x-kom hosting

Złośliwy Wirus

DaMiAnO_973
utworzono
utworzono

Siemka, ostatnio pobrałem plik który był zarażony wirusem a mój anty wirus nic nie wykrył. Co chwile wyświetlają się reklamy za pomocą IE. Chciałem usunąć Internet Explorer, ale pomyślałem że wy może pomożecie. Jedynie co wiem to, to że wirus w procesach nazywa się Zq1.exe, Zq2.exe, Zkowaa.exe . Ma ktoś jakieś pomysły jak go usunąć?

danielek316
komentarz
komentarz

Na początek wrzuć logi z OTL i RSIT: http://www.forumpc.pl/index.php?showtopic=104338

DaMiAnO_973
komentarz
komentarz

[log]OTL logfile created on: 2010-12-19 10:05:50 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = D:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 58,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 37,81 Gb Free Space | 77,44% Space Free | Partition Type: NTFS
Drive D: | 137,47 Gb Total Space | 56,75 Gb Free Space | 41,28% Space Free | Partition Type: NTFS

Computer Name: DAMIAN-KOMPUTER | User Name: Damian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-12-19 09:54:42 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2010-12-18 12:25:09 | 000,201,216 | ---- | M] () -- C:\Documents and Settings\Damian\Ustawienia lokalne\Temp\Zq1.exe
PRC - [2010-12-09 00:28:23 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2010-10-21 22:00:13 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-10-16 10:02:41 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2010-10-11 16:49:48 | 014,940,040 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2010-10-07 09:04:26 | 012,661,344 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2009-11-25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008-10-07 06:33:00 | 000,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008-05-16 11:33:48 | 020,336,640 | ---- | M] () -- C:\Program Files\Orange\Orange.exe
PRC - [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 21:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 21:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 21:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 21:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 21:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 21:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-05-16 08:27:38 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007-05-16 08:27:28 | 000,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2007-05-16 08:27:16 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006-08-14 13:00:04 | 016,050,176 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2004-08-11 00:45:04 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-12-19 09:54:42 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
MOD - [2010-12-10 15:26:01 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2009-11-25 00:50:32 | 000,139,264 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll
MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 21:51:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008-04-14 21:51:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008-04-14 21:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 21:50:58 | 000,668,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2008-04-14 21:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 21:50:58 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2008-04-14 21:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 21:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 21:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 21:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 21:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 21:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 21:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 21:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 21:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 21:50:42 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2008-04-14 21:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 21:50:42 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 21:50:40 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstask.dll
MOD - [2008-04-14 21:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 21:50:38 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2008-04-14 21:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 21:50:36 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2008-04-14 21:50:34 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2008-04-14 21:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 21:50:28 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2008-04-14 21:50:18 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2008-04-14 21:50:18 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2008-04-14 21:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 21:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 21:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 21:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 21:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 21:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 21:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-12-18 10:52:28 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2002-12-17 16:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002-12-17 16:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- I:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | On_Demand | Stopped] -- I:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | On_Demand | Stopped] -- I:\install4\MSICPL.sys -- (MSICPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- I:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - [2010-10-11 13:29:45 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-11-25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009-11-25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-11-25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-11-25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-11-25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009-11-25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008-10-07 06:33:00 | 006,133,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008-04-23 09:30:12 | 000,688,864 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2008-04-23 09:30:12 | 000,060,533 | ---- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)
DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006-08-15 13:41:16 | 004,368,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-07-11 14:38:30 | 000,020,480 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006-07-11 14:38:28 | 000,057,856 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006-06-28 16:38:56 | 000,105,088 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006-06-18 22:51:32 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)


