x-kom hosting

Problem z internetem i "zawieszające" się programy.

Gość
utworzono
utworzono (edytowane)

Witam.

Od kilku dni zauważyłem dziwne zachowanie komputera typu :

1.Prędkość internetu (download) wacha się od 9mb/s do 15mb/s upload 2mb/s ,lecz ping w grach (typu counter strike) był maksymalny 40ms. Teraz "skacze" co chwile od 30ms do 400ms. Nie zależnie od serwerowni.
2.Często zauważam dziwne reakcje na otwarcie nowej karty w Operze. Całkowicie sie blokuje na jakąś minute. Cały komputer nie,lecz tylko przeglądarka. Wiem,że jest opcja przejścia na inną pleglądarke typu Mozilla lub Google Chrome,lecz jestem bardzo przyzwyczajony do interfejsu Opery i bardzo przyjemnie mi się na niej pracuje.
3.Jak próbuje wejść w [b]START[/b]> [b]URUCHOM[/b]> [b]netstat[/b] Pojawia się wiersz polecenia,coś bardzo szybko zrobi, i się wyłącza.

Tak jak napisałem na początku,problem pojawił się od kilku dni. Wcześniej wszystko dobrze działało.

Sprzęt :
Procesor : Athlon 64 3000+ Socket 939(venice)
Grafika : Geforce 9500GT 1024mb Pci-e.
RAM : 3x 512mb DDR1 (firma kingstone)
Dysk : 500GB Seagate SATA
Płyta główna : Gigabye GA-K8NF-9
Zasilacz : 400W

Oprogramowanie :
System : Windows XP Professional SP3
Antyvirus : Kaspersky Internet Security 2011 (11.0.2.556)

Log z HiJackThis-a : http://wklej.to/WPdry

P.S : Internet jest dzielony przez Ruter na dwa komputery.

Tomek01
komentarz
komentarz

Log z HJT to trochę za mało. Wkej logi z OTL, info poniżej:

Gość
komentarz
komentarz (edytowane)

OTL
http://wklej.to/iWpC3
http://wklej.to/mOEWd

RSIT
http://wklej.to/6L6eG
http://wklej.to/BOJhB

Tomek01
komentarz
komentarz

Póki co, przenoszę do działu bezpieczeństwo.

W OTL, w oknie Custom scan/fixes wklej:

[code]:Files
C:\WINDOWS\System32\secustat.dat
C:\WINDOWS\System32\secushr.dat
C:\Documents and Settings\Administrator\Dane aplikacji\System7777DataCollection
C:\WINDOWS\Sys6547SettingsDB.sys

:Commands
[emptytemp]
[/code]
Klikasz run fix, komputer uruchamia się ponownie.
Wrzuć log z usuwania oraz nowe logi: OTL i RSIT (Logi wstaw w tagi, tak jak w opisie).

Gość
komentarz
komentarz

USUWANIE :
[log]All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 41206437 bytes
->Temporary Internet Files folder emptied: 721120 bytes
->Java cache emptied: 160160 bytes
->Google Chrome cache emptied: 7662075 bytes
->Opera cache emptied: 60024790 bytes
->Flash cache emptied: 3769 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134153 bytes
%systemroot%\System32 .tmp files removed: 3870756 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 24192 bytes
Windows Temp folder emptied: 311178 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 111,00 mb


OTL by OldTimer - Version 3.2.20.6 log created on 02102011_234741

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\kls898B.tmp not found!

Registry entries deleted on Reboot...
[/log]

OTL :
1. [log]OTL logfile created on: 2011-02-10 23:52:13 - Run 2
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrator\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 116,19 Gb Total Space | 56,30 Gb Free Space | 48,46% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 109,08 Gb Free Space | 74,46% Space Free | Partition Type: NTFS
Drive E: | 123,96 Gb Total Space | 68,65 Gb Free Space | 55,38% Space Free | Partition Type: NTFS

Computer Name: FLIPER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
PRC - [2011-02-10 21:31:47 | 000,943,472 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011-02-07 12:56:24 | 008,993,280 | ---- | M] (Creative Team S.A.) -- C:\Program Files\WapSter\WapSter AQQ\AQQ.exe
PRC - [2010-11-12 18:53:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010-07-09 16:24:34 | 000,155,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
MOD - [2011-01-21 15:44:11 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2010-12-09 16:15:25 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-02-10 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010-11-27 13:45:17 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-11-26 18:02:54 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010-07-09 23:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010-06-14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010-06-09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2)
DRV - [2010-06-09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010-05-07 11:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2010-04-27 03:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010-04-27 03:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010-04-27 03:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009-12-22 10:00:26 | 000,023,552 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2009-11-02 19:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-10-27 12:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2009-06-19 16:59:34 | 000,019,712 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2009-05-08 11:56:12 | 000,042,752 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev)
DRV - [2009-01-29 17:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2009-01-29 17:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008-04-14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2007-11-02 15:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005-05-17 10:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005-04-05 20:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005-04-05 20:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-796845957-1767777339-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[2011-02-08 01:46:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-12-27 19:08:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-12-06 23:03:18 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010-12-13 13:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchddr.xml

