x-kom hosting

proszę o sprawdzenie logów

Tom_Bombadil
utworzono
utworzono

Bardzo proszę o sprawdzenie logów.

[log]
OTL logfile created on: 2011-02-05 01:52:51 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Bombadil\Pulpit\Antywiry
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 023,00 Mb Total Physical Memory | 609,00 Mb Available Physical Memory | 59,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 131,12 Gb Free Space | 87,98% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 2,97 Gb Free Space | 7,96% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 66,96 Gb Free Space | 22,46% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 100,71 Gb Free Space | 33,79% Space Free | Partition Type: NTFS

Computer Name: EIDOS-7C7F8C27B | User Name: Bombadil | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-02-05 01:49:25 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bombadil\Pulpit\Antywiry\OTL.exe
PRC - [2010-11-12 18:53:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-02-09 18:24:47 | 000,135,664 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009-08-08 21:49:49 | 000,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-04-07 13:26:20 | 000,688,128 | ---- | M] () -- C:\Program Files\blueconnect\UIMain.exe
PRC - [2009-04-07 13:19:54 | 000,559,104 | ---- | M] () -- C:\Program Files\blueconnect\CMUpdater.exe
PRC - [2009-04-07 13:11:58 | 000,241,664 | ---- | M] () -- C:\Program Files\blueconnect\AssistantServices.exe
PRC - [2009-04-07 13:11:16 | 000,132,608 | ---- | M] () -- C:\Program Files\blueconnect\UIExec.exe
PRC - [2009-02-25 22:27:41 | 000,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2008-04-22 08:59:28 | 003,287,552 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files\SpeedFan\speedfan.exe
PRC - [2007-05-22 10:04:58 | 000,521,128 | ---- | M] (Ray Adams) -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
PRC - [2005-07-24 22:35:00 | 000,053,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2004-08-03 23:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2002-04-08 10:37:14 | 000,118,784 | ---- | M] (TelSignal Co., Ltd.) -- C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE
PRC - [2001-11-23 17:50:36 | 000,102,400 | ---- | M] (TelSignal Co., Ltd.) -- C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE
PRC - [2001-08-03 16:56:22 | 000,159,800 | ---- | M] (prolink) -- C:\WINDOWS\PowerS.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-02-05 01:49:25 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bombadil\Pulpit\Antywiry\OTL.exe
MOD - [2007-04-16 20:42:38 | 000,274,432 | ---- | M] () -- C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2004-08-03 23:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2004-08-03 23:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2004-08-03 23:44:12 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2004-08-03 23:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2004-08-03 23:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2004-08-03 23:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-03 23:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2004-08-03 23:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2004-08-03 23:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-03 23:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-03 23:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2004-08-03 23:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2004-08-03 23:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-03 23:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2004-08-03 23:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2004-08-03 23:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-03 23:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2009-06-02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009-04-07 13:11:58 | 000,241,664 | ---- | M] () [Auto | Running] -- C:\Program Files\blueconnect\AssistantServices.exe -- (UI Assistant Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-02-25 23:58:57 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-02-09 08:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009-02-09 08:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009-02-09 08:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009-01-12 08:12:56 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009-01-05 08:59:54 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2009-01-04 16:29:50 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009-01-04 16:29:50 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008-10-29 15:35:32 | 000,007,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-05-22 10:04:54 | 000,018,088 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys -- (atitray)
DRV - [2006-11-22 07:01:00 | 000,250,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006-09-24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004-06-16 13:34:00 | 000,004,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\ABIT\ABIT vGuru\OCGuru\atidgllk.sys -- (atidgllk)
DRV - [2004-06-03 09:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2004-04-02 14:40:00 | 000,021,760 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2004-01-11 23:34:38 | 000,019,732 | ---- | M] (FSPro Labs) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\hfsys.sys -- (HFSYS)
DRV - [2003-03-26 21:48:52 | 000,099,334 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BT878.SYS -- (BT878)
DRV - [2002-04-09 17:44:22 | 000,039,552 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2002-02-22 12:36:16 | 000,021,824 | ---- | M] (TelSignal Co., Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Bttuner.sys -- (BTTUNER)
DRV - [2002-02-22 12:36:14 | 000,012,796 | ---- | M] (TelSignal Co., Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Btxbar.sys -- (BTXBAR)
DRV - [2000-01-30 16:33:18 | 000,014,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\F\JTV\Drivers\BTDRV.SYS -- (btdrv)
DRV - [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-220523388-507921405-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-220523388-507921405-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: ff-bmboc@bytemobile.com:4.1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.713
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - HKLM\software\mozilla\Firefox\extensions\\ff-bmboc@bytemobile.com: C:\Program Files\blueconnect\addon [2009-10-22 21:58:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-11-03 20:18:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-01-22 18:45:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-04-19 21:32:09 | 000,000,000 | ---D | M]

[2009-08-07 20:32:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bombadil\Dane aplikacji\Mozilla\Extensions
[2009-08-07 20:32:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bombadil\Dane aplikacji\Mozilla\Firefox\Profiles\bvacvhbc.default\extensions
[2011-02-04 21:19:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-04-19 21:32:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-10-28 18:40:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010-12-24 11:57:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2009-10-22 21:58:44 | 000,000,000 | ---D | M] (Bytemobile Optimization Client) -- C:\PROGRAM FILES\BLUECONNECT\ADDON
[2010-04-19 21:32:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009-11-03 20:18:06 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC
[2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009-08-08 21:49:53 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-08-08 21:49:53 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-08-08 21:49:53 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-08-08 21:49:53 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-08-08 21:49:53 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-08-08 21:49:53 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [PowerS] C:\WINDOWS\PowerS.exe (prolink)
O4 - HKLM..\Run: [UIExec] C:\Program Files\blueconnect\UIExec.exe ()
O4 - HKU\S-1-5-21-220523388-507921405-839522115-1003..\Run: [AtiTrayTools] C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe (Ray Adams)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Remote Controller.lnk = C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE (TelSignal Co., Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TVSCHL.lnk = C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE (TelSignal Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-220523388-507921405-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-220523388-507921405-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-220523388-507921405-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-220523388-507921405-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\tLHWBJwy\hrqyiwve.exe) - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Bombadil\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bombadil\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-08-07 12:28:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-02-05 00:27:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Dane aplikacji\Uniblue
[2011-02-05 00:26:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Ustawienia lokalne\Dane aplikacji\PackageAware
[2011-02-04 18:03:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Dane aplikacji\Unity
[2011-02-04 17:49:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Ustawienia lokalne\Dane aplikacji\Unity
[2011-02-04 00:06:36 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2011-01-28 20:57:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Pulpit\Antywiry
[2011-01-28 20:36:03 | 000,000,000 | ---D | C] -- C:\Program Files\Passware
[2011-01-28 20:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Menu Start\Programy\Passware
[2011-01-25 17:51:13 | 000,000,000 | ---D | C] -- C:\Program Files\tmp
[2011-01-24 21:58:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Pulpit\Szanty
[2011-01-14 23:12:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Menu Start\Programy\AviSynth 2.5
[2011-01-14 23:09:57 | 004,182,178 | ---- | C] (The Public) -- C:\Documents and Settings\Bombadil\Pulpit\Avisynth_258.exe
[2011-01-14 22:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2011-01-14 22:36:51 | 000,652,794 | ---- | C] (Xvid team ) -- C:\Documents and Settings\Bombadil\Pulpit\Xvid-1.2.2-07062009.exe
[2011-01-10 22:21:57 | 000,000,000 | ---D | C] -- C:\Program Files\AC3Filter
[2011-01-10 22:21:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Menu Start\Programy\AC3Filter
[2011-01-10 22:21:37 | 000,086,016 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe
[2011-01-10 22:21:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\DivX
[2011-01-10 22:20:52 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011-01-10 22:06:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011-01-10 19:19:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gordian Knot
[2011-01-10 19:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\GordianKnot
[2011-01-09 18:48:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Dane aplikacji\Media Player Classic
[2011-01-09 13:57:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\XviD
[2011-01-09 13:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2011-01-09 13:57:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AviSynth 2.5
[2011-01-09 13:55:44 | 000,000,000 | ---D | C] -- C:\Program Files\Gabest
[2011-01-09 13:55:09 | 000,000,000 | ---D | C] -- C:\Program Files\AutoGK
[2011-01-09 13:55:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AutoGK
[2011-01-09 13:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Pulpit\Nowy folder (2)
[2011-01-04 20:42:44 | 001,425,408 | ---- | C] (CPUID) -- C:\Documents and Settings\Bombadil\Pulpit\cpuz_1.46.exe
[2011-01-04 20:39:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010-12-27 19:01:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Moje dokumenty\ERA faktury
[2010-12-19 21:01:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Pulpit\Zdjęcia - porównanie
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-02-05 01:54:21 | 000,000,109 | ---- | M] () -- C:\WINDOWS\TSNV_I2C.INI
[2011-02-05 01:32:48 | 000,002,298 | ---- | M] () -- C:\WINDOWS\TSCTNDBG.INI
[2011-02-05 01:32:47 | 000,020,250 | ---- | M] () -- C:\WINDOWS\Tsctvfm.ini
[2011-02-05 01:32:45 | 000,001,417 | ---- | M] () -- C:\WINDOWS\TSCTV.INI
[2011-02-05 01:32:37 | 000,000,130 | ---- | M] () -- C:\WINDOWS\IFOLDER.INI
[2011-02-05 01:32:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-02-04 23:55:15 | 000,001,060 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2011-02-04 23:54:16 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011-02-04 19:41:42 | 001,491,894 | ---- | M] () -- C:\Documents and Settings\Bombadil\Pulpit\4.02.2011-19.41.bmp
[2011-02-04 17:52:08 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-02-03 10:17:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-01-28 20:35:50 | 000,463,842 | ---- | M] () -- C:\Documents and Settings\Bombadil\Pulpit\ariskkey.exe
[2011-01-22 14:06:01 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011-01-17 21:34:00 | 000,006,013 | ---- | M] () -- C:\Documents and Settings\Bombadil\Pulpit\173512_100000770112355_178014_n.jpg
[2011-01-14 23:11:03 | 004,182,178 | ---- | M] (The Public) -- C:\Documents and Settings\Bombadil\Pulpit\Avisynth_258.exe
[2011-01-14 22:37:10 | 000,652,794 | ---- | M] (Xvid team ) -- C:\Documents and Settings\Bombadil\Pulpit\Xvid-1.2.2-07062009.exe
[2011-01-12 13:44:22 | 000,000,519 | ---- | M] () -- C:\Documents and Settings\Bombadil\Pulpit\Skrót do Teletubbies.lnk
[2010-12-21 23:39:46 | 002,987,604 | ---- | M] () -- C:\Documents and Settings\Bombadil\Pulpit\Wolna Grupa Bukowina - Piosenka Wiosenna.mp3
[2010-12-21 18:33:40 | 000,142,848 | ---- | M] () -- C:\Documents and Settings\Bombadil\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-12 22:36:20 | 000,015,360 | ---- | M] () -- C:\Documents and Settings\Bombadil\Pulpit\Zeszyt1.xls
[2010-12-12 22:34:55 | 000,000,430 | ---- | M] () -- C:\Documents and Settings\Bombadil\Pulpit\Skrót do Windows 7 Ultimate AIO Activated.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-02-04 19:41:42 | 001,491,894 | ---- | C] () -- C:\Documents and Settings\Bombadil\Pulpit\4.02.2011-19.41.bmp
[2011-02-03 18:49:47 | 000,002,298 | ---- | C] () -- C:\WINDOWS\TSCTNDBG.INI
[2011-01-28 20:35:44 | 000,463,842 | ---- | C] () -- C:\Documents and Settings\Bombadil\Pulpit\ariskkey.exe
[2011-01-26 16:20:52 | 069,378,048 | ---- | C] () -- C:\Documents and Settings\Bombadil\Pulpit\Kot Filemon - Ach Te Myszy.avi
[2011-01-23 21:40:40 | 000,097,042 | ---- | C] () -- C:\Documents and Settings\Bombadil\Pulpit\Projekt powykonawczy.cdr
[2011-01-17 21:33:59 | 000,006,013 | ---- | C] () -- C:\Documents and Settings\Bombadil\Pulpit\173512_100000770112355_178014_n.jpg
[2011-01-16 11:12:09 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-01-14 22:38:17 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
[2011-01-10 22:21:57 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.cpl
[2010-12-21 23:39:02 | 002,987,604 | ---- | C] () -- C:\Documents and Settings\Bombadil\Pulpit\Wolna Grupa Bukowina - Piosenka Wiosenna.mp3
[2010-12-19 15:52:44 | 000,000,519 | ---- | C] () -- C:\Documents and Settings\Bombadil\Pulpit\Skrót do Teletubbies.lnk
[2010-12-12 22:34:55 | 000,000,430 | ---- | C] () -- C:\Documents and Settings\Bombadil\Pulpit\Skrót do Windows 7 Ultimate AIO Activated.lnk
[2010-12-12 22:28:43 | 001,004,562 | ---- | C] () -- C:\Documents and Settings\Bombadil\Pulpit\IMG_7337.JPG
[2009-10-17 17:21:42 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-10-17 17:20:51 | 000,142,848 | ---- | C] () -- C:\Documents and Settings\Bombadil\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-08-11 18:34:05 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009-08-09 21:23:40 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-08-09 21:10:16 | 000,112,688 | ---- | C] () -- C:\WINDOWS\System32\shw32.dll
[2009-08-09 11:21:03 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2009-08-09 08:36:40 | 000,001,060 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2009-08-08 09:02:20 | 000,000,130 | ---- | C] () -- C:\WINDOWS\IFOLDER.INI
[2009-08-07 21:30:19 | 000,018,455 | ---- | C] () -- C:\WINDOWS\TSCTVMSG.INI
[2009-08-07 21:30:19 | 000,010,765 | ---- | C] () -- C:\WINDOWS\TSCTVDIV.INI
[2009-08-07 21:30:19 | 000,000,459 | ---- | C] () -- C:\WINDOWS\TSCFM.INI
[2009-08-07 21:18:40 | 000,000,050 | ---- | C] () -- C:\WINDOWS\PIXELTV.INI
[2009-08-07 21:11:29 | 000,000,109 | ---- | C] () -- C:\WINDOWS\TSNV_I2C.INI
[2009-08-07 21:09:59 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\DTVdrv.dll
[2009-08-07 21:09:59 | 000,020,250 | ---- | C] () -- C:\WINDOWS\Tsctvfm.ini
[2009-08-07 21:09:59 | 000,012,188 | ---- | C] () -- C:\WINDOWS\System32\DTVdrvNT.sys
[2009-08-07 21:09:59 | 000,001,417 | ---- | C] () -- C:\WINDOWS\TSCTV.INI
[2009-08-07 21:02:39 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-08-07 19:31:52 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2009-08-07 19:31:43 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009-08-07 14:13:18 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009-01-25 22:10:48 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-01-09 00:01:22 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004-08-03 23:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004-07-17 10:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2002-10-15 23:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2009-11-03 20:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-11-03 20:20:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2010-09-24 14:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bombadil\Dane aplikacji\BESTplayer
[2009-08-09 10:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bombadil\Dane aplikacji\Gadu-Gadu
[2009-11-03 20:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bombadil\Dane aplikacji\Nokia
[2009-11-03 20:23:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bombadil\Dane aplikacji\PC Suite
[2009-10-22 21:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bombadil\Dane aplikacji\Program Files
[2011-02-05 00:27:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bombadil\Dane aplikacji\Uniblue
[2011-02-04 18:03:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bombadil\Dane aplikacji\Unity