[color=#E56717]========== Standard Registry (All) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1645522239-527237240-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1645522239-527237240-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-1645522239-527237240-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-1645522239-527237240-682003330-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1645522239-527237240-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-10-21 22:00:13 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010-12-18 11:03:09 | 000,000,771 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (Pomocnik rejestracji usługi Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-1645522239-527237240-682003330-1003\..\Toolbar\ShellBrowser: (&Adres) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1645522239-527237240-682003330-1003\..\Toolbar\WebBrowser: (&Adres) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1645522239-527237240-682003330-1003\..\Toolbar\WebBrowser: (&Łącza) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OrangeDeamon] C:\Program Files\Orange\Orange.exe ()
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinSys2] C:\WINDOWS\system32\WinSys2.exe ()
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1645522239-527237240-682003330-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1645522239-527237240-682003330-1003..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1645522239-527237240-682003330-1003..\Run: [JP595IR86O] C:\Documents and Settings\Damian\Ustawienia lokalne\Temp\Zq1.exe ()
O4 - HKU\S-1-5-21-1645522239-527237240-682003330-1003..\Run: [NtWqIVLZEWZU] C:\Documents and Settings\Damian\Ustawienia lokalne\Temp\Zq2.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1645522239-527237240-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Moduł wstępnego ładowania interfejsu Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Demon buforu kategorii składników - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-10-09 14:34:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - Unable to obtain root file information for disk D:\
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-12-18 20:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Moje dokumenty\Updater
[2010-12-18 19:32:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Damian\Recent
[2010-12-18 11:04:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Moje dokumenty\Adobe
[2010-12-18 11:04:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet
[2010-12-18 10:57:32 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2010-12-18 10:57:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010-12-18 10:52:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2010-12-18 09:31:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Moje dokumenty\Downloads
[2010-12-17 06:46:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2010-12-13 22:40:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2010-12-13 22:40:19 | 000,130,048 | R--- | C] (www.madshi.net) -- C:\WINDOWS\System32\MadCHook.dll
[2010-12-13 22:40:10 | 001,773,568 | R--- | C] (MSI) -- C:\WINDOWS\System32\msicpl.dll
[2010-12-12 10:16:21 | 000,000,000 | ---D | C] -- C:\Program Files\Pixelan
[2010-12-12 10:15:57 | 000,000,000 | ---D | C] -- C:\Program Files\Velvetmatter
[2010-12-11 12:33:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010-12-10 19:18:34 | 000,000,000 | ---D | C] -- C:\ProgramData
[2010-12-10 19:18:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-12-10 19:18:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Moje dokumenty\Electronic Arts
[2010-12-10 19:15:02 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010-12-10 19:12:36 | 000,447,752 | R--- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2010-12-10 19:12:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE
[2010-12-10 16:28:34 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Damian\Moje dokumenty\Moje obrazy
[2010-12-10 16:22:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Damian\Moje dokumenty\Moja muzyka
[2010-12-10 15:23:31 | 000,000,000 | ---D | C] -- C:\Program Files\Vista Inspirat 2
[2010-12-10 15:23:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\BricoPacks
[2010-12-06 17:44:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\Ventrilo
[2010-12-06 17:44:18 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2010-12-05 17:26:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Pulpit\FatalAim CSS Release E
[2010-11-28 16:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Help
[2010-11-28 10:29:10 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\WINDOWS\System32\tm20dec.ax
[2010-11-28 01:21:32 | 000,000,000 | ---D | C] -- C:\Program Files\Sanny Builder 3
[2010-11-22 13:58:53 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2010-11-19 14:52:55 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2010-11-19 14:52:55 | 000,151,552 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2010-11-19 14:52:55 | 000,039,936 | ---- | C] (Disappearing Inc.) -- C:\WINDOWS\System32\huffyuv.dll
[2010-11-19 14:52:54 | 000,413,760 | ---- | C] (Hacked with Joy !) -- C:\WINDOWS\System32\DivXc32f.dll
[2010-11-19 14:52:54 | 000,413,760 | ---- | C] (Hacked with Joy !) -- C:\WINDOWS\System32\DivXc32.dll
[2010-11-19 14:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010-11-11 11:23:11 | 000,000,000 | ---D | C] -- C:\Program Files\Vstplugins
[2010-11-11 11:23:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony
[2010-11-10 19:32:45 | 000,068,704 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-11-10 19:28:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010-11-10 19:28:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2010-11-10 19:28:09 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010-11-09 18:58:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\FileZilla
[2010-11-09 18:56:30 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2010-11-07 22:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\mIRC
[2010-11-06 13:42:01 | 000,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-11-06 13:42:01 | 000,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2010-11-06 13:42:01 | 000,048,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-11-06 13:42:01 | 000,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-11-06 13:42:01 | 000,023,120 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-11-06 13:42:01 | 000,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-11-06 13:42:00 | 000,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-11-06 13:42:00 | 000,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-11-06 13:41:50 | 001,280,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-10-31 13:03:01 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-10-31 13:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-10-30 12:01:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010-10-30 12:01:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010-10-30 12:00:01 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Damian\UserData
[2010-10-29 13:17:43 | 000,131,948 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit0001.jpg
[2010-10-26 18:36:24 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010-10-24 20:02:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\TeamViewer
[2010-10-24 20:02:44 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010-10-24 17:44:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\Gadu-Gadu 10
[2010-10-24 17:44:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-10-24 17:44:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010-10-24 17:43:45 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10
[2010-10-24 11:53:41 | 000,000,116 | ---- | C] () -- C:\Documents and Settings\Damian\default.pls
[2010-10-24 11:45:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\DAEMON Tools Images
[2010-10-24 11:33:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Ahead
[2010-10-24 11:11:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\Ahead
[2010-10-24 11:10:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Ahead
[2010-10-24 11:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2010-10-24 11:09:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nero
[2010-10-24 11:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2010-10-24 11:09:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010-10-21 22:00:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2010-10-21 22:00:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010-10-21 22:00:43 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010-10-21 22:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\SystemRequirementsLab
[2010-10-21 22:00:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010-10-21 22:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-10-21 21:58:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\Sun
[2010-10-09 17:30:11 | 000,016,200 | ---- | C] () -- C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-10-09 17:21:41 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-10-09 16:04:02 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2010-10-09 15:08:44 | 004,286,362 | -H-- | C] () -- C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-10-09 14:40:46 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\Damian\Dane aplikacji\desktop.ini
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-12-19 10:05:05 | 000,001,136 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-527237240-682003330-1003UA.job
[2010-12-19 09:58:32 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010-12-19 09:43:58 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2010-12-19 09:28:00 | 000,000,248 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010-12-19 09:24:13 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-19 09:00:25 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-12-19 08:39:39 | 000,201,647 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-12-19 08:39:18 | 000,000,304 | -HS- | M] () -- C:\WINDOWS\tasks\Mgbznnygqm.job
[2010-12-19 08:39:18 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-12-19 08:38:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-12-19 01:09:39 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\Damian\NTUSER.DAT
[2010-12-19 01:06:12 | 000,221,347 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\Image0.jpg
[2010-12-18 19:50:59 | 000,499,918 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-12-18 19:50:58 | 001,117,440 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-12-18 19:50:58 | 000,443,444 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-12-18 19:50:58 | 000,088,550 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-12-18 19:50:58 | 000,072,916 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-12-18 16:01:30 | 004,286,362 | -H-- | M] () -- C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-12-18 13:27:26 | 000,000,000 | ---- | M] () -- C:\WINDOWS\msicpl.ini
[2010-12-18 12:25:06 | 000,126,464 | RHS- | M] () -- C:\WINDOWS\System32\ccfgnt8.dll
[2010-12-18 11:11:56 | 001,985,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-12-18 11:04:39 | 000,016,200 | ---- | M] () -- C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-12-18 11:01:10 | 000,001,016 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\Adobe After Effects CS4.lnk
[2010-12-18 08:46:39 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-12-17 15:05:00 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-527237240-682003330-1003Core.job
[2010-12-15 15:09:23 | 000,002,311 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\Google Chrome.lnk
[2010-12-14 23:41:48 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Damian\ntuser.ini
[2010-12-13 23:22:53 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-12-13 22:37:04 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-12-13 16:03:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-12-10 19:12:14 | 000,000,547 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 3.lnk
[2010-12-10 15:36:33 | 000,005,466 | ---- | M] () -- C:\WINDOWS\BricoPackFoldersDelete.cmd
[2010-12-10 15:36:32 | 000,071,129 | ---- | M] () -- C:\WINDOWS\BricoPackUninst.cmd