O1 HOSTS File: ([2010-11-29 07:39:38 | 000,000,789 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-796845957-1767777339-839522115-500..\Run: [Software Informer] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Pobierz w Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.50 212.76.34.49
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2010-11-20 14:53:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: [b]AutoStartNPSAgent[/b] - hkey= - key= - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: [b]facemoods[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]NPSStartup[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]nwiz[/b] - hkey= - key= - C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
MsConfig - StartUpReg: [b]Pando Media Booster[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]PCSpeedUp[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]SearchSettings[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-02-10 23:41:16 | 000,000,000 | ---D | C] -- C:\rsit
[2011-02-10 23:36:12 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-02-10 23:25:08 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
[2011-02-10 16:46:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kolekcja Klasyki
[2011-02-10 15:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\NFS Most Wanted
[2011-02-10 15:48:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA GAMES
[2011-02-10 15:31:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2011-02-10 15:31:07 | 001,962,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quartz.dll
[2011-02-10 15:31:07 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qedit.dll
[2011-02-10 15:31:07 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidctl.dll
[2011-02-10 15:31:07 | 001,201,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8.dll
[2011-02-10 15:31:07 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput8.dll
[2011-02-10 15:31:07 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dramp.dll
[2011-02-10 15:31:07 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2011-02-10 15:31:07 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim.dll
[2011-02-10 15:31:07 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3drm.dll
[2011-02-10 15:31:07 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2011-02-10 15:31:07 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdv.dll
[2011-02-10 15:31:07 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2011-02-10 15:31:07 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2011-02-10 15:31:07 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qcap.dll
[2011-02-10 15:31:07 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2011-02-10 15:31:07 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2011-02-10 15:31:07 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll
[2011-02-10 15:31:07 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qasf.dll
[2011-02-10 15:31:07 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\devenum.dll
[2011-02-10 15:31:07 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll
[2011-02-10 15:31:07 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll
[2011-02-10 15:31:07 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll
[2011-02-10 15:31:07 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2011-02-10 15:31:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll
[2011-02-10 15:31:07 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll
[2011-02-10 15:31:07 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msdv.sys
[2011-02-10 15:31:07 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2011-02-10 15:31:07 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dxof.dll
[2011-02-10 15:31:07 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstdecod.dll
[2011-02-10 15:31:07 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2011-02-10 15:31:07 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2011-02-10 15:31:07 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dpmesh.dll
[2011-02-10 15:31:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll
[2011-02-10 15:31:07 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll
[2011-02-10 15:31:07 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2011-02-10 15:31:07 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll
[2011-02-10 15:31:07 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2011-02-10 15:31:07 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2011-02-10 15:31:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2011-02-10 15:31:07 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2011-02-10 15:31:07 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2011-02-10 15:31:07 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2011-02-10 15:31:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2011-02-10 15:31:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2011-02-10 15:31:07 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2011-02-10 15:31:07 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2011-02-10 15:31:07 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2011-02-10 15:31:07 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2011-02-10 15:31:07 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxapi.sys
[2011-02-10 15:31:07 | 000,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2011-02-10 15:31:07 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2011-02-10 15:31:06 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll
[2011-02-10 15:31:06 | 001,189,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll
[2011-02-10 15:31:06 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2011-02-10 15:31:06 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim700.dll
[2011-02-10 15:31:06 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2011-02-10 15:31:06 | 000,648,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput.dll
[2011-02-10 15:31:06 | 000,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll
[2011-02-10 15:31:06 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll
[2011-02-10 15:31:06 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diactfrm.dll
[2011-02-10 15:31:06 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound.dll
[2011-02-10 15:31:06 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll
[2011-02-10 15:31:06 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddraw.dll
[2011-02-10 15:31:06 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplayx.dll
[2011-02-10 15:31:06 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gcdef.dll
[2011-02-10 15:31:06 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\joy.cpl
[2011-02-10 15:31:06 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll
[2011-02-10 15:31:06 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll
[2011-02-10 15:31:06 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2011-02-10 15:31:06 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll
[2011-02-10 15:31:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll
[2011-02-10 15:31:06 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhupnp.dll
[2011-02-10 15:31:06 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2011-02-10 15:31:06 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dimap.dll
[2011-02-10 15:31:06 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll
[2011-02-10 15:31:06 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll
[2011-02-10 15:31:06 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2011-02-10 15:31:06 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddrawex.dll
[2011-02-10 15:31:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll
[2011-02-10 15:31:06 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2011-02-10 15:31:06 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8thk.dll
[2011-02-10 15:31:06 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll
[2011-02-10 15:31:06 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll
[2011-02-10 15:16:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios
[2011-02-10 15:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Stronghold 2
[2011-02-10 14:29:16 | 000,000,000 | ---D | C] -- C:\Downloads
[2011-02-10 14:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager
[2011-02-10 14:23:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Free Download Manager
[2011-02-10 14:23:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG
[2011-02-10 14:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager