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-08-07 12:28:39 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-02-04 23:54:16 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-21 23:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-01-17 23:25:07 | 000,006,628 | ---- | M] () -- C:\ComboFix.txt
[2009-08-07 12:28:39 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-08-09 07:52:29 | 000,000,010 | ---- | M] () -- C:\csb.log
[2009-08-07 12:28:39 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011-02-04 18:40:08 | 000,041,613 | ---- | M] () -- C:\mksbasel.cpp.log
[2009-08-07 12:28:39 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-09-04 21:11:39 | 000,007,070 | ---- | M] () -- C:\NetworkCfg.xml
[2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004-08-03 21:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr
[2011-02-05 01:32:25 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys
[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe

< End of report >
[/log]

[log]
OTL Extras logfile created on: 2011-02-05 01:52:52 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Bombadil\Pulpit\Antywiry
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 023,00 Mb Total Physical Memory | 609,00 Mb Available Physical Memory | 59,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 131,12 Gb Free Space | 87,98% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 2,97 Gb Free Space | 7,96% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 66,96 Gb Free Space | 22,46% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 100,71 Gb Free Space | 33,79% Space Free | Partition Type: NTFS

Computer Name: EIDOS-7C7F8C27B | User Name: Bombadil | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-220523388-507921405-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{42B29533-5870-11D7-AE26-009027144ECE}" = ABIT vGuru
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{64D5E9DE-7890-4FB0-8865-8B24BE1773F7}" = LightScribe 1.4.42.1
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = blueconnect
"{AC76BA86-7AD7-1045-7B44-A81200000003}" = Adobe Reader 8 - Polish
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{EFE0F631-6748-4A2F-A409-FA1A287D8075}" = PL-2303 USB-to-Serial
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agent Ransack_is1" = Agent Ransack Version 1.7.3
"asterisk key" = Asterisk Key 10.0
"ATI Display Driver" = ATI Display Driver
"AutoGK" = Auto Gordian Knot 2.55
"AviSynth" = AviSynth 2.5
"Corel Applications" = Corel Applications
"DC++" = DC++ 0.707
"DivX Codec" = DivX Pro Codec
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 4.1)
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.3)
"ffdshow" = ffdshow (remove only)
"ffdshow_is1" = ffdshow [rev 2031] [2008-07-02]
"Gadu-Gadu" = Gadu-Gadu 7.7
"Gordian Knot" = Gordian Knot Rip Pack 0.28.7
"Hide Folders XP_is1" = Hide Folders XP 1.6 for Windows 2000/XP
"HUFFYUV" = Huffyuv AVI lossless video codec (Remove Only)
"IrfanView" = IrfanView (remove only)
"iuVCR_is1" = iuVCR
"Mozilla Firefox (3.0.13)" = Mozilla Firefox (3.0.13)
"MultiRes (remove only)" = MultiRes (remove only)
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Oxygen Phone Manager II" = Oxygen Phone Manager II
"PlayTV Pro" = PlayTV Pro
"rayatitray" = Ray Adams ATI Tray Tools
"SkanerOnline" = Skaner on-line mks_vir
"SpeedFan" = SpeedFan (remove only)
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"WinRAR archiver" = Archiwizator WinRAR
"xp-AntiSpy" = xp-AntiSpy 3.96-8
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Xvid_is1" = Xvid 1.2.2 final uninstall

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-220523388-507921405-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-01-11 17:55:57 | Computer Name = EIDOS-7C7F8C27B | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bestplayer2.04.exe, wersja 2.1.0.263, moduł
powodujący błąd xvid.dll, wersja 0.0.0.0, adres błędu 0x00049d67.

Error - 2011-01-11 17:56:10 | Computer Name = EIDOS-7C7F8C27B | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bestplayer2.04.exe, wersja 2.1.0.263, moduł
powodujący błąd xvid.dll, wersja 0.0.0.0, adres błędu 0x00049d67.

Error - 2011-01-11 17:56:23 | Computer Name = EIDOS-7C7F8C27B | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bestplayer2.04.exe, wersja 2.1.0.263, moduł
powodujący błąd xvid.dll, wersja 0.0.0.0, adres błędu 0x00049d67.

Error - 2011-01-13 06:49:20 | Computer Name = EIDOS-7C7F8C27B | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bestplayer2.04.exe, wersja 2.1.0.263, moduł
powodujący błąd xvid.dll, wersja 0.0.0.0, adres błędu 0x00049d67.

Error - 2011-01-14 17:33:12 | Computer Name = EIDOS-7C7F8C27B | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bestplayer2.04.exe, wersja 2.1.0.263, moduł
powodujący błąd xvid.dll, wersja 0.0.0.0, adres błędu 0x00049d67.

Error - 2011-01-14 17:33:20 | Computer Name = EIDOS-7C7F8C27B | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bestplayer2.04.exe, wersja 2.1.0.263, moduł
powodujący błąd xvid.dll, wersja 0.0.0.0, adres błędu 0x00049d67.

Error - 2011-01-14 17:33:23 | Computer Name = EIDOS-7C7F8C27B | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bestplayer2.04.exe, wersja 2.1.0.263, moduł
powodujący błąd xvid.dll, wersja 0.0.0.0, adres błędu 0x00049d67.

Error - 2011-01-14 17:33:42 | Computer Name = EIDOS-7C7F8C27B | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bestplayer2.04.exe, wersja 2.1.0.263, moduł
powodujący błąd xvid.dll, wersja 0.0.0.0, adres błędu 0x00049d67.

Error - 2011-02-04 15:17:35 | Computer Name = EIDOS-7C7F8C27B | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to 800706BF z w wierszu 44 z d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą

Error - 2011-02-04 20:38:57 | Computer Name = EIDOS-7C7F8C27B | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd ocguru.exe, wersja 1.0.5.0, moduł powodujący
błąd ocguru.exe, wersja 1.0.5.0, adres błędu 0x0005c732.

[ System Events ]
Error - 2011-02-04 15:16:37 | Computer Name = EIDOS-7C7F8C27B | Source = Service Control Manager | ID = 7031
Description = Usługa Rejestr zdalny niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1. W przeciągu 1000 milisekund zostanie podjęta następująca czynność korekcyjna:
Uruchom usługę ponownie.

Error - 2011-02-04 15:16:43 | Computer Name = EIDOS-7C7F8C27B | Source = Service Control Manager | ID = 7034
Description = Usługa Klient DNS niespodziewanie zakończyła pracę. Wystąpiło to razy:
1.

Error - 2011-02-04 15:16:54 | Computer Name = EIDOS-7C7F8C27B | Source = Service Control Manager | ID = 7031
Description = Usługa Zdalne wywoływanie procedur (RPC) niespodziewanie zakończyła
pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca
czynność korekcyjna: Uruchom ponownie komputer.