[2010-12-10 15:36:29 | 003,932,214 | ---- | M] () -- C:\WINDOWS\BricoPack Wallpaper.bmp
[2010-12-06 22:29:03 | 000,233,328 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010-12-06 22:29:03 | 000,233,328 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010-12-06 22:29:03 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010-12-05 17:25:34 | 000,193,694 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\FatalAim CSS Release E.rar
[2010-12-01 19:17:03 | 000,000,919 | ---- | M] () -- C:\WINDOWS\GTA-SA_Trn_Settings.ini
[2010-11-28 10:29:07 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010-11-28 10:29:07 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010-11-28 01:21:33 | 000,000,646 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Sanny Builder 3.lnk
[2010-11-22 14:16:46 | 000,000,309 | ---- | M] () -- C:\WINDOWS\game.ini
[2010-11-11 22:37:40 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\Counter-Strike Source.lnk
[2010-11-11 22:25:11 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\CSS Movie Making.lnk
[2010-11-11 11:23:14 | 000,001,629 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Vegas 7.0.lnk
[2010-11-06 13:42:01 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2010-10-31 18:31:28 | 000,000,116 | ---- | M] () -- C:\Documents and Settings\Damian\default.pls
[2010-10-30 14:50:57 | 000,000,603 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\Skrót do samp.lnk
[2010-10-30 14:50:51 | 000,000,615 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\San Andreas in Vice City Launcher.lnk
[2010-10-30 14:50:37 | 000,000,615 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\GTA San Andreas.lnk
[2010-10-30 09:31:49 | 000,233,960 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010-10-30 09:28:33 | 000,138,520 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-10-29 13:17:43 | 000,131,948 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit0001.jpg
[2010-10-26 18:36:25 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\CCleaner.lnk
[2010-10-24 17:44:43 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-10-24 11:09:35 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-12-19 01:06:12 | 000,221,347 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\Image0.jpg
[2010-12-18 13:44:24 | 000,001,016 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\Adobe After Effects CS4.lnk
[2010-12-18 13:27:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2010-12-18 12:25:22 | 000,000,286 | -H-- | C] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2010-12-18 12:25:15 | 000,000,286 | -H-- | C] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010-12-18 12:25:11 | 000,000,248 | -H-- | C] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010-12-18 12:25:06 | 000,126,464 | RHS- | C] () -- C:\WINDOWS\System32\ccfgnt8.dll
[2010-12-18 12:25:06 | 000,000,304 | -HS- | C] () -- C:\WINDOWS\tasks\Mgbznnygqm.job
[2010-12-13 22:41:40 | 000,201,647 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2010-12-13 22:40:23 | 000,019,162 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010-12-13 22:40:19 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll
[2010-12-13 22:40:12 | 000,208,896 | R--- | C] () -- C:\WINDOWS\System32\WinSys2.exe
[2010-12-13 22:40:12 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll
[2010-12-13 22:35:39 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-12-10 19:12:14 | 000,000,547 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 3.lnk
[2010-12-10 15:35:10 | 000,005,466 | ---- | C] () -- C:\WINDOWS\BricoPackFoldersDelete.cmd
[2010-12-10 15:26:02 | 000,071,129 | ---- | C] () -- C:\WINDOWS\BricoPackUninst.cmd
[2010-12-10 15:25:56 | 003,932,214 | ---- | C] () -- C:\WINDOWS\BricoPack Wallpaper.bmp
[2010-12-05 17:25:15 | 000,193,694 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\FatalAim CSS Release E.rar
[2010-11-28 10:29:03 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010-11-28 10:29:03 | 000,005,672 | ---- | C] () -- C:\WINDOWS\System32\quartz.vxd
[2010-11-28 01:21:33 | 000,000,646 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Sanny Builder 3.lnk
[2010-11-22 14:16:45 | 000,000,309 | ---- | C] () -- C:\WINDOWS\game.ini
[2010-11-19 14:52:56 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-11-19 14:52:56 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010-11-19 14:52:54 | 002,931,712 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2010-11-19 14:52:54 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-11-19 14:52:54 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-11-19 14:52:53 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-11-19 14:52:53 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010-11-11 22:37:27 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\Counter-Strike Source.lnk
[2010-11-11 11:23:14 | 000,001,629 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Vegas 7.0.lnk
[2010-11-06 13:42:01 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2010-11-06 13:41:50 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2010-10-30 15:02:18 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\CSS Movie Making.lnk
[2010-10-26 18:36:25 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\CCleaner.lnk
[2010-10-24 17:44:43 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-10-24 11:53:34 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-10-16 10:02:55 | 000,138,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-10-13 16:45:50 | 000,000,919 | ---- | C] () -- C:\WINDOWS\GTA-SA_Trn_Settings.ini
[2010-10-11 13:29:44 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-10-09 16:04:35 | 001,117,440 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-10-09 16:04:34 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-10-09 15:07:46 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010-10-09 14:50:53 | 000,688,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2010-10-09 14:50:53 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\setup.ini
[2010-10-09 14:50:53 | 000,000,161 | ---- | C] () -- C:\WINDOWS\DSLSetup.ini
[2010-10-09 14:34:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2010-10-09 14:30:43 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2010-10-09 14:30:43 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2010-10-09 14:29:50 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2010-10-09 14:29:48 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2009-01-14 14:35:57 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\RegisterDialog.dll
[2008-10-07 06:33:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008-10-07 06:33:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008-10-07 06:33:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008-10-07 06:33:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-10-07 06:33:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004-08-03 23:44:10 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2004-08-03 23:44:04 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2004-08-03 23:43:58 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2004-08-03 23:43:56 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll
[2004-08-03 23:43:54 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2004-08-03 23:43:16 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2004-08-03 21:46:56 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2004-08-03 21:45:34 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2004-08-03 21:45:16 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2004-08-03 21:45:16 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2004-08-03 21:45:14 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2004-08-03 21:45:12 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2004-07-17 10:46:14 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2004-07-17 10:34:48 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2001-10-26 20:29:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2001-10-26 20:29:32 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2001-10-26 20:28:34 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2001-10-26 20:27:02 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2001-10-26 19:15:04 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2001-10-26 19:14:52 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2001-10-26 19:14:32 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2001-10-26 19:12:52 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2001-10-26 18:45:26 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2001-10-26 18:45:26 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2001-10-26 18:45:24 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2001-10-26 18:42:08 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2001-10-26 18:42:08 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2001-10-26 18:42:08 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2001-10-26 18:42:08 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2001-10-26 18:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2001-08-18 00:31:56 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2001-08-18 00:31:56 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2001-08-18 00:31:50 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2001-08-18 00:31:46 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2001-08-18 00:31:46 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2001-08-18 00:31:44 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2001-08-18 00:13:24 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2001-08-17 22:55:06 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2001-07-22 05:25:18 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2001-07-22 01:16:20 | 000,000,477 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-22 01:15:52 | 000,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2001-07-22 01:15:50 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-10-31 13:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-10-11 13:29:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-12-10 19:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-10-24 17:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-12-10 16:21:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony
[2010-12-18 13:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\BitTorrent
[2010-10-11 13:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\DAEMON Tools Lite
[2010-12-17 22:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\FileZilla
[2010-12-19 08:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Gadu-Gadu 10
[2010-10-16 16:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Opera
[2010-10-14 13:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Publish Providers
[2010-10-14 13:13:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Sony
[2010-11-10 19:20:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Sony Setup
[2010-10-24 20:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\TeamViewer
[2010-12-19 08:39:18 | 000,000,304 | -HS- | M] () -- C:\WINDOWS\Tasks\Mgbznnygqm.job
[2010-12-19 09:58:32 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010-12-19 09:28:00 | 000,000,248 | -H-- | M] () -- C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010-12-19 09:43:58 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-10-09 14:34:51 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-10-09 15:06:25 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[2001-07-22 01:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-10-09 14:34:51 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-10-09 14:34:51 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-10-09 14:34:51 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010-10-10 09:00:54 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-12-19 08:38:49 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\$ntservicepackuninstall$\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\$ntservicepackuninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\$ntservicepackuninstall$\eventlog.dll
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\$ntservicepackuninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\$ntservicepackuninstall$\winlogon.exe
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