[2011-02-10 11:39:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\jv16 PowerTools 2011
[2011-02-10 11:39:10 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools 2011
[2011-02-10 11:30:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011-02-10 10:59:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kaspersky Internet Security 2011
[2011-02-10 10:58:51 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2011-02-10 10:58:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
[2011-02-10 10:58:43 | 000,475,736 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011-02-10 10:57:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
[2011-02-10 10:46:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2011-02-08 11:51:12 | 000,025,992 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2011-02-08 11:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\PageDefrag
[2011-02-08 02:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe
[2011-02-08 02:42:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje książki elektroniczne
[2011-02-08 02:41:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PrintMe Internet Printing
[2011-02-08 02:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2011-02-08 02:41:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011-02-08 02:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011-02-08 02:39:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache
[2011-02-08 01:47:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Google Chrome
[2011-02-08 01:46:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google
[2011-02-08 01:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2011-02-08 01:14:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton
[2011-02-08 01:13:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller
[2011-02-07 22:53:08 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011-02-07 22:53:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\HiJackThis
[2011-02-07 22:34:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data
[2011-02-07 22:24:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-02-07 22:24:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit
[2011-02-07 22:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\DAP
[2011-02-07 22:16:07 | 000,000,000 | ---D | C] -- C:\flash get
[2011-02-07 22:08:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\BITS
[2011-02-07 22:08:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet
[2011-02-07 22:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO
[2011-02-02 22:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\obrazki z pejnta
[2011-01-31 20:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Firefly Studios
[2011-01-31 01:19:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\pejnt
[2011-01-30 13:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Team17
[2011-01-29 21:55:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com
[2011-01-29 21:54:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\JDownloader
[2011-01-29 21:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2011-01-29 21:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader
[2011-01-29 21:45:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\VDownloader
[2011-01-29 21:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2011-01-25 19:12:39 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache
[2011-01-24 01:42:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2011-01-24 01:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011-01-24 01:29:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2011-01-24 01:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011-01-23 21:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\The Lord of the Rings Online
[2011-01-23 21:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\The Lord of the Rings Online
[2011-01-23 19:53:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Turbine
[2011-01-23 17:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ApplicationHistory
[2011-01-23 17:56:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2011-01-23 17:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Codemasters
[2011-01-22 16:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2011-01-17 17:09:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011-01-06 22:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\PunkBuster
[2011-01-06 21:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfenstein - Enemy Territory
[2010-12-29 13:49:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Winamp
[2010-12-29 13:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010-12-29 13:49:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Detektor Winampa
[2010-12-29 13:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010-12-29 13:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Winamp
[2010-12-22 22:31:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ESET
[2010-12-22 22:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
[2010-12-20 17:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\AruaROSE
[2010-12-19 20:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Call of Duty
[2010-12-19 14:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\The Duel
[2010-12-19 14:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EliteGunz
[2010-12-19 14:53:01 | 000,000,000 | ---D | C] -- C:\Program Files\EliteGunz
[2010-12-19 12:20:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE
[2010-12-18 23:30:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.thumbnails
[2010-12-18 23:30:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0
[2010-12-18 23:26:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\gegl-0.0
[2010-12-18 23:26:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.gimp-2.6
[2010-12-18 23:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\GIMP
[2010-12-18 23:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010-12-18 23:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2010-12-18 22:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\IDM
[2010-12-18 22:05:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache
[2010-12-18 22:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2010-12-18 22:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Internet Download Manager
[2010-12-18 21:17:58 | 000,023,552 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\Motousbnet.sys
[2010-12-18 21:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Motorola Driver Installer
[2010-12-18 21:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Avanquest update
[2010-12-18 21:11:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\BVRP Software
[2010-12-18 21:10:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Motorola Phone Tools
[2010-12-18 21:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Phone Tools
[2010-12-18 21:08:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software
[2010-12-18 21:08:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\InstallShield
[2010-12-18 12:08:51 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2010-12-18 12:08:24 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll
[2010-12-18 12:02:25 | 000,006,016 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motfilt.sys
[2010-12-18 12:02:24 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01007.dll
[2010-12-18 12:02:24 | 000,023,936 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motmodem.sys
[2010-12-18 12:02:24 | 000,019,712 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgp.sys
[2010-12-18 12:02:24 | 000,008,320 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgpfl.sys
[2010-12-18 12:02:24 | 000,006,400 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motswch.sys
[2010-12-18 12:02:19 | 000,042,752 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motodrv.sys
[2010-12-18 12:01:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2010-12-17 20:05:24 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2010-12-17 19:49:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010-12-17 19:48:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010-12-17 19:47:37 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010-12-17 15:39:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010-12-17 15:28:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010-12-17 15:13:07 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys
[2010-11-28 15:14:25 | 003,056,008 | ---- | C] (Ask) -- C:\Program Files\Common Files\AskToolbarInstaller.exe

