99,1f,78,d2,a6,d4,fd,5e,61,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:0f,42,ae,1f,51,29,f9,70,87,9b,4c,0d,57,22,99,b8,9e,f9,0d,b9,bb,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:58,d0,2a,09,2a,d6,10,63,ff,25,0e,83,d2,61,df,eb,ca,14,be,8f,40,..
"p0"="C:\Program Files\Alcohol Soft\Alcohol 52\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000001
"khjeh"=hex:16,1d,df,73,24,b7,8e,34,7e,b5,12,67,77,f4,1f,4f,42,ab,6d,0f,92,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,62,bc,b9,89,da,41,05,cd,3e,d3,a9,53,c2,68,8e,f2,d4,..
"khjeh"=hex:81,f7,2e,3b,f2,c3,f0,73,ed,49,74,5c,99,1f,78,d2,a6,d4,fd,5e,61,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:0f,42,ae,1f,51,29,f9,70,87,9b,4c,0d,57,22,99,b8,9e,f9,0d,b9,bb,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

[/log]


Mam nadzieje ze tyle wystarczy :) Bardzo prosze o sprawdzenie logow czy nic tam nie siedzi.

Tomek01
komentarz
komentarz

Najbardziej zastanawia mnie gigantycznie rozbudowany plik HOSTS.
SpyBoot załatwił sprawę.

Najlepiej przedstawiła to Sz.P. Picasso: http://www.searchengines.pl/Zuzycie-CPU-100-poki-nie-podlacze-neta-t124454.html/page__pid__544183#entry544183

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.