< End of report >
[/log]
[log]OTL Extras logfile created on: 2010-12-19 10:05:50 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = D:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 58,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 37,81 Gb Free Space | 77,44% Space Free | Partition Type: NTFS
Drive D: | 137,47 Gb Total Space | 56,75 Gb Free Space | 41,28% Space Free | Partition Type: NTFS

Computer Name: DAMIAN-KOMPUTER | User Name: Damian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1645522239-527237240-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"D:\Gry\Counter-Strike Source\hl2.exe" = D:\Gry\Counter-Strike Source\hl2.exe:*:Enabled:hl2 -- ()
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\BitTorrent\BitTorrent.exe" = C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"D:\Gry\KONAMI\Pro Evolution Soccer 2011\pes2011.exe" = D:\Gry\KONAMI\Pro Evolution Soccer 2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011 -- File not found
"D:\Pawno\samp-server.exe" = D:\Pawno\samp-server.exe:*:Enabled:SA-MP dedicated server -- ()
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Steam\steamapps\dayman69\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\dayman69\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0415-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D5219EC-BFF8-4B7F-AB92-6D827BB37CB0}" = Windows Live Messenger
"{51958BA7-21E4-4A8B-9098-CD8375BD17B2}" = Asystent rejestracji usługi Windows Live
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CC41E6-A4F5-448E-97DC-A9F254193EC7}" = Zenoté Blur for Vegas
"{8C40E19E-176A-4B42-AD7B-C472AEC6704F}" = Zenoté Letterbox for Vegas
"{8EB8E60B-315D-44EB-A896-10D88602EE46}" = Adobe Setup
"{946AE1F1-D493-4376-BDA3-29F0D790AD2C}" = Radiance for Vegas 7.0
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96965E6C-41DB-4E0A-BC65-D92381D51D2A}" = Sony Vegas 7.0
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C5096D00-8B9C-41DB-8472-9D721E982DF0}" = Podstawowe programy Windows Live
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CC82EBCA-0A40-43E0-91FA-E2E35A83FCEE}_is1" = SA-MP: Rollboost 1.3
"{D98C0C51-F9BB-4EE4-B791-22BF6EE31045}" = Nero 7 Ultra Edition
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"6A1545AE87FC8D98ACA7539CE7AA69DF2A5C7E1C" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0415-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Adobe_5aab5a491a3a52ae624fd639f6aaa95" = Adobe After Effects CS4 Third Party Content
"avast!" = avast! Antivirus
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CSS FULL DZ [Oct 15 2007]" = CSS FULL DZ [Oct 15 2007] v18.1
"EADM" = EA Download Manager
"Fraps" = Fraps (remove only)
"Gadu-Gadu 10" = Gadu-Gadu 10
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.5.0
"Magic Bullet Looks Vegas" = Magic Bullet Looks Vegas
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"NewBlue 3D Explosions for Vegas" = NewBlue 3D Explosions for Vegas
"NewBlue 3D Transformations for Vegas" = NewBlue 3D Transformations for Vegas
"NewBlue Art Blends 2.0 for Vegas" = NewBlue Art Blends 2.0 for Vegas
"NewBlue Art Effects 2.0 for Vegas" = NewBlue Art Effects 2.0 for Vegas
"NewBlue Film Effects for Vegas" = NewBlue Film Effects for Vegas
"NewBlue Motion Blends 2.0 for Vegas" = NewBlue Motion Blends 2.0 for Vegas
"NewBlue Motion Effects 2.0 for Vegas" = NewBlue Motion Effects 2.0 for Vegas
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Sanny Builder 3_is1" = Sanny Builder 3.04
"SpiceFILTERS Vegas DEMO" = SpiceFILTERS Vegas DEMO
"Steam App 10" = Counter-Strike
"StmAdsl" = SIEMENS ADSL A-100 USB Modem
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Podstawowe programy Windows Live
"WinRAR archiver" = Archiwizator WinRAR
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1645522239-527237240-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.4.1
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Antivirus Events ]
Error - 2010-12-17 13:58:47 | Computer Name = DAMIAN-KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUME~1\Damian\USTAWI~1\Temp\1F.tmp failed, 00000005.