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-02-10 23:52:00 | 000,001,164 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500UA.job
[2011-02-10 23:49:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-02-10 23:49:07 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job
[2011-02-10 23:49:06 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2011-02-10 23:48:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-02-10 23:40:45 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\RSIT.exe
[2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
[2011-02-10 21:31:49 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2011-02-10 15:21:50 | 000,013,312 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-02-10 11:39:31 | 000,000,020 | -HS- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\System7777DataCollection
[2011-02-10 11:39:31 | 000,000,020 | -HS- | M] () -- C:\WINDOWS\Sys6547SettingsDB.sys
[2011-02-10 10:59:40 | 000,114,243 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011-02-10 10:59:40 | 000,097,859 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011-02-10 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011-02-10 10:47:22 | 000,000,414 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011-02-09 22:30:28 | 000,551,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-02-08 11:51:51 | 000,000,063 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011-02-08 11:51:12 | 000,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2011-02-08 02:38:14 | 000,144,631 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Regulamin_ESKA_Lubie_to.pdf
[2011-02-08 01:52:00 | 000,001,112 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500Core.job
[2011-02-07 23:08:24 | 000,000,365 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\MUZYKA.lnk
[2011-02-07 23:07:20 | 000,000,417 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\INSTALKI.lnk
[2011-02-07 23:05:21 | 000,000,370 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ZDJĘCIA.lnk
[2011-02-07 23:03:17 | 000,000,346 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\GRY.lnk
[2011-02-07 23:02:23 | 000,000,377 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\PROGRAMY.lnk
[2011-02-07 22:19:02 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System32\secustat.dat
[2011-02-07 22:09:37 | 000,000,305 | ---- | M] () -- C:\WINDOWS\System32\secushr.dat
[2011-02-07 22:08:46 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
[2011-02-06 18:30:43 | 000,002,817 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2011-02-02 08:34:28 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011-01-31 14:28:24 | 000,042,905 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\default.htm
[2011-01-23 17:58:12 | 000,000,138 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2011-01-23 17:57:55 | 000,499,510 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-01-23 17:57:55 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-01-23 17:57:55 | 000,088,816 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-01-23 17:57:55 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-01-06 22:13:49 | 000,137,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011-01-06 22:13:23 | 000,268,952 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010-12-31 15:04:12 | 001,855,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2010-12-21 00:52:42 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2010-12-21 00:52:42 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2010-12-21 00:52:42 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2010-12-21 00:52:42 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2010-12-21 00:52:42 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2010-12-21 00:52:41 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2010-12-21 00:52:41 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2010-12-21 00:52:41 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2010-12-20 18:25:52 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lsasrv.dll
[2010-12-20 13:55:37 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2010-12-20 13:55:37 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2010-12-19 20:41:23 | 000,000,745 | ---- | M] () -- C:\WINDOWS\CoD.INI
[2010-12-18 22:58:44 | 000,000,476 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\lul.rtf
[2010-12-18 21:12:30 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf
[2010-12-18 12:37:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
[2010-12-18 12:37:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motfilt_01007.Wdf
[2010-12-18 12:08:41 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010-12-18 12:08:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2010-12-18 12:08:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf
[2010-12-18 12:08:31 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010-12-13 17:03:50 | 000,028,496 | ---- | M] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-02-10 23:40:45 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\RSIT.exe
[2011-02-10 21:31:49 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk
[2011-02-10 21:31:49 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2011-02-10 15:31:07 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2011-02-10 15:31:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011-02-10 15:31:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2011-02-10 15:31:07 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2011-02-10 15:31:07 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2011-02-10 15:31:07 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2011-02-10 15:31:07 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2011-02-10 15:31:07 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2011-02-10 15:31:07 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2011-02-10 15:31:07 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2011-02-10 15:31:07 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2011-02-10 11:39:31 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\System7777DataCollection
[2011-02-10 11:39:31 | 000,000,020 | -HS- | C] () -- C:\WINDOWS\Sys6547SettingsDB.sys
[2011-02-10 10:59:40 | 000,114,243 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011-02-10 10:59:40 | 000,097,859 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011-02-10 10:47:22 | 000,000,414 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011-02-08 11:51:51 | 000,000,063 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011-02-08 02:41:27 | 000,001,872 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader 6.0 CE.lnk
[2011-02-08 02:38:14 | 000,144,631 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Regulamin_ESKA_Lubie_to.pdf
[2011-02-08 01:47:00 | 000,001,164 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500UA.job
[2011-02-08 01:47:00 | 000,001,112 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500Core.job
[2011-02-07 23:08:24 | 000,000,365 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\MUZYKA.lnk
[2011-02-07 23:07:20 | 000,000,417 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\INSTALKI.lnk
[2011-02-07 23:05:21 | 000,000,370 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ZDJĘCIA.lnk
[2011-02-07 23:03:17 | 000,000,346 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\GRY.lnk
[2011-02-07 23:02:23 | 000,000,377 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\PROGRAMY.lnk
[2011-02-07 22:19:02 | 000,000,248 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2011-02-07 22:09:37 | 000,000,305 | ---- | C] () -- C:\WINDOWS\System32\secushr.dat
[2011-02-07 22:08:46 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2011-02-06 18:30:43 | 000,002,817 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2011-01-31 14:28:23 | 000,042,905 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\default.htm
[2011-01-24 01:53:57 | 000,000,296 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2011-01-24 01:43:39 | 000,028,496 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011-01-24 01:43:39 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011-01-24 01:42:45 | 000,000,264 | ---- | C] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job
[2011-01-23 17:58:12 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2011-01-06 22:13:50 | 000,137,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011-01-06 22:13:45 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011-01-06 22:13:23 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2011-01-06 22:13:17 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010-12-22 17:57:37 | 000,013,312 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-19 20:20:33 | 000,000,745 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2010-12-18 21:12:30 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf
[2010-12-18 12:37:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
[2010-12-18 12:37:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motfilt_01007.Wdf
[2010-12-18 12:08:51 | 000,002,503 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\RSD Lite.lnk
[2010-12-18 12:08:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2010-12-18 12:08:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf
[2010-12-18 12:08:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010-11-28 15:14:26 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2010-11-27 13:45:17 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-11-21 13:36:41 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010-11-21 13:36:41 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010-11-21 13:36:37 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\$_hpcst$.hpc
[2010-11-20 17:47:46 | 000,494,557 | ---- | C] () -- C:\WINDOWS\System32\dxgi.dll
[2010-11-20 17:47:46 | 000,025,037 | ---- | C] () -- C:\WINDOWS\System32\Nucleus.dll
[2010-11-20 17:47:44 | 000,519,912 | ---- | C] () -- C:\WINDOWS\System32\d3dx10d_33.dll
[2010-11-20 17:47:44 | 000,519,912 | ---- | C] () -- C:\WINDOWS\System32\d3dx10d.dll
[2010-11-20 17:47:43 | 000,566,624 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll
[2010-11-20 15:56:48 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2010-11-20 15:56:36 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010-11-20 15:25:21 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-01-27 03:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[color=#E56717]========== LOP Check ==========[/color]