Error - 2011-02-04 15:21:02 | Computer Name = EIDOS-7C7F8C27B | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi
EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2011-02-04 15:22:21 | Computer Name = EIDOS-7C7F8C27B | Source = Service Control Manager | ID = 7001
Description = Usługa Klient DHCP zależy od usługi NetBios przez TCP/IP, której nie
można uruchomić z powodu następującego błędu: %%31

Error - 2011-02-04 15:22:21 | Computer Name = EIDOS-7C7F8C27B | Source = Service Control Manager | ID = 7001
Description = Usługa Klient DNS zależy od usługi Sterownik protokołu TCP/IP, której
nie można uruchomić z powodu następującego błędu: %%31

Error - 2011-02-04 15:22:21 | Computer Name = EIDOS-7C7F8C27B | Source = Service Control Manager | ID = 7001
Description = Usługa Pomoc TCP/IP NetBIOS zależy od usługi AFD, której nie można
uruchomić z powodu następującego błędu: %%31

Error - 2011-02-04 15:22:21 | Computer Name = EIDOS-7C7F8C27B | Source = Service Control Manager | ID = 7001
Description = Usługa Usługi IPSEC zależy od usługi Sterownik IPSEC, której nie można
uruchomić z powodu następującego błędu: %%31

Error - 2011-02-04 15:22:21 | Computer Name = EIDOS-7C7F8C27B | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: AFD atitray Fips HFSYS IPSec MRxSmb NetBIOS NetBT Processor RasAcd Rdbss Tcpip
tcpipBM

Error - 2011-02-04 15:22:55 | Computer Name = EIDOS-7C7F8C27B | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi
EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}


< End of report >
[/log]

[log]
Logfile of random's system information tool 1.08 (written by random/random)
Run by Bombadil at 2011-02-05 01:57:30
Microsoft Windows XP Professional Dodatek Service Pack 2
System drive C: has 134 GB (88%) free of 153 GB
Total RAM: 1023 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 01:57:38, on 2011-02-05
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\PowerS.exe
C:\Program Files\blueconnect\UIExec.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\blueconnect\AssistantServices.exe
C:\Program Files\blueconnect\UIMain.exe
C:\Program Files\blueconnect\CMUpdater.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Bombadil\Pulpit\Antywiry\RSIT.exe
C:\Program Files\trend micro\Bombadil.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Program Files\tLHWBJwy\hrqyiwve.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [PowerS] C:\WINDOWS\PowerS.exe
O4 - HKLM\..\Run: [UIExec] "C:\Program Files\blueconnect\UIExec.exe"
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Remote Controller.lnk = C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE
O4 - Global Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
O4 - Global Startup: TVSCHL.lnk = C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2C5A8B4-A47C-430F-BBF5-6221368ECAFB}: NameServer = 213.158.199.1 213.158.199.5
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files\blueconnect\AssistantServices.exe

--
End of file - 4524 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cb6d0419ab0048.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PowerS"=C:\WINDOWS\PowerS.exe [2001-08-03 159800]
"UIExec"=C:\Program Files\blueconnect\UIExec.exe [2009-04-07 132608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AtiTrayTools"=C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe [2007-05-22 521128]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
Remote Controller.lnk - C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE
SpeedFan.lnk - C:\Program Files\SpeedFan\speedfan.exe
TVSCHL.lnk - C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-02-25 155648]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 3 months======

2011-02-05 01:57:30 ----D---- C:\rsit
2011-02-05 01:57:30 ----D---- C:\Program Files\trend micro
2011-02-05 00:27:05 ----D---- C:\Documents and Settings\Bombadil\Dane aplikacji\Uniblue
2011-02-04 18:03:57 ----D---- C:\Documents and Settings\Bombadil\Dane aplikacji\Unity
2011-02-04 00:06:36 ----D---- C:\Program Files\SkanerOnline
2011-02-03 18:49:47 ----A---- C:\WINDOWS\TSCTNDBG.INI
2011-01-28 20:36:03 ----D---- C:\Program Files\Passware
2011-01-26 23:17:52 ----A---- C:\WINDOWS\ntbtlog.txt
2011-01-25 17:51:13 ----D---- C:\Program Files\tmp
2011-01-14 22:38:17 ----D---- C:\Program Files\Xvid
2011-01-10 22:21:57 ----D---- C:\Program Files\AC3Filter
2011-01-10 22:21:37 ----A---- C:\WINDOWS\unvise32.exe
2011-01-10 22:20:52 ----D---- C:\Program Files\DivX
2011-01-10 22:06:27 ----D---- C:\WINDOWS\pss
2011-01-10 19:19:46 ----D---- C:\Program Files\GordianKnot
2011-01-09 18:48:46 ----D---- C:\Documents and Settings\Bombadil\Dane aplikacji\Media Player Classic
2011-01-09 13:57:09 ----D---- C:\Program Files\AviSynth 2.5
2011-01-09 13:55:44 ----D---- C:\Program Files\Gabest
2011-01-09 13:55:09 ----D---- C:\Program Files\AutoGK
2011-01-04 20:39:56 ----D---- C:\WINDOWS\system32\NtmsData
2010-11-09 23:19:50 ----N---- C:\WINDOWS\Setup1.exe
2010-11-09 23:19:50 ----A---- C:\WINDOWS\ST6UNST.EXE
2010-11-09 23:17:57 ----D---- C:\WINDOWS\system32\appmgmt
2010-11-09 23:14:04 ----A---- C:\WINDOWS\system32\msvcr70.dll

======List of files/folders modified in the last 3 months======

2011-02-05 01:57:38 ----A---- C:\WINDOWS\TSNV_I2C.INI
2011-02-05 01:57:30 ----RD---- C:\Program Files
2011-02-05 01:56:12 ----A---- C:\WINDOWS\ModemLog_ZTE Proprietary USB Modem.txt
2011-02-05 01:40:52 ----D---- C:\Program Files\Mozilla Firefox
2011-02-05 01:33:35 ----D---- C:\WINDOWS\Temp
2011-02-05 01:32:47 ----D---- C:\WINDOWS
2011-02-05 01:32:47 ----A---- C:\WINDOWS\Tsctvfm.ini
2011-02-05 01:32:45 ----A---- C:\WINDOWS\TSCTV.INI
2011-02-05 01:32:39 ----D---- C:\Program Files\SpeedFan
2011-02-05 01:32:37 ----A---- C:\WINDOWS\IFOLDER.INI
2011-02-05 00:30:52 ----SHD---- C:\WINDOWS\Installer
2011-02-05 00:30:49 ----SD---- C:\WINDOWS\Tasks
2011-02-04 23:55:15 ----A---- C:\WINDOWS\WINCMD.INI
2011-02-04 23:54:16 ----SH---- C:\boot.ini
2011-02-04 23:54:16 ----A---- C:\WINDOWS\win.ini
2011-02-04 23:54:16 ----A---- C:\WINDOWS\system.ini
2011-02-04 22:25:46 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-04 17:52:08 ----D---- C:\WINDOWS\system32
2011-02-04 00:06:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-01-22 14:06:01 ----A---- C:\WINDOWS\NeroDigital.ini
2011-01-10 22:25:26 ----D---- C:\Program Files\ffdshow
2011-01-10 22:25:07 ----HD---- C:\WINDOWS\inf
2011-01-09 15:07:33 ----D---- C:\Program Files\DC++
2010-12-24 11:57:24 ----D---- C:\Program Files\Java
2010-11-12 18:53:20 ----A---- C:\WINDOWS\system32\javaws.exe
2010-11-12 18:53:19 ----A---- C:\WINDOWS\system32\javaw.exe
2010-11-12 18:53:18 ----A---- C:\WINDOWS\system32\java.exe
2010-11-12 18:53:06 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-11-09 23:04:10 ----D---- C:\Documents and Settings\Bombadil\Dane aplikacji\Ahead

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2004-04-02 21760]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 ohci1394;Kontroler hosta Texas Instruments IEEE 1394 zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R1 atitray;atitray; \??\C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys []
R1 HFSYS;HFSYS; \??\C:\WINDOWS\system32\drivers\HFSYS.SYS []
R1 tcpipBM;Bytemobile Kernel Network Provider; C:\WINDOWS\system32\drivers\tcpipBM.sys [2009-01-05 18816]
R2 BT878;BtCap, WDM Video Capture; C:\WINDOWS\system32\drivers\BT878.SYS [2003-03-26 99334]
R2 BTTUNER;BtTuner, WDM TV Tuner; C:\WINDOWS\system32\drivers\BTTUNER.SYS [2002-02-22 21824]
R2 BTXBAR;BtXBar, WDM Crossbar; C:\WINDOWS\system32\drivers\BTXBAR.SYS [2002-02-22 12796]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-25 3565568]
R3 atidgllk;atidgllk; \??\C:\Program Files\ABIT\ABIT vGuru\OCGuru\atidgllk.sys []
R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-11-22 250496]
R3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2009-01-04 104960]
R3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2009-01-12 105344]
R3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2009-01-04 104960]
S0 BMLoad;Bytemobile Boot Time Load Driver; C:\WINDOWS\system32\drivers\BMLoad.sys [2009-01-05 22528]
S3 btdrv;BT8x8 Driver for JTV; \??\E:\F\JTV\drivers\btdrv.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Bombadil\USTAWI~1\Temp\catchme.sys []
S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [2008-10-29 7680]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2002-04-09 39552]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-03 25600]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-25 602112]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-07-24 53248]
R2 UI Assistant Service;UI Assistant Service; C:\Program Files\blueconnect\AssistantServices.exe [2009-04-07 241664]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-25 593920]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-09 135664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]

-----------------EOF-----------------
[/log]

[log]
info.txt logfile of random's system information tool 1.08 2011-02-05 01:57:39

======Uninstall list======

-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNNMP.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABIT vGuru-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{42B29533-5870-11D7-AE26-009027144ECE}\Setup.exe" -l0x9
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A81200000003}
Agent Ransack Version 1.7.3-->"C:\Program Files\Mythicsoft\Agent Ransack\unins000.exe"
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Asterisk Key 10.0-->C:\Program Files\Passware\un-ariskkey.exe
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Auto Gordian Knot 2.55-->C:\Program Files\AutoGK\uninst.exe
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
blueconnect-->"C:\Program Files\InstallShield Installation Information\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}\setup.exe" -runfromtemp -l0x0015 -removeonly
Corel Applications-->C:\WINDOWS\Corel\Uninst32.exe
DC++ 0.707-->"C:\Program Files\DC++\uninstall.exe"
DivX Pro Codec-->C:\WINDOWS\unvise32.exe C:\Program Files\DivX\DivX Pro Bundle.log
ffdshow (remove only)-->"C:\Program Files\ffdshow\uninstall.exe"
ffdshow [rev 2031] [2008-07-02]-->"C:\Program Files\ffdshow\unins000.exe"
Gadu-Gadu 7.7-->C:\Program Files\Gadu-Gadu\Setup.exe
Google Earth-->MsiExec.exe /X{4286E640-B5FB-11DF-AC4B-005056C00008}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Gordian Knot Rip Pack 0.28.7-->C:\Program Files\GordianKnot\uninst.exe
Hide Folders XP 1.6 for Windows 2000/XP-->C:\Program Files\HFXP\hfxp.exe /u
Huffyuv AVI lossless video codec (Remove Only)-->rundll.exe setupx.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\HUFFYUV.INF
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
iuVCR-->"C:\Program Files\iuLAB\iuVCR\unins000.exe"
Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110415-6000-11D3-8CFE-0150048383C9}
Mozilla Firefox (3.0.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MultiRes (remove only)-->C:\Program Files\MultiRes\uninstal.exe
Nero Suite-->C:\Program Files\Common Files\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID=""
Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296}
Nokia PC Suite-->C:\Documents and Settings\All Users\Dane aplikacji\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_eng_us_web.exe
Nokia PC Suite-->MsiExec.exe /I{3D39E775-DDDA-4327-B747-0BDC5F191331}
NVIDIA Drivers-->C:\WINDOWS\system32\NVUIDE.EXE UninstallGUI
Oxygen Phone Manager II-->C:\PROGRA~1\Oxygen\OPM2\UNWISE.EXE C:\PROGRA~1\Oxygen\OPM2\INSTALL.LOG
Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 4.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_C08496D7A0050438DFE13C55799AE2D4157A8E7A\nokia_bluetooth.inf
Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.3)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_9C48E34C57B7D4AAE5FFF5FB9B476B538394FD30\nokbtmdm.inf
Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037}
PL-2303 USB-to-Serial-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFE0F631-6748-4A2F-A409-FA1A287D8075}\Setup.exe" -l0x9
PlayTV Pro-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Prolink\PlayTV Pro\DeIsL1.isu" -c"C:\Program Files\Prolink\PlayTV Pro\_ISREG32.DLL"
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Ray Adams ATI Tray Tools-->"C:\Program Files\Ray Adams\ATI Tray Tools\uninstall.exe"
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x15 -removeonly
Skaner on-line mks_vir-->C:\WINDOWS\system32\SkanerOnlineUninstall.exe
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
xp-AntiSpy 3.96-8-->C:\Program Files\xp-AntiSpy\Uninstall.exe
Xvid 1.2.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
XviD MPEG4 Video Codec (remove only)-->"C:\Program Files\XviD\xvid-uninstall.exe"