Error - 2010-12-18 08:30:23 | Computer Name = DAMIAN-KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\ccfgnt8.dll failed, 00000005.

Error - 2010-12-18 08:35:13 | Computer Name = DAMIAN-KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\ccfgnt8.dll failed, 00000005.

Error - 2010-12-18 10:56:59 | Computer Name = DAMIAN-KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\ccfgnt8.dll failed, 00000005.

Error - 2010-12-18 11:25:06 | Computer Name = DAMIAN-KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\ccfgnt8.dll failed, 00000005.

Error - 2010-12-19 03:39:18 | Computer Name = DAMIAN-KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\ccfgnt8.dll failed, 00000005.

[ Application Events ]
Error - 2010-12-05 11:48:40 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hl2.exe, wersja 0.0.0.0, moduł powodujący
błąd datacache.dll, wersja 0.0.0.0, adres błędu 0x0000b423.

Error - 2010-12-05 12:25:53 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hl2.exe, wersja 0.0.0.0, moduł powodujący
błąd datacache.dll, wersja 0.0.0.0, adres błędu 0x0000b423.

Error - 2010-12-06 15:00:20 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 4.2.0.187, moduł powodujący
błąd kernel32.dll, wersja 5.1.2600.5512, adres błędu 0x00012aeb.

Error - 2010-12-11 18:08:17 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 5.0.0.152, moduł powodujący
błąd skype.exe, wersja 5.0.0.152, adres błędu 0x00004a06.

Error - 2010-12-12 08:03:22 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hl2.exe, wersja 0.0.0.0, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x0f95128b.

Error - 2010-12-12 08:19:43 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hl2.exe, wersja 0.0.0.0, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x0fcd128b.

Error - 2010-12-12 08:19:48 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1001
Description = Pakiet błędów -2074450021.

Error - 2010-12-12 10:55:55 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd chrome.exe, wersja 0.0.0.0, moduł powodujący
błąd gcswf32.dll, wersja 10.1.103.20, adres błędu 0x00381016.

Error - 2010-12-18 08:50:57 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd zq2.exe, wersja 9.0.1.0, moduł powodujący
błąd ntdll.dll, wersja 5.1.2600.5512, adres błędu 0x00010cae.

Error - 2010-12-18 14:51:00 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd zq2.exe, wersja 9.0.1.0, moduł powodujący
błąd ntdll.dll, wersja 5.1.2600.5512, adres błędu 0x00010cb0.

[ System Events ]
Error - 2010-12-10 14:03:11 | Computer Name = DAMIAN-KOMPUTER | Source = Service Control Manager | ID = 7034
Description = Usługa PnkBstrA niespodziewanie zakończyła pracę. Wystąpiło to razy:
1.

Error - 2010-12-18 08:36:37 | Computer Name = DAMIAN-KOMPUTER | Source = Service Control Manager | ID = 7034
Description = Usługa PnkBstrA niespodziewanie zakończyła pracę. Wystąpiło to razy:
1.


< End of report >
[/log]
Dobrze???

Tomek01
komentarz
komentarz

Edit...

W OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe

:OTL
PRC - [2010-12-18 12:25:09 | 000,201,216 | ---- | M] () -- C:\Documents and Settings\Damian\Ustawienia lokalne\Temp\Zq1.exe
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...er=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKU\S-1-5-21-1645522239-527237240-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...er=6&ar=msnhome
O4 - HKLM..\Run: [WinSys2] C:\WINDOWS\system32\WinSys2.exe ()
O4 - HKU\S-1-5-21-1645522239-527237240-682003330-1003..\Run: [JP595IR86O] C:\Documents and Settings\Damian\Ustawienia lokalne\Temp\Zq1.exe ()
O4 - HKU\S-1-5-21-1645522239-527237240-682003330-1003..\Run: [NtWqIVLZEWZU] C:\Documents and Settings\Damian\Ustawienia lokalne\Temp\Zq2.exe ()

:Files
C:\Documents and Settings\Damian\Ustawienia lokalne\Temp\Zq1.exe
C:\Documents and Settings\Damian\Ustawienia lokalne\Temp\Zq2.exe
C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
C:\Documents and Settings\Damian\Dane aplikacji\desktop.ini
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-527237240-682003330-1003UA.job
C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\SA.DAT4-B7C1-FD326CA84A0C}.job
C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\tasks\Mgbznnygqm.job
C:\WINDOWS\System32\ccfgnt8.dll
C:\Documents and Settings\Damian\Ustawienia lokalne\Temp

:Services
JP595IR86O
NtWqIVLZEWZU[/code]

Klikasz run fix, komputer uruchamia się ponownie.
Wrzuć log z usuwania oraz nowe logi: [b]OTL[/b] i [b]RSIT[/b]



Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki pokaż na forum.

DaMiAnO_973
komentarz
komentarz

Log z usuwania:
[log]========== PROCESSES ==========
Process Explorer.exe killed successfully!
========== OTL ==========
No active process named Zq1.exe was found!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKU\S-1-5-21-1645522239-527237240-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinSys2 not found.
File C:\WINDOWS\system32\WinSys2.exe not found.
Registry value HKEY_USERS\S-1-5-21-1645522239-527237240-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run\\JP595IR86O not found.
File C:\Documents and Settings\Damian\Ustawienia lokalne\Temp\Zq1.exe not found.
Registry value HKEY_USERS\S-1-5-21-1645522239-527237240-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run\\NtWqIVLZEWZU not found.
File C:\Documents and Settings\Damian\Ustawienia lokalne\Temp\Zq2.exe not found.
========== FILES ==========
File\Folder C:\Documents and Settings\Damian\Ustawienia lokalne\Temp\Zq1.exe not found.
File\Folder C:\Documents and Settings\Damian\Ustawienia lokalne\Temp\Zq2.exe not found.
File\Folder C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini not found.
File\Folder C:\Documents and Settings\Damian\Dane aplikacji\desktop.ini not found.
File\Folder C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-527237240-682003330-1003UA.job not found.
File\Folder C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job not found.
File\Folder C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job not found.
File\Folder C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job not found.
File\Folder C:\WINDOWS\tasks\SA.DAT4-B7C1-FD326CA84A0C}.job not found.
File\Folder C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini not found.
File\Folder C:\WINDOWS\tasks\Mgbznnygqm.job not found.
File\Folder C:\WINDOWS\System32\ccfgnt8.dll not found.
Folder move failed. C:\Documents and Settings\Damian\Ustawienia lokalne\Temp scheduled to be moved on reboot.
========== SERVICES/DRIVERS ==========
Error: No service named JP595IR86O was found to stop!
Service\Driver key JP595IR86O not found.
Error: No service named NtWqIVLZEWZU was found to stop!
Service\Driver key NtWqIVLZEWZU not found.

OTL by OldTimer - Version 3.2.17.3 log created on 12202010_122145

Files\Folders moved on Reboot...
C:\Documents and Settings\Damian\Ustawienia lokalne\Temp folder moved successfully.