[2010-12-11 17:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ACD Systems
[2011-02-07 22:19:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\BITS
[2010-11-27 13:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite
[2011-02-07 22:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache
[2011-02-06 00:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog
[2011-01-29 21:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com
[2011-02-07 22:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet
[2011-02-07 22:08:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO
[2011-02-10 14:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager
[2010-11-20 17:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GetRightToGo
[2011-02-06 18:30:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0
[2011-02-07 22:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\IDM
[2010-11-28 15:14:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenCandy
[2010-11-20 15:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
[2010-11-21 13:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Samsung
[2011-02-10 21:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2011-01-29 21:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader
[2010-12-11 17:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems
[2010-12-18 21:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software
[2010-11-27 13:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-02-10 15:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios
[2011-02-10 14:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG
[2011-01-24 01:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2010-11-21 13:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2011-02-07 22:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit
[2011-02-07 22:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-02-10 23:49:07 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\Game_Booster_Startup.job
[2011-02-10 23:49:06 | 000,000,296 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-11-20 14:53:29 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-02-02 08:34:28 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2002-09-28 23:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-11-20 14:53:29 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-11-20 14:53:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-11-20 14:53:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010-11-27 22:48:25 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2011-02-10 23:48:56 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2002-09-28 23:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:010ADD2C