======System event log======

Computer Name: EIDOS-7C7F8C27B
Event Code: 62486
Message: Invalid parameters

Record Number: 12711
Source Name: ati2mtag
Time Written: 20110109230221.000000+060
Event Type: informacje
User:

Computer Name: EIDOS-7C7F8C27B
Event Code: 62486
Message: Invalid parameters

Record Number: 12710
Source Name: ati2mtag
Time Written: 20110109230221.000000+060
Event Type: informacje
User:

Computer Name: EIDOS-7C7F8C27B
Event Code: 62486
Message: Invalid parameters

Record Number: 12709
Source Name: ati2mtag
Time Written: 20110109230221.000000+060
Event Type: informacje
User:

Computer Name: EIDOS-7C7F8C27B
Event Code: 62486
Message: Invalid parameters

Record Number: 12708
Source Name: ati2mtag
Time Written: 20110109230221.000000+060
Event Type: informacje
User:

Computer Name: EIDOS-7C7F8C27B
Event Code: 62486
Message: Invalid parameters

Record Number: 12707
Source Name: ati2mtag
Time Written: 20110109230221.000000+060
Event Type: informacje
User:

=====Application event log=====

Computer Name: EIDOS-7C7F8C27B
Event Code: 101
Message: wuauclt (2360) Aparat bazy danych został zatrzymany.

Record Number: 6631
Source Name: ESENT
Time Written: 20110204193041.000000+060
Event Type: informacje
User:

Computer Name: EIDOS-7C7F8C27B
Event Code: 103
Message: wuaueng.dll (2360) SUS20ClientDataStore: Aparat bazy danych zatrzymał wystąpienie (0).

Record Number: 6630
Source Name: ESENT
Time Written: 20110204193041.000000+060
Event Type: informacje
User:

Computer Name: EIDOS-7C7F8C27B
Event Code: 102
Message: wuaueng.dll (2360) SUS20ClientDataStore: Aparat bazy danych uruchomił nowe wystąpienie (0).

Record Number: 6629
Source Name: ESENT
Time Written: 20110204192540.000000+060
Event Type: informacje
User:

Computer Name: EIDOS-7C7F8C27B
Event Code: 100
Message: wuauclt (2360) Aparat bazy danych 5.01.2600.2180 został uruchomiony.

Record Number: 6628
Source Name: ESENT
Time Written: 20110204192540.000000+060
Event Type: informacje
User:

Computer Name: EIDOS-7C7F8C27B
Event Code: 0
Message:
Record Number: 6627
Source Name: gupdate
Time Written: 20110204192519.000000+060
Event Type: informacje
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=2f00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
[/log]

Tomek01
komentarz
komentarz

[code]O20 - HKLM Winlogon: UserInit - (C:\Program Files\tLHWBJwy\hrqyiwve.exe) - File not found[/code]

Wejdź w Start/Uruchom/Regedit i odnajdź klucz:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Zapis powinien wyglądać tak: [b]C:\Windows\system32\userinit.exe,[/b] Wszystko pozostałe usuwasz.

Po tej operacji pokaż nowy log OTL oraz log z Gmer'a, poczytaj tematy przyklejone.

Tom_Bombadil
komentarz
komentarz

1. Witam!
2. Przeczyściłem rejestry
3. Log z OTL
[log]
OTL logfile created on: 2011-02-12 16:14:01 - Run 2
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Bombadil\Pulpit\Antywiry
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 023,00 Mb Total Physical Memory | 573,00 Mb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 131,12 Gb Free Space | 87,97% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 2,97 Gb Free Space | 7,96% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 66,96 Gb Free Space | 22,46% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 100,71 Gb Free Space | 33,79% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: EIDOS-7C7F8C27B | User Name: Bombadil | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-02-05 01:49:25 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bombadil\Pulpit\Antywiry\OTL.exe
PRC - [2010-11-12 18:53:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-02-09 18:24:47 | 000,135,664 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009-08-08 21:49:49 | 000,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-04-07 13:26:20 | 000,688,128 | ---- | M] () -- C:\Program Files\blueconnect\UIMain.exe
PRC - [2009-04-07 13:19:54 | 000,559,104 | ---- | M] () -- C:\Program Files\blueconnect\CMUpdater.exe
PRC - [2009-04-07 13:11:58 | 000,241,664 | ---- | M] () -- C:\Program Files\blueconnect\AssistantServices.exe
PRC - [2009-04-07 13:11:16 | 000,132,608 | ---- | M] () -- C:\Program Files\blueconnect\UIExec.exe
PRC - [2009-02-25 22:27:41 | 000,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2008-07-09 22:34:30 | 001,343,840 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe
PRC - [2008-04-22 08:59:28 | 003,287,552 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files\SpeedFan\speedfan.exe
PRC - [2007-05-22 10:04:58 | 000,521,128 | ---- | M] (Ray Adams) -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
PRC - [2005-07-24 22:35:00 | 000,053,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-03 23:44:26 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\notepad.exe
PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2004-08-03 23:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2002-04-08 10:37:14 | 000,118,784 | ---- | M] (TelSignal Co., Ltd.) -- C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE
PRC - [2001-11-23 17:50:36 | 000,102,400 | ---- | M] (TelSignal Co., Ltd.) -- C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE
PRC - [2001-08-03 16:56:22 | 000,159,800 | ---- | M] (prolink) -- C:\WINDOWS\PowerS.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-02-05 01:49:25 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bombadil\Pulpit\Antywiry\OTL.exe
MOD - [2007-04-16 20:42:38 | 000,274,432 | ---- | M] () -- C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2004-08-03 23:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2004-08-03 23:44:12 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2004-08-03 23:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2004-08-03 23:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2004-08-03 23:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-03 23:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2004-08-03 23:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-03 23:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2004-08-03 23:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2004-08-03 23:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-03 23:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2004-08-03 23:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2004-08-03 23:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-03 23:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2009-06-02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009-04-07 13:11:58 | 000,241,664 | ---- | M] () [Auto | Running] -- C:\Program Files\blueconnect\AssistantServices.exe -- (UI Assistant Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-02-25 23:58:57 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-02-09 08:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009-02-09 08:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009-02-09 08:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009-01-12 08:12:56 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009-01-05 08:59:54 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2009-01-04 16:29:50 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009-01-04 16:29:50 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008-10-29 15:35:32 | 000,007,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-05-22 10:04:54 | 000,018,088 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys -- (atitray)
DRV - [2006-11-22 07:01:00 | 000,250,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006-09-24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004-06-16 13:34:00 | 000,004,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\ABIT\ABIT vGuru\OCGuru\atidgllk.sys -- (atidgllk)
DRV - [2004-06-03 09:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2004-04-02 14:40:00 | 000,021,760 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2004-01-11 23:34:38 | 000,019,732 | ---- | M] (FSPro Labs) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\hfsys.sys -- (HFSYS)
DRV - [2003-03-26 21:48:52 | 000,099,334 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BT878.SYS -- (BT878)
DRV - [2002-04-09 17:44:22 | 000,039,552 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2002-02-22 12:36:16 | 000,021,824 | ---- | M] (TelSignal Co., Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Bttuner.sys -- (BTTUNER)
DRV - [2002-02-22 12:36:14 | 000,012,796 | ---- | M] (TelSignal Co., Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Btxbar.sys -- (BTXBAR)
DRV - [2000-01-30 16:33:18 | 000,014,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\F\JTV\Drivers\BTDRV.SYS -- (btdrv)
DRV - [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-220523388-507921405-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-220523388-507921405-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: ff-bmboc@bytemobile.com:4.1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.713
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - HKLM\software\mozilla\Firefox\extensions\\ff-bmboc@bytemobile.com: C:\Program Files\blueconnect\addon [2009-10-22 21:58:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-11-03 20:18:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-01-22 18:45:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-04-19 21:32:09 | 000,000,000 | ---D | M]