Registry entries deleted on Reboot...
[/log]
Z OTL po usuwaniu czy czymś tam
Extras.txt:
[log]OTL Extras logfile created on: 2010-12-20 12:28:09 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = D:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 73,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 37,86 Gb Free Space | 77,55% Space Free | Partition Type: NTFS
Drive D: | 137,47 Gb Total Space | 56,88 Gb Free Space | 41,37% Space Free | Partition Type: NTFS

Computer Name: DAMIAN-KOMPUTER | User Name: Damian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Gry\Counter-Strike Source\hl2.exe" = D:\Gry\Counter-Strike Source\hl2.exe:*:Enabled:hl2 -- ()
"C:\Program Files\BitTorrent\BitTorrent.exe" = C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"D:\Gry\KONAMI\Pro Evolution Soccer 2011\pes2011.exe" = D:\Gry\KONAMI\Pro Evolution Soccer 2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011 -- File not found
"D:\Pawno\samp-server.exe" = D:\Pawno\samp-server.exe:*:Enabled:SA-MP dedicated server -- ()
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Steam\steamapps\dayman69\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\dayman69\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0415-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D5219EC-BFF8-4B7F-AB92-6D827BB37CB0}" = Windows Live Messenger
"{51958BA7-21E4-4A8B-9098-CD8375BD17B2}" = Asystent rejestracji usługi Windows Live
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CC41E6-A4F5-448E-97DC-A9F254193EC7}" = Zenoté Blur for Vegas
"{8C40E19E-176A-4B42-AD7B-C472AEC6704F}" = Zenoté Letterbox for Vegas
"{8EB8E60B-315D-44EB-A896-10D88602EE46}" = Adobe Setup
"{946AE1F1-D493-4376-BDA3-29F0D790AD2C}" = Radiance for Vegas 7.0
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96965E6C-41DB-4E0A-BC65-D92381D51D2A}" = Sony Vegas 7.0
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C5096D00-8B9C-41DB-8472-9D721E982DF0}" = Podstawowe programy Windows Live
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CC82EBCA-0A40-43E0-91FA-E2E35A83FCEE}_is1" = SA-MP: Rollboost 1.3
"{D98C0C51-F9BB-4EE4-B791-22BF6EE31045}" = Nero 7 Ultra Edition
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"6A1545AE87FC8D98ACA7539CE7AA69DF2A5C7E1C" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0415-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Adobe_5aab5a491a3a52ae624fd639f6aaa95" = Adobe After Effects CS4 Third Party Content
"avast!" = avast! Antivirus
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CSS FULL DZ [Oct 15 2007]" = CSS FULL DZ [Oct 15 2007] v18.1
"EADM" = EA Download Manager
"Fraps" = Fraps (remove only)
"Gadu-Gadu 10" = Gadu-Gadu 10
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.5.0
"Magic Bullet Looks Vegas" = Magic Bullet Looks Vegas
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"NewBlue 3D Explosions for Vegas" = NewBlue 3D Explosions for Vegas
"NewBlue 3D Transformations for Vegas" = NewBlue 3D Transformations for Vegas
"NewBlue Art Blends 2.0 for Vegas" = NewBlue Art Blends 2.0 for Vegas
"NewBlue Art Effects 2.0 for Vegas" = NewBlue Art Effects 2.0 for Vegas
"NewBlue Film Effects for Vegas" = NewBlue Film Effects for Vegas
"NewBlue Motion Blends 2.0 for Vegas" = NewBlue Motion Blends 2.0 for Vegas
"NewBlue Motion Effects 2.0 for Vegas" = NewBlue Motion Effects 2.0 for Vegas
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Sanny Builder 3_is1" = Sanny Builder 3.04
"SpiceFILTERS Vegas DEMO" = SpiceFILTERS Vegas DEMO
"Steam App 10" = Counter-Strike
"StmAdsl" = SIEMENS ADSL A-100 USB Modem
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Podstawowe programy Windows Live
"WinRAR archiver" = Archiwizator WinRAR
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.4.1
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Antivirus Events ]
Error - 2010-12-17 13:58:47 | Computer Name = DAMIAN-KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUME~1\Damian\USTAWI~1\Temp\1F.tmp failed, 00000005.

Error - 2010-12-18 08:30:23 | Computer Name = DAMIAN-KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\ccfgnt8.dll failed, 00000005.

Error - 2010-12-18 08:35:13 | Computer Name = DAMIAN-KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\ccfgnt8.dll failed, 00000005.

Error - 2010-12-18 10:56:59 | Computer Name = DAMIAN-KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\ccfgnt8.dll failed, 00000005.

Error - 2010-12-18 11:25:06 | Computer Name = DAMIAN-KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\ccfgnt8.dll failed, 00000005.

Error - 2010-12-19 03:39:18 | Computer Name = DAMIAN-KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\ccfgnt8.dll failed, 00000005.

Error - 2010-12-19 07:05:46 | Computer Name = DAMIAN-KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\ccfgnt8.dll failed, 00000005.

Error - 2010-12-19 13:58:33 | Computer Name = DAMIAN-KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\ccfgnt8.dll failed, 00000005.

Error - 2010-12-20 01:59:48 | Computer Name = DAMIAN-KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\ccfgnt8.dll failed, 00000005.

Error - 2010-12-20 06:57:07 | Computer Name = DAMIAN-KOMPUTER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\ccfgnt8.dll failed, 00000005.

[ Application Events ]
Error - 2010-12-05 11:48:40 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hl2.exe, wersja 0.0.0.0, moduł powodujący
błąd datacache.dll, wersja 0.0.0.0, adres błędu 0x0000b423.

Error - 2010-12-05 12:25:53 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hl2.exe, wersja 0.0.0.0, moduł powodujący
błąd datacache.dll, wersja 0.0.0.0, adres błędu 0x0000b423.

Error - 2010-12-06 15:00:20 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 4.2.0.187, moduł powodujący
błąd kernel32.dll, wersja 5.1.2600.5512, adres błędu 0x00012aeb.

Error - 2010-12-11 18:08:17 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 5.0.0.152, moduł powodujący
błąd skype.exe, wersja 5.0.0.152, adres błędu 0x00004a06.

Error - 2010-12-12 08:03:22 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hl2.exe, wersja 0.0.0.0, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x0f95128b.

Error - 2010-12-12 08:19:43 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hl2.exe, wersja 0.0.0.0, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x0fcd128b.

Error - 2010-12-12 08:19:48 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1001
Description = Pakiet błędów -2074450021.

Error - 2010-12-12 10:55:55 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd chrome.exe, wersja 0.0.0.0, moduł powodujący
błąd gcswf32.dll, wersja 10.1.103.20, adres błędu 0x00381016.

Error - 2010-12-18 08:50:57 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd zq2.exe, wersja 9.0.1.0, moduł powodujący
błąd ntdll.dll, wersja 5.1.2600.5512, adres błędu 0x00010cae.

Error - 2010-12-18 14:51:00 | Computer Name = DAMIAN-KOMPUTER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd zq2.exe, wersja 9.0.1.0, moduł powodujący
błąd ntdll.dll, wersja 5.1.2600.5512, adres błędu 0x00010cb0.

[ System Events ]
Error - 2010-12-10 14:03:11 | Computer Name = DAMIAN-KOMPUTER | Source = Service Control Manager | ID = 7034
Description = Usługa PnkBstrA niespodziewanie zakończyła pracę. Wystąpiło to razy:
1.

Error - 2010-12-18 08:36:37 | Computer Name = DAMIAN-KOMPUTER | Source = Service Control Manager | ID = 7034
Description = Usługa PnkBstrA niespodziewanie zakończyła pracę. Wystąpiło to razy:
1.

Error - 2010-12-19 06:19:16 | Computer Name = DAMIAN-KOMPUTER | Source = Service Control Manager | ID = 7034
Description = Usługa PnkBstrA niespodziewanie zakończyła pracę. Wystąpiło to razy:
1.


< End of report >
[/log]
OTL.txt:
[log]OTL logfile created on: 2010-12-20 12:28:09 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = D:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 73,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 37,86 Gb Free Space | 77,55% Space Free | Partition Type: NTFS
Drive D: | 137,47 Gb Total Space | 56,88 Gb Free Space | 41,37% Space Free | Partition Type: NTFS