< End of report >
[/log]

[log]OTL Extras logfile created on: 2011-02-10 23:52:13 - Run 2
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrator\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 116,19 Gb Total Space | 56,30 Gb Free Space | 48,46% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 109,08 Gb Free Space | 74,46% Space Free | Partition Type: NTFS
Drive E: | 123,96 Gb Total Space | 68,65 Gb Free Space | 55,38% Space Free | Partition Type: NTFS

Computer Name: FLIPER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger -- (Creative Team S.A.)
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"E:\Mass Effect\Binaries\MassEffect.exe" = E:\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game -- (BioWare)
"E:\Mass Effect\MassEffectLauncher.exe" = E:\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher -- (BioWare)
"C:\Program Files\Motorola\RSD Lite\SDL.exe" = C:\Program Files\Motorola\RSD Lite\SDL.exe:*:Enabled:SDL -- (Motorola)
"D:\Program Files\Call of Duty\CoDMP.exe" = D:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP -- ()
"C:\Program Files\EliteGunz\EliteGunz.exe" = C:\Program Files\EliteGunz\EliteGunz.exe:*:Enabled:Gunz -- (MAIET entertainment)
"C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe:*:Enabled:Counter-Strike
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe" = C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET
"D:\COUNTER STrike NS\hl.exe" = D:\COUNTER STrike NS\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"D:\The Lord of the Rings Online\lotroclient.exe" = D:\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient -- (Turbine, Inc.)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\flash get\FlashGet\FlashGet3.exe" = C:\flash get\FlashGet\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe" = C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero -- (Valve)
"D:\Stronghold 2\Stronghold2.exe" = D:\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2 -- (Firefly Studios)
"C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{958E2B23-6146-4A21-9532-9F59049E9B35}" = Motorola Phone Tools
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A01E2BF5-2BA5-4846-B3DC-7F8866C0C5FA}" = RSDLite
"{A0673E9E-4510-4AA0-B860-58FD5A7212A1}" = Motorola Driver Installation 4.5.0
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.0.752
"{AC76BA86-7AD7-1038-7B44-CEA000000001}" = Adobe Reader 6.0.2 CE
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB132F09-DCF1-46EA-AE92-F8B42AB7BAD4}" = Stunt GP
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = The Lord of the Rings Online™ v03.02.04.8010
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AQQ" = WapSter AQQ
"AruaROSE_is1" = AruaROSE
"Call of Duty" = Call of Duty
"CCleaner" = CCleaner
"Free Download Manager_is1" = Free Download Manager 3.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"JDownloader" = JDownloader
"jv16 PowerTools 2011" = jv16 PowerTools 2011
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MTA:SA" = MTA:SA v1.0.4
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Opera 11.01.1190" = Opera 11.01
"Steam App 10" = Counter-Strike
"Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes
"Steam App 80" = Counter-Strike: Condition Zero
"Stronghold_is1" = Twierdza
"uTorrent" = µTorrent
"VideoGet_is1" = Nuclear Coffee - VideoGet
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = Archiwizator WinRAR
"Wisdom-soft Set up ScreenHunter 5.1 Free" = Wisdom-soft Set up ScreenHunter 5.1 Free
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ System Events ]
Error - 2011-02-07 16:55:41 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa FsUsbExService niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-02-07 20:18:31 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7031
Description = Usługa Norton 360 niespodziewanie zakończyła pracę. Wystąpiło to razy:
1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna:
Uruchom usługę ponownie.

Error - 2011-02-07 20:20:31 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7032
Description = Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom
usługę ponownie) po nieoczekiwanym zakończeniu usługi Norton 360, ale ta akcja
nie powiodła się przy następującym błędzie: %%1056.

Error - 2011-02-08 07:02:15 | Computer Name = FLIPER | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
helpsvc z argumentami „” w celu uruchomienia serwera: {833E4010-AFF7-4AC3-AAC2-9F24C1457BCE}

Error - 2011-02-08 07:02:18 | Computer Name = FLIPER | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
helpsvc z argumentami „” w celu uruchomienia serwera: {833E4010-AFF7-4AC3-AAC2-9F24C1457BCE}

Error - 2011-02-08 07:02:19 | Computer Name = FLIPER | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
helpsvc z argumentami „” w celu uruchomienia serwera: {833E4010-AFF7-4AC3-AAC2-9F24C1457BCE}

Error - 2011-02-10 18:47:41 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2011-02-10 18:47:42 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa FsUsbExService niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-02-10 18:47:43 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-02-10 18:49:16 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: atapi PCIIde