[2009-08-07 20:32:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bombadil\Dane aplikacji\Mozilla\Extensions
[2009-08-07 20:32:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bombadil\Dane aplikacji\Mozilla\Firefox\Profiles\bvacvhbc.default\extensions
[2011-02-11 13:21:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-04-19 21:32:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-10-28 18:40:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010-12-24 11:57:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2009-10-22 21:58:44 | 000,000,000 | ---D | M] (Bytemobile Optimization Client) -- C:\PROGRAM FILES\BLUECONNECT\ADDON
[2010-04-19 21:32:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009-11-03 20:18:06 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC
[2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009-08-08 21:49:53 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-08-08 21:49:53 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-08-08 21:49:53 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-08-08 21:49:53 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-08-08 21:49:53 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-08-08 21:49:53 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [PowerS] C:\WINDOWS\PowerS.exe (prolink)
O4 - HKLM..\Run: [UIExec] C:\Program Files\blueconnect\UIExec.exe ()
O4 - HKU\S-1-5-21-220523388-507921405-839522115-1003..\Run: [AtiTrayTools] C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe (Ray Adams)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Remote Controller.lnk = C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE (TelSignal Co., Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TVSCHL.lnk = C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE (TelSignal Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-220523388-507921405-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-220523388-507921405-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-220523388-507921405-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-220523388-507921405-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Bombadil\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bombadil\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-08-07 12:28:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-02-05 01:57:30 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011-02-05 01:57:30 | 000,000,000 | ---D | C] -- C:\rsit
[2011-02-05 00:27:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Dane aplikacji\Uniblue
[2011-02-05 00:26:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Ustawienia lokalne\Dane aplikacji\PackageAware
[2011-02-04 18:03:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Dane aplikacji\Unity
[2011-02-04 17:49:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Ustawienia lokalne\Dane aplikacji\Unity
[2011-02-04 00:06:36 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2011-01-28 20:57:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Pulpit\Antywiry
[2011-01-28 20:36:03 | 000,000,000 | ---D | C] -- C:\Program Files\Passware
[2011-01-28 20:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Menu Start\Programy\Passware
[2011-01-25 17:51:13 | 000,000,000 | ---D | C] -- C:\Program Files\tmp
[2011-01-24 21:58:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Pulpit\Szanty
[2011-01-14 23:12:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Menu Start\Programy\AviSynth 2.5
[2011-01-14 23:09:57 | 004,182,178 | ---- | C] (The Public) -- C:\Documents and Settings\Bombadil\Pulpit\Avisynth_258.exe
[2011-01-14 22:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2011-01-14 22:36:51 | 000,652,794 | ---- | C] (Xvid team ) -- C:\Documents and Settings\Bombadil\Pulpit\Xvid-1.2.2-07062009.exe
[2011-01-10 22:21:57 | 000,000,000 | ---D | C] -- C:\Program Files\AC3Filter
[2011-01-10 22:21:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Menu Start\Programy\AC3Filter
[2011-01-10 22:21:37 | 000,086,016 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe
[2011-01-10 22:21:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\DivX
[2011-01-10 22:20:52 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011-01-10 22:06:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011-01-10 19:19:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gordian Knot
[2011-01-10 19:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\GordianKnot
[2011-01-09 18:48:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Dane aplikacji\Media Player Classic
[2011-01-09 13:57:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\XviD
[2011-01-09 13:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2011-01-09 13:57:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AviSynth 2.5
[2011-01-09 13:55:44 | 000,000,000 | ---D | C] -- C:\Program Files\Gabest
[2011-01-09 13:55:09 | 000,000,000 | ---D | C] -- C:\Program Files\AutoGK
[2011-01-09 13:55:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AutoGK
[2011-01-09 13:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Pulpit\Nowy folder (2)
[2011-01-04 20:42:44 | 001,425,408 | ---- | C] (CPUID) -- C:\Documents and Settings\Bombadil\Pulpit\cpuz_1.46.exe
[2011-01-04 20:39:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010-12-27 19:01:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Moje dokumenty\ERA faktury
[2010-12-19 21:01:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bombadil\Pulpit\Zdjęcia - porównanie
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-02-12 16:15:34 | 000,000,109 | ---- | M] () -- C:\WINDOWS\TSNV_I2C.INI
[2011-02-12 10:14:17 | 000,020,250 | ---- | M] () -- C:\WINDOWS\Tsctvfm.ini
[2011-02-12 10:14:17 | 000,002,298 | ---- | M] () -- C:\WINDOWS\TSCTNDBG.INI
[2011-02-12 10:14:12 | 000,001,417 | ---- | M] () -- C:\WINDOWS\TSCTV.INI
[2011-02-12 10:14:01 | 000,000,129 | ---- | M] () -- C:\WINDOWS\IFOLDER.INI
[2011-02-12 10:13:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-02-11 23:58:12 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Bombadil\NTUSER.DAT
[2011-02-11 23:58:12 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Bombadil\ntuser.ini
[2011-02-04 23:55:15 | 000,001,060 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2011-02-04 23:54:16 | 000,000,645 | ---- | M] () -- C:\WINDOWS\win.ini
[2011-02-04 23:54:16 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2011-02-04 23:54:16 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011-02-04 19:41:42 | 001,491,894 | ---- | M] () -- C:\Documents and Settings\Bombadil\Pulpit\4.02.2011-19.41.bmp
[2011-02-04 17:52:08 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-02-03 10:17:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-01-28 20:35:50 | 000,463,842 | ---- | M] () -- C:\Documents and Settings\Bombadil\Pulpit\ariskkey.exe
[2011-01-22 14:06:01 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011-01-17 21:34:00 | 000,006,013 | ---- | M] () -- C:\Documents and Settings\Bombadil\Pulpit\173512_100000770112355_178014_n.jpg
[2011-01-14 23:11:03 | 004,182,178 | ---- | M] (The Public) -- C:\Documents and Settings\Bombadil\Pulpit\Avisynth_258.exe
[2011-01-14 22:37:10 | 000,652,794 | ---- | M] (Xvid team ) -- C:\Documents and Settings\Bombadil\Pulpit\Xvid-1.2.2-07062009.exe
[2011-01-12 13:44:22 | 000,000,519 | ---- | M] () -- C:\Documents and Settings\Bombadil\Pulpit\Skrót do Teletubbies.lnk
[2010-12-21 23:39:46 | 002,987,604 | ---- | M] () -- C:\Documents and Settings\Bombadil\Pulpit\Wolna Grupa Bukowina - Piosenka Wiosenna.mp3
[2010-12-21 18:33:40 | 000,142,848 | ---- | M] () -- C:\Documents and Settings\Bombadil\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-02-04 19:41:42 | 001,491,894 | ---- | C] () -- C:\Documents and Settings\Bombadil\Pulpit\4.02.2011-19.41.bmp
[2011-02-03 18:49:47 | 000,002,298 | ---- | C] () -- C:\WINDOWS\TSCTNDBG.INI
[2011-01-28 20:35:44 | 000,463,842 | ---- | C] () -- C:\Documents and Settings\Bombadil\Pulpit\ariskkey.exe
[2011-01-26 16:20:52 | 069,378,048 | ---- | C] () -- C:\Documents and Settings\Bombadil\Pulpit\Kot Filemon - Ach Te Myszy.avi
[2011-01-23 21:40:40 | 000,097,042 | ---- | C] () -- C:\Documents and Settings\Bombadil\Pulpit\Projekt powykonawczy.cdr
[2011-01-17 21:33:59 | 000,006,013 | ---- | C] () -- C:\Documents and Settings\Bombadil\Pulpit\173512_100000770112355_178014_n.jpg
[2011-01-16 11:12:09 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-01-14 22:38:17 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
[2011-01-10 22:21:57 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.cpl
[2010-12-21 23:39:02 | 002,987,604 | ---- | C] () -- C:\Documents and Settings\Bombadil\Pulpit\Wolna Grupa Bukowina - Piosenka Wiosenna.mp3
[2010-12-19 15:52:44 | 000,000,519 | ---- | C] () -- C:\Documents and Settings\Bombadil\Pulpit\Skrót do Teletubbies.lnk
[2009-10-17 17:21:42 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-10-17 17:20:51 | 000,142,848 | ---- | C] () -- C:\Documents and Settings\Bombadil\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-08-11 18:34:05 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009-08-09 21:23:40 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-08-09 21:10:16 | 000,112,688 | ---- | C] () -- C:\WINDOWS\System32\shw32.dll
[2009-08-09 11:21:03 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2009-08-09 08:36:40 | 000,001,060 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2009-08-08 11:44:03 | 000,018,768 | ---- | C] () -- C:\Documents and Settings\Bombadil\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-08-08 09:02:20 | 000,000,129 | ---- | C] () -- C:\WINDOWS\IFOLDER.INI
[2009-08-07 21:30:19 | 000,018,455 | ---- | C] () -- C:\WINDOWS\TSCTVMSG.INI
[2009-08-07 21:30:19 | 000,010,765 | ---- | C] () -- C:\WINDOWS\TSCTVDIV.INI
[2009-08-07 21:30:19 | 000,000,459 | ---- | C] () -- C:\WINDOWS\TSCFM.INI
[2009-08-07 21:18:40 | 000,000,050 | ---- | C] () -- C:\WINDOWS\PIXELTV.INI
[2009-08-07 21:11:29 | 000,000,109 | ---- | C] () -- C:\WINDOWS\TSNV_I2C.INI
[2009-08-07 21:09:59 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\DTVdrv.dll
[2009-08-07 21:09:59 | 000,020,250 | ---- | C] () -- C:\WINDOWS\Tsctvfm.ini
[2009-08-07 21:09:59 | 000,012,188 | ---- | C] () -- C:\WINDOWS\System32\DTVdrvNT.sys
[2009-08-07 21:09:59 | 000,001,417 | ---- | C] () -- C:\WINDOWS\TSCTV.INI
[2009-08-07 21:02:39 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-08-07 21:02:39 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-08-07 19:31:52 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2009-08-07 19:31:43 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009-08-07 14:13:19 | 000,763,990 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-08-07 14:13:18 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009-08-07 14:12:49 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2009-08-07 12:35:45 | 003,170,190 | -H-- | C] () -- C:\Documents and Settings\Bombadil\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-08-07 12:28:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2009-08-07 12:25:19 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2009-08-07 12:25:19 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2009-08-07 12:24:38 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2009-08-07 12:24:37 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2009-01-25 22:10:48 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-01-09 00:01:22 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004-08-03 23:44:10 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2004-08-03 23:44:04 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2004-08-03 23:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004-08-03 23:43:58 | 000,186,368 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2004-08-03 23:43:56 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll
[2004-08-03 23:43:54 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2004-08-03 23:43:16 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2004-08-03 21:46:56 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2004-08-03 21:45:34 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2004-08-03 21:45:16 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2004-08-03 21:45:16 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2004-08-03 21:45:14 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2004-08-03 21:45:12 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2004-07-17 10:46:14 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2004-07-17 10:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2002-10-15 23:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2001-10-26 18:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2001-10-26 18:29:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2001-10-26 18:29:32 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2001-10-26 18:28:34 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2001-10-26 18:27:02 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2001-10-26 17:15:04 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2001-10-26 17:14:52 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2001-10-26 17:14:32 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2001-10-26 17:12:52 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2001-10-26 16:45:26 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2001-10-26 16:45:26 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2001-10-26 16:45:24 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2001-10-26 16:42:08 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2001-10-26 16:42:08 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2001-10-26 16:42:08 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2001-10-26 16:42:08 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2001-08-17 22:31:56 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2001-08-17 22:31:56 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2001-08-17 22:31:50 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2001-08-17 22:31:46 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2001-08-17 22:31:46 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2001-08-17 22:31:44 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2001-08-17 22:13:24 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2001-08-17 20:55:06 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2001-07-22 03:25:18 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2001-07-21 23:16:20 | 000,000,645 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-21 23:15:52 | 000,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2001-07-21 23:15:50 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2009-11-03 20:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-11-03 20:20:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2010-09-24 14:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bombadil\Dane aplikacji\BESTplayer
[2009-08-09 10:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bombadil\Dane aplikacji\Gadu-Gadu
[2009-11-03 20:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bombadil\Dane aplikacji\Nokia
[2009-11-03 20:23:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bombadil\Dane aplikacji\PC Suite
[2009-10-22 21:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bombadil\Dane aplikacji\Program Files
[2011-02-05 00:27:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bombadil\Dane aplikacji\Uniblue
[2011-02-04 18:03:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bombadil\Dane aplikacji\Unity

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-08-07 12:28:39 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-02-04 23:54:16 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-21 23:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-01-17 23:25:07 | 000,006,628 | ---- | M] () -- C:\ComboFix.txt
[2009-08-07 12:28:39 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-08-09 07:52:29 | 000,000,010 | ---- | M] () -- C:\csb.log
[2009-08-07 12:28:39 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011-02-04 18:40:08 | 000,041,613 | ---- | M] () -- C:\mksbasel.cpp.log
[2009-08-07 12:28:39 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-09-04 21:11:39 | 000,007,070 | ---- | M] () -- C:\NetworkCfg.xml
[2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004-08-03 21:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr
[2011-02-12 10:13:42 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys
[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe

< End of report >
[/log]
i drugi
[log]
OTL Extras logfile created on: 2011-02-12 16:14:01 - Run 2
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Bombadil\Pulpit\Antywiry
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 023,00 Mb Total Physical Memory | 573,00 Mb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 131,12 Gb Free Space | 87,97% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 2,97 Gb Free Space | 7,96% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 66,96 Gb Free Space | 22,46% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 100,71 Gb Free Space | 33,79% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: EIDOS-7C7F8C27B | User Name: Bombadil | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-220523388-507921405-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{42B29533-5870-11D7-AE26-009027144ECE}" = ABIT vGuru
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{64D5E9DE-7890-4FB0-8865-8B24BE1773F7}" = LightScribe 1.4.42.1
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = blueconnect
"{AC76BA86-7AD7-1045-7B44-A81200000003}" = Adobe Reader 8 - Polish
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{EFE0F631-6748-4A2F-A409-FA1A287D8075}" = PL-2303 USB-to-Serial
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agent Ransack_is1" = Agent Ransack Version 1.7.3
"asterisk key" = Asterisk Key 10.0
"ATI Display Driver" = ATI Display Driver
"AutoGK" = Auto Gordian Knot 2.55
"AviSynth" = AviSynth 2.5
"Corel Applications" = Corel Applications
"DC++" = DC++ 0.707
"DivX Codec" = DivX Pro Codec
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 4.1)
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.3)
"ffdshow" = ffdshow (remove only)
"ffdshow_is1" = ffdshow [rev 2031] [2008-07-02]
"Gadu-Gadu" = Gadu-Gadu 7.7
"Gordian Knot" = Gordian Knot Rip Pack 0.28.7
"Hide Folders XP_is1" = Hide Folders XP 1.6 for Windows 2000/XP
"HUFFYUV" = Huffyuv AVI lossless video codec (Remove Only)
"IrfanView" = IrfanView (remove only)
"iuVCR_is1" = iuVCR
"Mozilla Firefox (3.0.13)" = Mozilla Firefox (3.0.13)
"MultiRes (remove only)" = MultiRes (remove only)
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Oxygen Phone Manager II" = Oxygen Phone Manager II
"PlayTV Pro" = PlayTV Pro
"rayatitray" = Ray Adams ATI Tray Tools
"SkanerOnline" = Skaner on-line mks_vir
"SpeedFan" = SpeedFan (remove only)
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"WinRAR archiver" = Archiwizator WinRAR
"xp-AntiSpy" = xp-AntiSpy 3.96-8
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Xvid_is1" = Xvid 1.2.2 final uninstall

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-220523388-507921405-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-01-11 17:56:10 | Computer Name = EIDOS-7C7F8C27B | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bestplayer2.04.exe, wersja 2.1.0.263, moduł
powodujący błąd xvid.dll, wersja 0.0.0.0, adres błędu 0x00049d67.