Computer Name: DAMIAN-KOMPUTER | User Name: Damian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-12-19 09:54:42 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2010-12-09 00:28:23 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2010-10-21 22:00:13 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-10-16 10:02:41 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009-11-25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008-10-07 06:33:00 | 000,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008-05-16 11:33:48 | 020,336,640 | ---- | M] () -- C:\Program Files\Orange\Orange.exe
PRC - [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 21:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 21:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 21:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 21:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 21:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 21:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-05-16 08:27:38 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007-05-16 08:27:28 | 000,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2007-05-16 08:27:16 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006-08-14 13:00:04 | 016,050,176 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2004-08-11 00:45:04 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-12-19 09:54:42 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
MOD - [2010-12-10 15:26:01 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2009-11-25 00:50:32 | 000,139,264 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll
MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 21:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 21:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 21:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 21:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 21:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 21:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 21:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 21:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 21:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 21:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 21:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 21:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 21:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 21:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 21:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 21:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 21:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-12-18 10:52:28 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2002-12-17 16:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002-12-17 16:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- I:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | On_Demand | Stopped] -- I:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | On_Demand | Stopped] -- I:\install4\MSICPL.sys -- (MSICPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- I:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - [2010-10-11 13:29:45 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-11-25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009-11-25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-11-25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-11-25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-11-25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009-11-25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008-10-07 06:33:00 | 006,133,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008-04-23 09:30:12 | 000,688,864 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2008-04-23 09:30:12 | 000,060,533 | ---- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)
DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006-08-15 13:41:16 | 004,368,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-07-11 14:38:30 | 000,020,480 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006-07-11 14:38:28 | 000,057,856 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006-06-28 16:38:56 | 000,105,088 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006-06-18 22:51:32 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2010-12-18 11:03:09 | 000,000,771 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OrangeDeamon] C:\Program Files\Orange\Orange.exe ()
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-10-09 14:34:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - Unable to obtain root file information for disk D:\
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: [b]AdslTaskBar[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: [b]NeroFilterCheck[/b] - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: [b]NvCplDaemon[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-12-19 14:40:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Damian\Recent
[2010-12-19 10:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-12-19 10:15:03 | 000,000,000 | ---D | C] -- C:\rsit
[2010-12-18 20:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Moje dokumenty\Updater
[2010-12-18 11:04:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Moje dokumenty\Adobe
[2010-12-18 11:04:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet
[2010-12-18 10:57:32 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2010-12-18 10:57:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010-12-18 10:52:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2010-12-18 09:31:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Moje dokumenty\Downloads
[2010-12-17 06:46:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2010-12-13 22:40:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2010-12-13 22:40:19 | 000,130,048 | R--- | C] (www.madshi.net) -- C:\WINDOWS\System32\MadCHook.dll
[2010-12-13 22:40:12 | 000,614,400 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2010-12-13 22:40:10 | 001,773,568 | R--- | C] (MSI) -- C:\WINDOWS\System32\msicpl.dll
[2010-12-12 10:16:21 | 000,000,000 | ---D | C] -- C:\Program Files\Pixelan
[2010-12-12 10:15:57 | 000,000,000 | ---D | C] -- C:\Program Files\Velvetmatter
[2010-12-11 12:33:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010-12-10 19:18:34 | 000,000,000 | ---D | C] -- C:\ProgramData
[2010-12-10 19:18:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-12-10 19:18:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Moje dokumenty\Electronic Arts
[2010-12-10 19:15:02 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010-12-10 19:12:36 | 000,447,752 | R--- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2010-12-10 19:12:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE
[2010-12-10 16:28:34 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Damian\Moje dokumenty\Moje obrazy
[2010-12-10 16:22:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Damian\Moje dokumenty\Moja muzyka
[2010-12-10 15:23:31 | 000,000,000 | ---D | C] -- C:\Program Files\Vista Inspirat 2
[2010-12-10 15:23:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\BricoPacks
[2010-12-06 17:44:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\Ventrilo
[2010-12-06 17:44:18 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2010-12-05 17:26:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Pulpit\FatalAim CSS Release E
[2010-11-28 16:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Help
[2010-11-28 10:29:11 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\LMRTREND.dll
[2010-11-28 10:29:10 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\WINDOWS\System32\tm20dec.ax
[2010-11-28 10:29:09 | 000,182,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtmsft3.dll
[2010-11-28 10:29:05 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unam4ie.exe
[2010-11-28 10:29:03 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciqtz.drv
[2010-11-28 10:29:02 | 000,194,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcut.dll
[2010-11-28 10:29:01 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\w95inf32.dll
[2010-11-28 10:29:01 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\w95inf16.dll
[2010-11-28 01:21:32 | 000,000,000 | ---D | C] -- C:\Program Files\Sanny Builder 3
[2010-11-22 13:58:53 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2010-11-19 14:52:55 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2010-11-19 14:52:55 | 000,151,552 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2010-11-19 14:52:55 | 000,039,936 | ---- | C] (Disappearing Inc.) -- C:\WINDOWS\System32\huffyuv.dll
[2010-11-19 14:52:54 | 000,413,760 | ---- | C] (Hacked with Joy !) -- C:\WINDOWS\System32\DivXc32f.dll
[2010-11-19 14:52:54 | 000,413,760 | ---- | C] (Hacked with Joy !) -- C:\WINDOWS\System32\DivXc32.dll
[2010-11-19 14:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010-11-11 11:23:11 | 000,000,000 | ---D | C] -- C:\Program Files\Vstplugins
[2010-11-11 11:23:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony
[2010-11-10 19:28:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010-11-10 19:28:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2010-11-10 19:28:09 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010-11-10 19:27:46 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
[2010-11-09 18:58:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\FileZilla
[2010-11-09 18:56:30 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2010-11-07 22:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\mIRC
[2010-11-06 13:42:01 | 000,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-11-06 13:42:01 | 000,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2010-11-06 13:42:01 | 000,048,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-11-06 13:42:01 | 000,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-11-06 13:42:01 | 000,023,120 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-11-06 13:42:01 | 000,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-11-06 13:42:00 | 000,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-11-06 13:42:00 | 000,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-11-06 13:41:50 | 001,280,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-10-31 13:03:01 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-10-31 13:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-10-30 12:01:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010-10-30 12:01:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010-10-30 12:00:21 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010-10-30 12:00:21 | 000,017,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010-10-30 12:00:01 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Damian\UserData
[2010-10-26 18:36:24 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010-10-24 20:02:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\TeamViewer
[2010-10-24 20:02:44 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010-10-24 17:44:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\Gadu-Gadu 10
[2010-10-24 17:44:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-10-24 17:44:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010-10-24 17:43:45 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10
[2010-10-24 11:45:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\DAEMON Tools Images
[2010-10-24 11:33:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Ahead
[2010-10-24 11:11:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\Ahead
[2010-10-24 11:10:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Ahead
[2010-10-24 11:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2010-10-24 11:09:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nero
[2010-10-24 11:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2010-10-24 11:09:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010-10-21 22:00:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2010-10-21 22:00:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010-10-21 22:00:43 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010-10-21 22:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\SystemRequirementsLab
[2010-10-21 22:00:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010-10-21 22:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-10-21 21:58:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\Sun
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-12-20 12:24:54 | 000,201,647 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-12-20 12:22:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-12-19 20:12:48 | 007,104,674 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\Bez nazwy 1.psd
[2010-12-19 17:01:24 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-12-19 16:25:38 | 000,000,134 | ---- | M] () -- C:\WINDOWS\huffyuv.ini
[2010-12-19 15:05:00 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-527237240-682003330-1003Core.job
[2010-12-19 14:56:52 | 000,000,515 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\Skrót do VirtualDub.lnk
[2010-12-19 11:02:33 | 000,050,293 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\Image1.jpg
[2010-12-18 19:50:59 | 000,499,918 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-12-18 19:50:58 | 000,443,444 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-12-18 19:50:58 | 000,088,550 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-12-18 19:50:58 | 000,072,916 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-12-18 13:27:26 | 000,000,000 | ---- | M] () -- C:\WINDOWS\msicpl.ini
[2010-12-18 11:11:56 | 001,985,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-12-18 11:01:10 | 000,001,016 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\Adobe After Effects CS4.lnk
[2010-12-18 08:46:39 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-12-15 15:09:23 | 000,002,311 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\Google Chrome.lnk
[2010-12-13 23:22:53 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-12-13 22:37:04 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-12-13 16:03:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-12-10 19:12:14 | 000,000,547 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 3.lnk
[2010-12-10 15:36:33 | 000,005,466 | ---- | M] () -- C:\WINDOWS\BricoPackFoldersDelete.cmd
[2010-12-10 15:36:32 | 000,071,129 | ---- | M] () -- C:\WINDOWS\BricoPackUninst.cmd
[2010-12-10 15:36:29 | 003,932,214 | ---- | M] () -- C:\WINDOWS\BricoPack Wallpaper.bmp
[2010-12-06 22:29:03 | 000,233,328 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010-12-06 22:29:03 | 000,233,328 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010-12-06 22:29:03 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010-12-05 17:25:34 | 000,193,694 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\FatalAim CSS Release E.rar
[2010-12-01 19:17:03 | 000,000,919 | ---- | M] () -- C:\WINDOWS\GTA-SA_Trn_Settings.ini
[2010-11-28 10:29:07 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010-11-28 10:29:07 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010-11-28 10:29:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\w95inf32.dll
[2010-11-28 10:29:00 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\w95inf16.dll
[2010-11-28 01:21:33 | 000,000,646 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Sanny Builder 3.lnk
[2010-11-22 14:16:46 | 000,000,309 | ---- | M] () -- C:\WINDOWS\game.ini
[2010-11-11 22:37:40 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\Counter-Strike Source.lnk
[2010-11-11 22:25:11 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\CSS Movie Making.lnk
[2010-11-11 11:23:14 | 000,001,629 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Vegas 7.0.lnk
[2010-11-06 13:42:01 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2010-10-31 18:31:28 | 000,000,116 | ---- | M] () -- C:\Documents and Settings\Damian\default.pls
[2010-10-30 14:50:57 | 000,000,603 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\Skrót do samp.lnk
[2010-10-30 14:50:51 | 000,000,615 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\San Andreas in Vice City Launcher.lnk
[2010-10-30 14:50:37 | 000,000,615 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\GTA San Andreas.lnk
[2010-10-30 09:31:49 | 000,233,960 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010-10-30 09:28:33 | 000,138,520 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-10-29 13:17:43 | 000,131,948 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit0001.jpg
[2010-10-26 18:36:25 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\CCleaner.lnk
[2010-10-24 17:44:43 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-10-24 11:09:35 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-12-19 20:12:46 | 007,104,674 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\Bez nazwy 1.psd
[2010-12-19 16:25:38 | 000,000,134 | ---- | C] () -- C:\WINDOWS\huffyuv.ini
[2010-12-19 14:56:52 | 000,000,515 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\Skrót do VirtualDub.lnk
[2010-12-19 11:02:33 | 000,050,293 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\Image1.jpg
[2010-12-18 13:44:24 | 000,001,016 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\Adobe After Effects CS4.lnk
[2010-12-18 13:27:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2010-12-13 22:41:40 | 000,201,647 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2010-12-13 22:40:23 | 000,019,162 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010-12-13 22:40:19 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll
[2010-12-13 22:40:12 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll
[2010-12-13 22:35:39 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-12-10 19:12:14 | 000,000,547 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 3.lnk
[2010-12-10 15:35:10 | 000,005,466 | ---- | C] () -- C:\WINDOWS\BricoPackFoldersDelete.cmd
[2010-12-10 15:26:02 | 000,071,129 | ---- | C] () -- C:\WINDOWS\BricoPackUninst.cmd
[2010-12-10 15:25:56 | 003,932,214 | ---- | C] () -- C:\WINDOWS\BricoPack Wallpaper.bmp
[2010-12-05 17:25:15 | 000,193,694 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\FatalAim CSS Release E.rar
[2010-11-28 10:29:03 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010-11-28 10:29:03 | 000,005,672 | ---- | C] () -- C:\WINDOWS\System32\quartz.vxd
[2010-11-28 01:21:33 | 000,000,646 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Sanny Builder 3.lnk
[2010-11-22 14:16:45 | 000,000,309 | ---- | C] () -- C:\WINDOWS\game.ini
[2010-11-19 14:52:56 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-11-19 14:52:56 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010-11-19 14:52:54 | 002,931,712 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2010-11-19 14:52:54 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-11-19 14:52:54 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-11-19 14:52:53 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-11-11 22:37:27 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\Counter-Strike Source.lnk
[2010-11-11 11:23:14 | 000,001,629 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Vegas 7.0.lnk
[2010-11-10 19:32:45 | 000,068,704 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-11-06 13:42:01 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2010-11-06 13:41:50 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2010-10-30 15:02:18 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\CSS Movie Making.lnk
[2010-10-29 13:17:43 | 000,131,948 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit0001.jpg
[2010-10-26 18:36:25 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\CCleaner.lnk
[2010-10-24 17:44:43 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-10-24 11:53:41 | 000,000,116 | ---- | C] () -- C:\Documents and Settings\Damian\default.pls
[2010-10-24 11:53:34 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-10-16 10:02:55 | 000,138,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-10-13 16:45:50 | 000,000,919 | ---- | C] () -- C:\WINDOWS\GTA-SA_Trn_Settings.ini
[2010-10-11 13:29:44 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-10-09 16:04:34 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-10-09 15:07:46 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010-10-09 14:50:53 | 000,688,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2010-10-09 14:50:53 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\setup.ini
[2010-10-09 14:50:53 | 000,000,161 | ---- | C] () -- C:\WINDOWS\DSLSetup.ini
[2009-01-14 14:35:57 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\RegisterDialog.dll
[2008-10-07 06:33:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008-10-07 06:33:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008-10-07 06:33:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008-10-07 06:33:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-10-07 06:33:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-10-31 13:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-10-11 13:29:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-12-10 19:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-10-24 17:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-12-10 16:21:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony
[2010-12-18 13:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\BitTorrent
[2010-10-11 13:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\DAEMON Tools Lite
[2010-12-17 22:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\FileZilla
[2010-12-19 08:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Gadu-Gadu 10
[2010-10-16 16:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Opera
[2010-10-14 13:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Publish Providers
[2010-10-14 13:13:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Sony
[2010-11-10 19:20:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Sony Setup
[2010-10-24 20:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\TeamViewer