< End of report >
[/log]
2.RSIT

[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2011-02-10 23:57:43
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 58 GB (48%) free of 119 GB
Total RAM: 1535 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:57:49, on 2011-02-10
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\WapSter\WapSter AQQ\AQQ.exe
C:\Documents and Settings\Administrator\Pulpit\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Pobierz w Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O9 - Extra button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Usługa Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5277 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Game_Booster_Startup.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500UA.job
C:\WINDOWS\tasks\SmartDefrag_Startup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll [2010-10-05 68280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll [2010-10-05 191160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-02 365336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Software Informer"=C:\Program Files\Software Informer\softinfo.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods]
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\RGI2.tmp []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-02-08 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files\Pando Networks\Media Booster\PMB.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files\Przyspiesz Komputer\PCSpeedUp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2010-10-05 228024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=60

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\WapSter\WapSter AQQ\AQQ.exe"="C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"E:\Mass Effect\Binaries\MassEffect.exe"="E:\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game"
"E:\Mass Effect\MassEffectLauncher.exe"="E:\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Motorola\RSD Lite\SDL.exe"="C:\Program Files\Motorola\RSD Lite\SDL.exe:*:Enabled:SDL"
"D:\Program Files\Call of Duty\CoDMP.exe"="D:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"C:\Program Files\EliteGunz\EliteGunz.exe"="C:\Program Files\EliteGunz\EliteGunz.exe:*:Enabled:Gunz"
"C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
"D:\COUNTER STrike NS\hl.exe"="D:\COUNTER STrike NS\hl.exe:*:Enabled:Half-Life Launcher"
"D:\The Lord of the Rings Online\lotroclient.exe"="D:\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\flash get\FlashGet\FlashGet3.exe"="C:\flash get\FlashGet\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero"
"D:\Stronghold 2\Stronghold2.exe"="D:\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2"
"C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe:*:Enabled:Counter-Strike"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-02-10 23:41:16 ----D---- C:\rsit
2011-02-10 23:36:12 ----D---- C:\_OTL
2011-02-10 15:31:35 ----D---- C:\WINDOWS\RegisteredPackages
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\psisdecd.dll
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\streamip.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\slip.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\mstee.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\msdv.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\mpe.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys
2011-02-10 15:31:06 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2011-02-10 15:16:24 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios
2011-02-10 14:29:16 ----D---- C:\Downloads
2011-02-10 14:23:59 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager
2011-02-10 14:23:54 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG
2011-02-10 14:23:53 ----D---- C:\Program Files\Free Download Manager
2011-02-10 11:39:31 ----ASH---- C:\WINDOWS\Sys6547SettingsDB.sys
2011-02-10 11:39:10 ----D---- C:\Program Files\jv16 PowerTools 2011
2011-02-10 10:58:51 ----D---- C:\Program Files\Kaspersky Lab
2011-02-10 10:58:51 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
2011-02-10 10:58:43 ----A---- C:\WINDOWS\system32\drivers\klif.sys
2011-02-10 10:57:43 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
2011-02-10 10:46:45 ----HD---- C:\WINDOWS\system32\GroupPolicy
2011-02-09 21:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-02-09 21:59:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-02-09 21:58:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-02-09 21:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-02-09 21:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-02-09 21:56:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-02-09 21:56:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-02-08 11:51:51 ----A---- C:\WINDOWS\wininit.ini
2011-02-08 11:51:12 ----A---- C:\WINDOWS\system32\pgdfgsvc.exe
2011-02-08 02:41:22 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2011-02-08 02:41:21 ----D---- C:\Program Files\Common Files\Adobe
2011-02-08 02:41:17 ----D---- C:\Program Files\Adobe
2011-02-08 02:39:27 ----D---- C:\WINDOWS\Cache
2011-02-08 01:14:16 ----D---- C:\Program Files\Windows Sidebar
2011-02-08 01:14:07 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Norton
2011-02-08 01:13:44 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller
2011-02-07 22:53:08 ----D---- C:\Program Files\Trend Micro
2011-02-07 22:24:44 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2011-02-07 22:24:38 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit
2011-02-07 22:24:35 ----D---- C:\Program Files\DAP
2011-02-07 22:16:07 ----D---- C:\flash get
2011-02-07 22:08:46 ----A---- C:\WINDOWS\libem.INI
2011-02-07 22:08:37 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\BITS
2011-02-07 22:08:36 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet
2011-02-07 22:08:32 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO
2011-01-29 21:55:01 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com
2011-01-29 21:53:46 ----D---- C:\Program Files\JDownloader
2011-01-29 21:45:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader
2011-01-29 21:45:27 ----D---- C:\Program Files\WinPcap
2011-01-29 13:06:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-24 01:43:39 ----A---- C:\WINDOWS\system32\SmartDefragBootTime.exe
2011-01-24 01:43:39 ----A---- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys
2011-01-24 01:42:35 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\IObit
2011-01-24 01:42:34 ----D---- C:\Program Files\IObit
2011-01-24 01:29:31 ----D---- C:\Program Files\CCleaner
2011-01-23 17:56:35 ----D---- C:\WINDOWS\system32\URTTEMP
2011-01-22 16:23:39 ----D---- C:\Program Files\Pando Networks
2011-01-17 17:09:01 ----D---- C:\WINDOWS\system32\NtmsData
2011-01-12 18:59:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$