Error - 2011-01-11 17:56:23 | Computer Name = EIDOS-7C7F8C27B | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bestplayer2.04.exe, wersja 2.1.0.263, moduł
powodujący błąd xvid.dll, wersja 0.0.0.0, adres błędu 0x00049d67.

Error - 2011-01-13 06:49:20 | Computer Name = EIDOS-7C7F8C27B | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bestplayer2.04.exe, wersja 2.1.0.263, moduł
powodujący błąd xvid.dll, wersja 0.0.0.0, adres błędu 0x00049d67.

Error - 2011-01-14 17:33:12 | Computer Name = EIDOS-7C7F8C27B | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bestplayer2.04.exe, wersja 2.1.0.263, moduł
powodujący błąd xvid.dll, wersja 0.0.0.0, adres błędu 0x00049d67.

Error - 2011-01-14 17:33:20 | Computer Name = EIDOS-7C7F8C27B | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bestplayer2.04.exe, wersja 2.1.0.263, moduł
powodujący błąd xvid.dll, wersja 0.0.0.0, adres błędu 0x00049d67.

Error - 2011-01-14 17:33:23 | Computer Name = EIDOS-7C7F8C27B | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bestplayer2.04.exe, wersja 2.1.0.263, moduł
powodujący błąd xvid.dll, wersja 0.0.0.0, adres błędu 0x00049d67.

Error - 2011-01-14 17:33:42 | Computer Name = EIDOS-7C7F8C27B | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bestplayer2.04.exe, wersja 2.1.0.263, moduł
powodujący błąd xvid.dll, wersja 0.0.0.0, adres błędu 0x00049d67.

Error - 2011-02-04 15:17:35 | Computer Name = EIDOS-7C7F8C27B | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to 800706BF z w wierszu 44 z d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą

Error - 2011-02-04 20:38:57 | Computer Name = EIDOS-7C7F8C27B | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd ocguru.exe, wersja 1.0.5.0, moduł powodujący
błąd ocguru.exe, wersja 1.0.5.0, adres błędu 0x0005c732.

[ System Events ]
Error - 2011-02-04 15:16:54 | Computer Name = EIDOS-7C7F8C27B | Source = Service Control Manager | ID = 7031
Description = Usługa Zdalne wywoływanie procedur (RPC) niespodziewanie zakończyła
pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca
czynność korekcyjna: Uruchom ponownie komputer.

Error - 2011-02-04 15:21:02 | Computer Name = EIDOS-7C7F8C27B | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi
EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2011-02-04 15:22:21 | Computer Name = EIDOS-7C7F8C27B | Source = Service Control Manager | ID = 7001
Description = Usługa Klient DHCP zależy od usługi NetBios przez TCP/IP, której nie
można uruchomić z powodu następującego błędu: %%31

Error - 2011-02-04 15:22:21 | Computer Name = EIDOS-7C7F8C27B | Source = Service Control Manager | ID = 7001
Description = Usługa Klient DNS zależy od usługi Sterownik protokołu TCP/IP, której
nie można uruchomić z powodu następującego błędu: %%31

Error - 2011-02-04 15:22:21 | Computer Name = EIDOS-7C7F8C27B | Source = Service Control Manager | ID = 7001
Description = Usługa Pomoc TCP/IP NetBIOS zależy od usługi AFD, której nie można
uruchomić z powodu następującego błędu: %%31

Error - 2011-02-04 15:22:21 | Computer Name = EIDOS-7C7F8C27B | Source = Service Control Manager | ID = 7001
Description = Usługa Usługi IPSEC zależy od usługi Sterownik IPSEC, której nie można
uruchomić z powodu następującego błędu: %%31

Error - 2011-02-04 15:22:21 | Computer Name = EIDOS-7C7F8C27B | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: AFD atitray Fips HFSYS IPSec MRxSmb NetBIOS NetBT Processor RasAcd Rdbss Tcpip
tcpipBM

Error - 2011-02-04 15:22:55 | Computer Name = EIDOS-7C7F8C27B | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi
EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2011-02-08 16:59:26 | Computer Name = EIDOS-7C7F8C27B | Source = System Error | ID = 1003
Description = Kod błędu 1000008e, parametr 1 c0000005, parametr 2 f72eaa02, parametr
3 f570794c, parametr 4 00000000.

Error - 2011-02-09 18:02:17 | Computer Name = EIDOS-7C7F8C27B | Source = System Error | ID = 1003
Description = Kod błędu 1000008e, parametr 1 c0000005, parametr 2 f55f6a02, parametr
3 f56f794c, parametr 4 00000000.


< End of report >
[/log]
oraz z Gmera (2 logi delikatnie różniące się od siebie, gdyż za Chiny Ludowe nie byłem w stanie zrobić skana wszystkich czterech partycji za jednym razem, ponieważ komputer się wywalał albo restartował a trwało to makabrycznie długo)
[log]
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-02-09 22:05:52
Windows 5.1.2600 Dodatek Service Pack 2 Harddisk0\DR0 -> \Device\00000060 ST3160023A rev.8.01
Running: z5ffhdbj.exe; Driver: C:\DOCUME~1\Bombadil\USTAWI~1\Temp\fgnoapoc.sys


---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xF38D2000, 0x1C5D58, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\blueconnect\UIMain.exe[112] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00D15AF0 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text C:\Program Files\SpeedFan\speedfan.exe[1940] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10005AF0 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text C:\Program Files\blueconnect\CMUpdater.exe[2240] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00AD5AF0 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text C:\Documents and Settings\Bombadil\Pulpit\Antywiry\z5ffhdbj.exe[2628] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10005AF0 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] [F7874FE6] BMLoad.sys (Bytemobile Kernel Driver Loader/Bytemobile, Inc.)
IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] [F7874FE6] BMLoad.sys (Bytemobile Kernel Driver Loader/Bytemobile, Inc.)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Tcp tcpipBM.SYS (Bytemobile Kernel Network Provider/Bytemobile, Inc.)

---- EOF - GMER 1.0.15 ----
[/log]
drugi
[log]
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-02-10 05:37:25
Windows 5.1.2600 Dodatek Service Pack 2 Harddisk0\DR0 -> \Device\00000060 ST3160023A rev.8.01
Running: z5ffhdbj.exe; Driver: C:\DOCUME~1\Bombadil\USTAWI~1\Temp\fgnoapoc.sys


---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xF38D2000, 0x1C5D58, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE[248] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00B35AF0 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text C:\Program Files\SpeedFan\speedfan.exe[268] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10005AF0 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text C:\Program Files\Prolink\PlayTV Pro\TVSCHL.EXE[280] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10005AF0 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text C:\Program Files\blueconnect\UIMain.exe[384] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00D15AF0 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text C:\Program Files\blueconnect\UIExec.exe[2040] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10005AF0 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text ...

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] [F7874FE6] BMLoad.sys (Bytemobile Kernel Driver Loader/Bytemobile, Inc.)
IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] [F7874FE6] BMLoad.sys (Bytemobile Kernel Driver Loader/Bytemobile, Inc.)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Tcp tcpipBM.SYS (Bytemobile Kernel Network Provider/Bytemobile, Inc.)

---- EOF - GMER 1.0.15 ----
[/log]
i gmer usługi
[log]
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-02-12 10:32:58
Windows 5.1.2600 Dodatek Service Pack 2
Running: z5ffhdbj.exe; Driver: C:\DOCUME~1\Bombadil\USTAWI~1\Temp\fgnoapoc.sys