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-10-09 14:34:51 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-10-09 15:06:25 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[2001-07-22 01:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-10-09 14:34:51 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-10-09 14:34:51 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-10-09 14:34:51 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010-10-10 09:00:54 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-12-20 12:22:47 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\$ntservicepackuninstall$\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\$ntservicepackuninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\$ntservicepackuninstall$\eventlog.dll
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\$ntservicepackuninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\$ntservicepackuninstall$\winlogon.exe
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

< End of report >
[/log]
RSIT:
[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Damian at 2010-12-20 12:35:28
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 39 GB (77%) free of 50 GB
Total RAM: 2047 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:35:34, on 2010-12-20
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Orange\Orange.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\OTL.exe
C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\RSIT.exe
C:\Program Files\trend micro\Damian.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [OrangeDeamon] C:\Program Files\Orange\Orange.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B1EBF74-3D79-4E39-B95A-F1C22E75A964}: NameServer = 79.163.127.70 217.116.100.65
O17 - HKLM\System\CS1\Services\Tcpip\..\{6B1EBF74-3D79-4E39-B95A-F1C22E75A964}: NameServer = 79.163.127.70 217.116.100.65
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 6016 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-527237240-682003330-1003Core.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocnik rejestracji usługi Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-21 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-10-21 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"OrangeDeamon"=C:\Program Files\Orange\Orange.exe [2008-05-16 20336640]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-08-14 16050176]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-05-16 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdslTaskBar]
stmctrl.dll,TaskBar []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-10-09 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Gry\Counter-Strike Source\hl2.exe"="D:\Gry\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\BitTorrent\BitTorrent.exe"="C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"D:\Gry\KONAMI\Pro Evolution Soccer 2011\pes2011.exe"="D:\Gry\KONAMI\Pro Evolution Soccer 2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"D:\Pawno\samp-server.exe"="D:\Pawno\samp-server.exe:*:Enabled:SA-MP dedicated server"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Steam\steamapps\dayman69\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\dayman69\counter-strike\hl.exe:*:Enabled:Counter-Strike"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2010-12-20 12:24:53 ----A---- C:\WINDOWS\~DFDB09.tmp
2010-12-20 12:19:17 ----A---- C:\WINDOWS\~DFDDE4.tmp
2010-12-19 16:25:38 ----A---- C:\WINDOWS\huffyuv.ini
2010-12-19 10:15:04 ----D---- C:\Program Files\trend micro
2010-12-19 10:15:03 ----D---- C:\rsit
2010-12-18 13:27:26 ----A---- C:\WINDOWS\msicpl.ini
2010-12-18 11:04:06 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet
2010-12-18 10:57:32 ----D---- C:\Program Files\Adobe Media Player
2010-12-18 10:57:28 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-12-18 10:52:28 ----D---- C:\Program Files\Common Files\Macrovision Shared
2010-12-13 22:40:23 ----D---- C:\WINDOWS\nview
2010-12-13 22:40:23 ----A---- C:\WINDOWS\system32\nvudisp.exe
2010-12-13 22:40:19 ----RA---- C:\WINDOWS\system32\smdll.dll
2010-12-13 22:40:19 ----RA---- C:\WINDOWS\system32\MadCHook.dll
2010-12-13 22:40:12 ----RA---- C:\WINDOWS\system32\msvcr80.dll
2010-12-13 22:40:12 ----RA---- C:\WINDOWS\system32\Auxiliary.dll
2010-12-13 22:40:10 ----RA---- C:\WINDOWS\system32\msicpl.dll
2010-12-12 10:16:21 ----D---- C:\Program Files\Pixelan
2010-12-12 10:15:57 ----D---- C:\Program Files\Velvetmatter
2010-12-11 12:33:40 ----D---- C:\Program Files\Common Files\Skype
2010-12-10 19:18:34 ----D---- C:\ProgramData
2010-12-10 19:18:34 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
2010-12-10 19:15:02 ----D---- C:\Program Files\Electronic Arts
2010-12-10 19:12:36 ----RA---- C:\WINDOWS\system32\vp6vfw.dll
2010-12-10 19:12:35 ----D---- C:\Program Files\Microsoft WSE
2010-12-10 15:35:10 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd
2010-12-10 15:26:02 ----A---- C:\WINDOWS\BricoPackUninst.cmd
2010-12-10 15:23:49 ----A---- C:\WINDOWS\BricoPackUninst.txt
2010-12-10 15:23:31 ----D---- C:\WINDOWS\BricoPacks
2010-12-10 15:23:31 ----D---- C:\Program Files\Vista Inspirat 2
2010-12-06 17:44:28 ----D---- C:\Documents and Settings\Damian\Dane aplikacji\Ventrilo
2010-12-06 17:44:18 ----D---- C:\Program Files\Ventrilo
2010-11-28 10:29:11 ----A---- C:\WINDOWS\system32\LMRTREND.dll
2010-11-28 10:29:09 ----A---- C:\WINDOWS\system32\dxtmsft3.dll
2010-11-28 10:29:07 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-11-28 10:29:05 ----A---- C:\WINDOWS\system32\unam4ie.exe
2010-11-28 10:29:03 ----A---- C:\WINDOWS\system32\vidx16.dll
2010-11-28 10:29:02 ----A---- C:\WINDOWS\system32\qcut.dll
2010-11-28 10:29:01 ----A---- C:\WINDOWS\system32\w95inf32.dll
2010-11-28 10:29:01 ----A---- C:\WINDOWS\system32\w95inf16.dll
2010-11-28 01:21:32 ----D---- C:\Program Files\Sanny Builder 3
2010-11-22 14:16:45 ----A---- C:\WINDOWS\game.ini
2010-11-22 13:58:53 ----SHD---- C:\WINDOWS\ftpcache

======List of files/folders modified in the last 1 months======

2010-12-20 12:32:59 ----D---- C:\Documents and Settings\Damian\Dane aplikacji\Skype
2010-12-20 12:29:49 ----D---- C:\WINDOWS\Temp
2010-12-20 12:24:53 ----D---- C:\WINDOWS
2010-12-20 12:21:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-12-20 12:19:27 ----D---- C:\WINDOWS\Prefetch
2010-12-20 12:16:20 ----SD---- C:\WINDOWS\Tasks
2010-12-20 12:16:20 ----D---- C:\WINDOWS\system32
2010-12-19 20:44:19 ----D---- C:\WINDOWS\system32\CatRoot2
2010-12-19 18:58:26 ----D---- C:\WINDOWS\system32\LogFiles
2010-12-19 17:01:24 ----A---- C:\WINDOWS\NeroDigital.ini
2010-12-19 14:20:17 ----D---- C:\Documents and Settings\Damian\Dane aplikacji\Adobe
2010-12-19 10:15:04 ----RD---- C:\Program Files
2010-12-19 08:57:53 ----D---- C:\Documents and Settings\Damian\Dane aplikacji\Gadu-Gadu 10
2010-12-18 19:50:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-12-18 19:50:51 ----D---- C:\WINDOWS\system32\inetsrv
2010-12-18 13:26:13 ----SHD---- C:\System Volume Information
2010-12-18 13:26:13 ----D---- C:\WINDOWS\system32\Restore
2010-12-18 13:26:00 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-12-18 13:26:00 ----D---- C:\Program Files\Outlook Express
2010-12-18 13:26:00 ----D---- C:\Program Files\Movie Maker
2010-12-18 13:26:00 ----D---- C:\Program Files\Internet Explorer
2010-12-18 13:25:59 ----D---- C:\WINDOWS\system32\usmt
2010-12-18 13:16:54 ----D---- C:\Documents and Settings\Damian\Dane aplikacji\BitTorrent
2010-12-18 11:07:46 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2010-12-18 11:06:42 ----SHD---- C:\WINDOWS\Installer
2010-12-18 10:59:47 ----D---- C:\Program Files\Common Files\Adobe
2010-12-18 10:59:46 ----D---- C:\Program Files\Adobe
2010-12-18 10:57:28 ----D---- C:\Program Files\Common Files
2010-12-18 10:56:54 ----RSD---- C:\WINDOWS\Fonts
2010-12-17 22:39:38 ----D---- C:\Program Files\Steam
2010-12-17 22:18:31 ----D---- C:\Documents and Settings\Damian\Dane aplikacji\FileZilla
2010-12-15 23:02:47 ----D---- C:\Program Files\Windows Media Player
2010-12-13 22:41:47 ----HD---- C:\WINDOWS\inf
2010-12-13 22:41:39 ----D---- C:\WINDOWS\Help
2010-12-13 22:39:00 ----D---- C:\WINDOWS\system32\drivers
2010-12-11 12:33:40 ----RD---- C:\Program Files\Skype
2010-12-11 12:33:36 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Skype
2010-12-10 19:12:36 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
2010-12-10 19:12:36 ----RSD---- C:\WINDOWS\assembly
2010-12-10 19:12:35 ----SD---- C:\Documents and Settings\Damian\Dane aplikacji\Microsoft
2010-12-10 19:12:29 ----D---- C:\WINDOWS\WinSxS
2010-12-10 18:56:07 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-10 16:21:32 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Sony
2010-12-10 15:37:54 ----D---- C:\WINDOWS\Media
2010-12-10 15:37:54 ----D---- C:\WINDOWS\Cursors
2010-12-10 15:26:01 ----A---- C:\WINDOWS\system32\uxtheme.dll
2010-12-06 17:44:09 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-12-02 17:09:06 ----D---- C:\Program Files\Gadu-Gadu 10
2010-12-01 19:17:03 ----A---- C:\WINDOWS\GTA-SA_Trn_Settings.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-06-28 105088]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-10-11 691696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK8;Sterownik procesora AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-08-15 4368896]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-07-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-07-11 20480]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2008-04-23 60533]
R3 TaurusUsb;Siemens ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2008-04-23 688864]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 admfs83q;admfs83q; C:\WINDOWS\system32\drivers\admfs83q.sys []
S3 GMSIPCI;GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\I:\install4\MSICPL.sys []
S3 NTACCESS;NTACCESS; \??\I:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\I:\NTGLM7X.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-10-21 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-10-16 75064]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-18 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------
[/log]
A skan za chwilę przeprowadzę.

Tomek01
komentarz
komentarz

Wklej do OTL:

[code]:Files
C:\WINDOWS\~DFDB09.tmp
C:\WINDOWS\~DFDDE4.tmp

[Emptytemp][/code]
RunFix...


To w zasadzie wszystko. Zobaczymy co wykażą skany.

DaMiAnO_973
komentarz
komentarz

Nie wiem czemu, ale wirus jak by zniknął. Nie uruchamiają się jego procesy ani nie włączają reklamy. Temat chyba do zamknięcia.

Tomek01
komentarz
komentarz

Jak nie wiesz czemu ?
Został po prostu usunięty.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.