---- Services - GMER 1.0.15 ----

Service [DISABLED] Abiosdsk
Service [DISABLED] abp480n5
Service C:\WINDOWS\system32\DRIVERS\ACPI.sys (Sterownik ACPI dla systemu NT/Microsoft Corporation) [BOOT] ACPI
Service (Sterownik kontrolera osadzonego interfejsu ACPI/Microsoft Corporation) [DISABLED] ACPIEC
Service [DISABLED] adpu160m
Service C:\WINDOWS\system32\drivers\aec.sys (Microsoft Acoustic Echo Canceller/Microsoft Corporation) [MANUAL] aec
Service C:\WINDOWS\System32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) [SYSTEM] AFD
Service [DISABLED] Aha154x
Service [DISABLED] aic78u2
Service [DISABLED] aic78xx
Service C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek AC'97 Audio Driver (WDM)/Realtek Semiconductor Corp.) [MANUAL] ALCXWDM
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Alerter
Service C:\WINDOWS\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) [MANUAL] ALG
Service [DISABLED] AliIde
Service [DISABLED] amsint
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] AppMgmt
Service C:\WINDOWS\system32\DRIVERS\arp1394.sys (IP/1394 Arp Client/Microsoft Corporation) [MANUAL] Arp1394
Service [DISABLED] asc
Service [DISABLED] asc3350p
Service [DISABLED] asc3550
Service C:\WINDOWS\system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac
Service C:\WINDOWS\system32\DRIVERS\atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) [BOOT] atapi
Service [DISABLED] Atdisk
Service C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) [AUTO] Ati HotKey Poller
Service C:\WINDOWS\system32\ati2sgag.exe [AUTO] ATI Smart
Service C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Radeon WindowsNT Miniport Driver/ATI Technologies Inc.) [MANUAL] ati2mtag
Service C:\Program Files\ABIT\ABIT vGuru\OCGuru\atidgllk.sys (ATI Diagnostics Hardware Abstraction Sys/ATI Technologies Inc.) [MANUAL] atidgllk
Service Atierecord
Service C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [SYSTEM] atitray
Service C:\WINDOWS\system32\DRIVERS\atmarpc.sys (IP/ATM Arp Client/Microsoft Corporation) [MANUAL] Atmarpc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] AudioSrv
Service C:\WINDOWS\system32\DRIVERS\audstub.sys (AudStub Driver/Microsoft Corporation) [MANUAL] audstub
Service BattC
Service (BEEP Driver/Microsoft Corporation) [SYSTEM] Beep
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] BITS
Service C:\WINDOWS\system32\drivers\BMLoad.sys (Bytemobile Kernel Driver Loader/Bytemobile, Inc.) [BOOT] BMLoad
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Browser
Service C:\WINDOWS\system32\drivers\BT878.SYS (WDM Video Capture Driver/Windows (R) 2000 DDK provider) [AUTO] BT878
Service E:\F\JTV\drivers\btdrv.sys [MANUAL] btdrv
Service C:\WINDOWS\system32\drivers\BTTUNER.SYS (BTTUNER, BT878 WDM Tuner/TelSignal Co., Ltd.) [AUTO] BTTUNER
Service C:\WINDOWS\system32\drivers\BTXBAR.SYS (BTXBAR, BT878 WDM CrossBar/TelSignal Co., Ltd.) [AUTO] BTXBAR
Service C:\DOCUME~1\Bombadil\USTAWI~1\Temp\catchme.sys [MANUAL] catchme
Service (CardBus/PCMCIA IDE Miniport Driver/Microsoft Corporation) [DISABLED] cbidf2k
Service C:\WINDOWS\system32\DRIVERS\CCDECODE.sys (WDM Closed Caption VBI Codec/Microsoft Corporation) [MANUAL] CCDECODE
Service [DISABLED] cd20xrnt
Service (CD-ROM Audio Filter Driver/Microsoft Corporation) [SYSTEM] Cdaudio
Service (CD-ROM File System Driver/Microsoft Corporation) [DISABLED] Cdfs
Service C:\WINDOWS\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) [SYSTEM] Cdrom
Service [SYSTEM] Changer
Service C:\WINDOWS\system32\cisvc.exe (Content Index service/Microsoft Corporation) [MANUAL] CiSvc
Service C:\WINDOWS\system32\clipsrv.exe (Windows NT DDE Server/Microsoft Corporation) [MANUAL] ClipSrv
Service [DISABLED] CmdIde
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] COMSysApp
Service ContentFilter
Service ContentIndex
Service [DISABLED] Cpqarray
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] CryptSvc
Service [DISABLED] dac2w2k
Service [DISABLED] dac960nt
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] DcomLaunch
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dhcp
Service C:\WINDOWS\system32\DRIVERS\disk.sys (PnP Disk Driver/Microsoft Corporation) [BOOT] Disk
Service C:\WINDOWS\System32\dmadmin.exe (Proces usługi Menedżera dysków logicznych/Microsoft Corp., Veritas Software) [MANUAL] dmadmin
Service C:\WINDOWS\System32\drivers\dmboot.sys (Sterownik uruchamiania Menedżera dysków NT/Microsoft Corp., Veritas Software) [DISABLED] dmboot
Service C:\WINDOWS\System32\drivers\dmio.sys (Sterownik We/Wy menedżera dysków NT/Microsoft Corp., Veritas Software) [BOOT] dmio
Service C:\WINDOWS\System32\drivers\dmload.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software.) [BOOT] dmload
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] dmserver
Service C:\WINDOWS\system32\drivers\DMusic.sys (Microsoft Kernel DLS Synthesizer/Microsoft Corporation) [MANUAL] DMusic
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dnscache
Service [DISABLED] dpti2o
Service C:\WINDOWS\system32\drivers\drmkaud.sys (Microsoft Kernel DRM Audio Descrambler Filter/Microsoft Corporation) [MANUAL] drmkaud
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ERSvc
Service C:\WINDOWS\system32\services.exe (Usługi i aplikacja Kontroler/Microsoft Corporation) [AUTO] Eventlog
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] EventSystem
Service (Fast FAT File System Driver/Microsoft Corporation) [DISABLED] Fastfat
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] FastUserSwitchingCompatibility
Service C:\WINDOWS\system32\DRIVERS\fdc.sys (Floppy Disk Controller Driver/Microsoft Corporation) [MANUAL] Fdc
Service (Sterownik kryptografii FIPS/Microsoft Corporation) [SYSTEM] Fips
Service C:\WINDOWS\system32\DRIVERS\flpydisk.sys (Floppy Driver/Microsoft Corporation) [MANUAL] Flpydisk
Service C:\WINDOWS\system32\DRIVERS\fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) [BOOT] FltMgr
Service (File System Recognizer Driver/Microsoft Corporation) [SYSTEM] Fs_Rec
Service C:\WINDOWS\system32\DRIVERS\ftdisk.sys (Sterownik dysku FT/Microsoft Corporation) [BOOT] Ftdisk
Service C:\WINDOWS\system32\DRIVERS\gameenum.sys (Game Port Enumerator/Microsoft Corporation) [MANUAL] gameenum
Service C:\WINDOWS\system32\giveio.sys [BOOT] giveio
Service C:\WINDOWS\system32\DRIVERS\msgpc.sys (MS General Packet Classifier/Microsoft Corporation) [MANUAL] Gpc
Service C:\Program Files\Google\Update\GoogleUpdate.exe (Google Installer/Google Inc.) [AUTO] gupdate
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] helpsvc
Service C:\WINDOWS\system32\drivers\HFSYS.SYS (Hide Folders XP driver/FSPro Labs) [SYSTEM] HFSYS
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] HidServ
Service [DISABLED] hpn
Service C:\WINDOWS\System32\Drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) [MANUAL] HTTP
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] HTTPFilter
Service [SYSTEM] i2omgmt
Service [DISABLED] i2omp
Service C:\WINDOWS\system32\DRIVERS\i8042prt.sys (Sterownik portu i8042/Microsoft Corporation) [SYSTEM] i8042prt
Service C:\WINDOWS\system32\DRIVERS\imapi.sys (IMAPI Kernel Driver/Microsoft Corporation) [SYSTEM] Imapi
Service C:\WINDOWS\system32\imapi.exe (Image Mastering API/Microsoft Corporation) [MANUAL] ImapiService
Service inetaccs
Service [DISABLED] ini910u
Service Inport
Service [DISABLED] IntelIde
Service C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys (IPv6 Windows Firewall Driver/Microsoft Corporation) [MANUAL] Ip6Fw
Service C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation) [MANUAL] IpFilterDriver
Service C:\WINDOWS\system32\DRIVERS\ipinip.sys (IP in IP Encapsulation Driver/Microsoft Corporation) [MANUAL] IpInIp
Service C:\WINDOWS\system32\DRIVERS\ipnat.sys (IP Network Address Translator/Microsoft Corporation) [MANUAL] IpNat
Service C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec Driver/Microsoft Corporation) [SYSTEM] IPSec
Service C:\WINDOWS\system32\DRIVERS\irenum.sys (Infra-Red Bus Enumerator/Microsoft Corporation) [MANUAL] IRENUM
Service ISAPISearch
Service C:\WINDOWS\system32\DRIVERS\isapnp.sys (Sterownik magistrali ISA PNP/Microsoft Corporation) [BOOT] isapnp
Service C:\Program Files\Java\jre6\bin\jqs.exe (Java(TM) Quick Starter Service/Sun Microsystems, Inc.) [AUTO] JavaQuickStarterService
Service C:\WINDOWS\system32\DRIVERS\kbdclass.sys (Sterownik klasy klawiatury/Microsoft Corporation) [SYSTEM] Kbdclass
Service C:\WINDOWS\system32\drivers\kmixer.sys (Kernel Mode Audio Mixer/Microsoft Corporation) [MANUAL] kmixer
Service (Kernel Security Support Provider Interface/Microsoft Corporation) [BOOT] KSecDD
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] lanmanserver
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] lanmanworkstation
Service [SYSTEM] lbrtfdc
Service ldap
Service LicenseService
Service C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company) [AUTO] LightScribeService
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] LmHosts
Service C:\WINDOWS\system32\drivers\massfilter.sys (ZTE CDROM Filter/ZTE Incorporated) [MANUAL] massfilter
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Messenger
Service (Frame buffer simulator/Microsoft Corporation) [SYSTEM] mnmdd
Service C:\WINDOWS\system32\mnmsrvc.exe (Zdalne udostępnianie pulpitu NetMeeting/Microsoft Corporation) [MANUAL] mnmsrvc
Service (Sterownik modemu/Microsoft Corporation) [MANUAL] Modem
Service C:\WINDOWS\system32\DRIVERS\mouclass.sys (Sterownik klasy myszy/Microsoft Corporation) [SYSTEM] Mouclass
Service (Mount Manager/Microsoft Corporation) [BOOT] MountMgr
Service [DISABLED] mraid35x
Service C:\WINDOWS\system32\DRIVERS\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV
Service C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [SYSTEM] MRxSmb
Service C:\WINDOWS\system32\msdtc.exe (MS DTC console program/Microsoft Corporation) [MANUAL] MSDTC
Service (Mailslot driver/Microsoft Corporation) [SYSTEM] Msfs
Service C:\WINDOWS\system32\msiexec.exe (Windows® installer/Microsoft Corporation) [MANUAL] MSIServer
Service C:\WINDOWS\system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV
Service C:\WINDOWS\system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK
Service C:\WINDOWS\system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM
Service C:\WINDOWS\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [MANUAL] mssmbios
Service C:\WINDOWS\system32\drivers\MSTEE.sys (WDM Tee/Communication Transform Filter /Microsoft Corporation) [MANUAL] MSTEE
Service (Multiple UNC Provider driver/Microsoft Corporation) [BOOT] Mup
Service C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys (WDM NABTS/FEC VBI Codec/Microsoft Corporation) [MANUAL] NABTSFEC
Service (NDIS 5.1 wrapper driver/Microsoft Corporation) [BOOT] NDIS
Service C:\WINDOWS\system32\DRIVERS\NdisIP.sys (Microsoft IP Driver/Microsoft Corporation) [MANUAL] NdisIP
Service C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) [MANUAL] NdisTapi
Service C:\WINDOWS\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O Driver/Microsoft Corporation) [MANUAL] Ndisuio
Service C:\WINDOWS\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) [MANUAL] NdisWan
Service (NDIS Proxy/Microsoft Corporation) [MANUAL] NDProxy
Service C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) [SYSTEM] NetBIOS
Service C:\WINDOWS\system32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) [SYSTEM] NetBT
Service C:\WINDOWS\system32\netdde.exe (DDE sieci - komunikacja DDE/Microsoft Corporation) [DISABLED] NetDDE
Service C:\WINDOWS\system32\netdde.exe (DDE sieci - komunikacja DDE/Microsoft Corporation) [DISABLED] NetDDEdsdm
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] Netlogon
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Netman
Service C:\WINDOWS\system32\DRIVERS\nic1394.sys (IEEE1394 Ndis Miniport and Call Manager/Microsoft Corporation) [MANUAL] NIC1394
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Nla
Service C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia USB Phone Bus Driver/Nokia) [MANUAL] nmwcd
Service C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia USB Phone Bus Driver/Nokia) [MANUAL] nmwcdc
Service (NPFS Driver/Microsoft Corporation) [SYSTEM] Npfs
Service (NT File System Driver/Microsoft Corporation) [DISABLED] Ntfs
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] NtLmSsp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] NtmsSvc
Service (NULL Driver/Microsoft Corporation) [SYSTEM] Null
Service C:\WINDOWS\system32\DRIVERS\nvatabus.sys (NVIDIA® nForce(TM) IDE Performance Driver/NVIDIA Corporation) [BOOT] nvatabus
Service C:\WINDOWS\system32\DRIVERS\nv_agp.sys (NVIDIA nForce AGP Filter/NVIDIA Corporation) [BOOT] nv_agp
Service C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys (NWLINK2 Traffic Filter Driver/Microsoft Corporation) [MANUAL] NwlnkFlt
Service C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys (NWLINK2 Forwarder Driver/Microsoft Corporation) [MANUAL] NwlnkFwd
Service C:\WINDOWS\system32\DRIVERS\ohci1394.sys (1394 OpenHCI Port Driver/Microsoft Corporation) [BOOT] ohci1394
Service C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Office Source Engine/Microsoft Corporation) [MANUAL] ose
Service C:\WINDOWS\system32\DRIVERS\parport.sys (Sterownik portu równoległego/Microsoft Corporation) [MANUAL] Parport
Service (Partition Manager/Microsoft Corporation) [BOOT] PartMgr
Service (VDM Parallel Driver/Microsoft Corporation) [AUTO] ParVdm
Service C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys (PCCS Mode Change Filter Driver/Nokia) [MANUAL] pccsmcfd
Service C:\WINDOWS\system32\DRIVERS\pci.sys (Licznik NT Plug and Play PCI/Microsoft Corporation) [BOOT] PCI
Service [SYSTEM] PCIDump
Service C:\WINDOWS\system32\DRIVERS\pciide.sys (Rodzajowy sterownik magistrali PCI IDE/Microsoft Corporation) [BOOT] PCIIde
Service (Sterownik magistrali PCMCIA/Microsoft Corporation) [DISABLED] Pcmcia
Service [MANUAL] PDCOMP
Service [MANUAL] PDFRAME
Service [MANUAL] PDRELI
Service [MANUAL] PDRFRAME
Service [DISABLED] perc2
Service [DISABLED] perc2hib
Service PerfDisk
Service PerfNet
Service PerfOS
Service PerfProc
Service C:\WINDOWS\system32\services.exe (Usługi i aplikacja Kontroler/Microsoft Corporation) [AUTO] PlugPlay
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] PolicyAgent
Service C:\WINDOWS\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) [MANUAL] PptpMiniport
Service C:\WINDOWS\system32\DRIVERS\processr.sys (Sterownik urządzenia procesora/Microsoft Corporation) [SYSTEM] Processor
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] ProtectedStorage
Service C:\WINDOWS\system32\DRIVERS\psched.sys (MS QoS Packet Scheduler/Microsoft Corporation) [MANUAL] PSched
Service C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink
Service C:\WINDOWS\System32\Drivers\PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) [BOOT] PxHelp20
Service [DISABLED] ql1080
Service [DISABLED] Ql10wnt
Service [DISABLED] ql12160
Service [DISABLED] ql1240
Service [DISABLED] ql1280
Service C:\WINDOWS\system32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) [SYSTEM] RasAcd
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasAuto
Service C:\WINDOWS\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Rasl2tp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasMan
Service C:\WINDOWS\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) [MANUAL] RasPppoe
Service C:\WINDOWS\system32\DRIVERS\raspti.sys (PTI DirectParallel(R) mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Raspti
Service C:\WINDOWS\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) [SYSTEM] Rdbss
Service C:\WINDOWS\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPCDD
Service RDPDD
Service C:\WINDOWS\system32\DRIVERS\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) [MANUAL] rdpdr
Service RDPNP
Service (RDP Terminal Stack Driver (US/Canada Only, Not for Export)/Microsoft Corporation) [MANUAL] RDPWD
Service C:\WINDOWS\system32\sessmgr.exe (Menedżer sesji pomocy pulpitu zdalnego Microsoft®/Microsoft Corporation) [MANUAL] RDSessMgr
Service C:\WINDOWS\system32\DRIVERS\redbook.sys (Sterownik filtru audio Redbook/Microsoft Corporation) [SYSTEM] redbook
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] RemoteAccess
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RemoteRegistry
Service C:\WINDOWS\system32\locator.exe (Rpc Locator/Microsoft Corporation) [MANUAL] RpcLocator
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RpcSs
Service C:\WINDOWS\system32\rsvp.exe (Microsoft RSVP/Microsoft Corporation) [MANUAL] RSVP
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] SamSs
Service C:\WINDOWS\System32\SCardSvr.exe (Smart Card Resource Management Server/Microsoft Corporation) [MANUAL] SCardSvr
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Schedule
Service C:\WINDOWS\system32\DRIVERS\secdrv.sys [MANUAL] Secdrv
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] seclogon
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SENS
Service C:\WINDOWS\system32\DRIVERS\ser2pl.sys (USB-to-Serial Cable Driver/Prolific Technology Inc.) [MANUAL] Ser2pl
Service C:\WINDOWS\system32\DRIVERS\serenum.sys (Serial Port Enumerator/Microsoft Corporation) [MANUAL] serenum
Service C:\WINDOWS\system32\DRIVERS\serial.sys (Sterownik urządzenia szeregowego/Microsoft Corporation) [SYSTEM] Serial
Service C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (ServiceLayer Module/Nokia.) [MANUAL] ServiceLayer
Service C:\WINDOWS\system32\DRIVERS\sfloppy.sys (SCSI Floppy Driver/Microsoft Corporation) [MANUAL] Sfloppy
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SharedAccess
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ShellHWDetection
Service [DISABLED] Simbad
Service C:\WINDOWS\system32\DRIVERS\SLIP.sys (Microsoft Slip Deframing Filter Minidriver/Microsoft Corporation) [MANUAL] SLIP
Service [DISABLED] Sparrow
Service C:\WINDOWS\system32\speedfan.sys (SpeedFan Device Driver/Windows (R) 2000 DDK provider) [BOOT] speedfan
Service C:\WINDOWS\system32\drivers\splitter.sys (Microsoft Kernel Audio Splitter/Microsoft Corporation) [MANUAL] splitter
Service C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) [AUTO] Spooler
Service C:\WINDOWS\system32\DRIVERS\sr.sys (Sterownik filtru systemu plików Przywracania systemu/Microsoft Corporation) [BOOT] sr
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] srservice
Service C:\WINDOWS\system32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] Srv
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] SSDPSRV
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] stisvc
Service C:\WINDOWS\system32\DRIVERS\StreamIP.sys (Microsoft IP Test Driver/Microsoft Corporation) [MANUAL] streamip
Service C:\WINDOWS\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum
Service C:\WINDOWS\system32\drivers\swmidi.sys (Microsoft GS Wavetable Synthesizer/Microsoft Corporation) [MANUAL] swmidi
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] SwPrv
Service [DISABLED] symc810
Service [DISABLED] symc8xx
Service [DISABLED] sym_hi
Service [DISABLED] sym_u3
Service C:\WINDOWS\system32\drivers\sysaudio.sys (System Audio WDM Filter/Microsoft Corporation) [MANUAL] sysaudio
Service C:\WINDOWS\system32\smlogsvc.exe (Usługa dzienników wydajności i alertów/Microsoft Corporation) [MANUAL] SysmonLog
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TapiSrv
Service C:\WINDOWS\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation) [SYSTEM] Tcpip
Service (Bytemobile Kernel Network Provider/Bytemobile, Inc.) [SYSTEM] tcpipBM
Service (Named Pipe Transport Driver/Microsoft Corporation) [MANUAL] TDPIPE
Service (TCP Transport Driver/Microsoft Corporation) [MANUAL] TDTCP
Service C:\WINDOWS\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) [SYSTEM] TermDD
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TermService
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Themes
Service C:\WINDOWS\system32\tlntsvr.exe (Usługa Telnet/Microsoft Corporation) [DISABLED] TlntSvr
Service [DISABLED] TosIde
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] TrkWks
Service TSDDD
Service (UDF File System Driver/Microsoft Corporation) [DISABLED] Udfs
Service C:\Program Files\blueconnect\AssistantServices.exe [AUTO] UI Assistant Service
Service [DISABLED] ultra
Service C:\WINDOWS\system32\DRIVERS\update.sys (Update Driver/Microsoft Corporation) [MANUAL] Update
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] upnphost
Service C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys (Filter Driver for Nokia USB Phone Bus Driver/Nokia) [MANUAL] upperdev
Service C:\WINDOWS\System32\ups.exe (UPS Service/Microsoft Corporation) [MANUAL] UPS
Service C:\WINDOWS\system32\DRIVERS\usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation) [MANUAL] usbccgp
Service C:\WINDOWS\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) [MANUAL] usbehci
Service C:\WINDOWS\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) [MANUAL] usbhub
Service C:\WINDOWS\system32\DRIVERS\usbohci.sys (OHCI USB Miniport Driver/Microsoft Corporation) [MANUAL] usbohci
Service C:\WINDOWS\system32\DRIVERS\usbprint.sys (USB Printer driver/Microsoft Corporation) [MANUAL] usbprint
Service C:\WINDOWS\system32\DRIVERS\usbscan.sys (USB Scanner Driver/Microsoft Corporation) [MANUAL] usbscan
Service C:\WINDOWS\system32\DRIVERS\usbser.sys (USB Modem Driver/Microsoft Corporation) [MANUAL] usbser
Service C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation) [MANUAL] USBSTOR
Service C:\WINDOWS\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [SYSTEM] VgaSave
Service [DISABLED] ViaIde
Service (Sterownik kopiowania woluminów w tle/Microsoft Corporation) [BOOT] VolSnap
Service C:\WINDOWS\System32\vssvc.exe (Usługa kopiowania woluminów w tle Microsoft®/Microsoft Corporation) [MANUAL] VSS
Service VxD
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] W32Time
Service W3SVC
Service C:\WINDOWS\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) [MANUAL] Wanarp
Service C:\WINDOWS\System32\Drivers\wdf01000.sys (WDF Dynamic/Microsoft Corporation) [MANUAL] Wdf01000
Service [MANUAL] WDICA
Service C:\WINDOWS\system32\drivers\wdmaud.sys (MMSYSTEM Wave/Midi API mapper/Microsoft Corporation) [MANUAL] wdmaud
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WebClient
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] winmgmt
Service [MANUAL] Winsock
Service WinSock2
Service WinTrust
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] WmdmPmSN
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Wmi
Service WmiApRpl
Service C:\WINDOWS\system32\wbem\wmiapsrv.exe (Usługa karty wydajności WMI/Microsoft Corporation) [MANUAL] WmiApSrv
Service (Winsock2 IFS Layer/Microsoft Corporation) [SYSTEM] WS2IFSL
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wscsvc
Service C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS (WDM WST Codec Driver/Microsoft Corporation) [MANUAL] WSTCODEC
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wuauserv
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WZCSVC
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] xmlprov
Service C:\WINDOWS\system32\DRIVERS\yk51x86.sys (NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller/Marvell) [MANUAL] yukonwxp
Service C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys (USB Modem/Serial Device Driver/ZTE Incorporated) [MANUAL] ZTEusbmdm6k
Service C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys (USB Modem/Serial Device Driver/ZTE Incorporated) [MANUAL] ZTEusbnmea
Service C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys (USB Modem/Serial Device Driver/ZTE Incorporated) [MANUAL] ZTEusbser6k
Service {05C4FC82-6F58-411E-A9A8-239CB8B6AFEF}
Service {3C1BE0F2-D451-4D94-8B97-93014F2F4FEF}
Service {B4F12EAD-3E37-4FFB-BB7D-A9A396E58207}

---- EOF - GMER 1.0.15 ----
[/log]
Proszę o informację czy system jest czysty. Jaki antywirus (najlepiej freeware) jest polecany? Korzystam z blue connect'a i czasem widzę ruch w sieci (upload) pomimo iż nic nie robię na internecie. Czym to może byś spowodowane? Za co odpowiada proces CMUpdater i czy jest on do czegoś potrzebny?

Tomek01
komentarz
komentarz

Pokaż loga z RSIT, W tych logach jest czysto.

W OTL użyj funkcji Clean Up.
Wyłącz a następnie włącz przywracanie systemu na wszystkich partycjach.
Użyj ATF Cleaner, zaznacz trzy pierwsze fajki i empty selected.

Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i jakby coś wykryły raporty pokaż na forum.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.