======List of files/folders modified in the last 1 months======

2011-02-10 23:49:19 ----D---- C:\WINDOWS\Temp
2011-02-10 23:48:49 ----D---- C:\WINDOWS
2011-02-10 23:47:49 ----D---- C:\WINDOWS\system32\drivers
2011-02-10 23:47:49 ----D---- C:\WINDOWS\system32
2011-02-10 23:41:24 ----D---- C:\WINDOWS\Prefetch
2011-02-10 21:31:49 ----D---- C:\Program Files\Opera
2011-02-10 21:31:47 ----SHD---- C:\WINDOWS\Installer
2011-02-10 21:14:08 ----D---- C:\Program Files\Steam
2011-02-10 21:12:22 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
2011-02-10 15:48:51 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-10 15:40:13 ----RSD---- C:\WINDOWS\assembly
2011-02-10 15:40:06 ----HD---- C:\WINDOWS\inf
2011-02-10 15:39:39 ----D---- C:\WINDOWS\system32\DirectX
2011-02-10 15:31:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-10 15:29:01 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Winamp
2011-02-10 15:07:07 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-10 14:23:53 ----RD---- C:\Program Files
2011-02-10 12:12:24 ----D---- C:\WINDOWS\system32\config
2011-02-10 11:30:45 ----D---- C:\WINDOWS\Debug
2011-02-10 10:56:40 ----SHD---- C:\System Volume Information
2011-02-10 10:56:40 ----D---- C:\Program Files\Common Files
2011-02-10 10:55:24 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-02-09 21:57:17 ----A---- C:\WINDOWS\system32\MRT.exe
2011-02-09 21:57:08 ----D---- C:\Program Files\Internet Explorer
2011-02-09 21:56:55 ----HD---- C:\WINDOWS\$hf_mig$
2011-02-08 11:39:47 ----SD---- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft
2011-02-08 02:42:22 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe
2011-02-08 01:47:00 ----SD---- C:\WINDOWS\Tasks
2011-02-08 01:46:39 ----D---- C:\Program Files\Mozilla Firefox
2011-02-07 22:58:09 ----D---- C:\WINDOWS\Registration
2011-02-07 22:47:58 ----D---- C:\Program Files\Wolfenstein - Enemy Territory
2011-02-07 22:47:45 ----D---- C:\WINDOWS\WinSxS
2011-02-07 22:16:05 ----D---- C:\Program Files\GIMP-2.0
2011-02-07 22:03:52 ----D---- C:\Program Files\Internet Download Manager
2011-02-07 22:03:02 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\IDM
2011-02-07 22:02:48 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache
2011-02-06 21:09:10 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Skype
2011-02-06 20:15:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\skypePM
2011-02-06 18:30:43 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0
2011-02-06 18:25:24 ----A---- C:\WINDOWS\ModemLog_Motorola USB Modem #2.txt
2011-02-06 00:41:13 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog
2011-02-02 08:34:28 ----SH---- C:\boot.ini
2011-02-02 08:34:28 ----A---- C:\WINDOWS\win.ini
2011-02-02 08:34:27 ----A---- C:\WINDOWS\system.ini
2011-01-30 13:20:55 ----D---- C:\Program Files\Common Files\InstallShield
2011-01-29 21:45:40 ----D---- C:\Program Files\VDownloader
2011-01-23 17:57:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-22 15:57:24 ----D---- C:\WINDOWS\system32\wbem
2011-01-22 15:56:28 ----D---- C:\WINDOWS\system32\Restore
2011-01-21 15:44:11 ----A---- C:\WINDOWS\system32\shimgvw.dll
2011-01-21 15:44:11 ----A---- C:\WINDOWS\system32\shell32.dll
2011-01-17 17:09:01 ----D---- C:\WINDOWS\repair
2011-01-16 15:00:45 ----D---- C:\Program Files\uTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 KL1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2010-06-09 132184]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-05-17 92800]
R0 ohci1394;Kontroler hosta Texas Instruments IEEE 1394 zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-27 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 kl2;kl2; C:\WINDOWS\system32\DRIVERS\kl2.sys [2010-06-09 11352]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2011-02-10 475736]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2010-05-07 32856]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-11-02 19472]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-28 12160]
R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-09 10604128]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 acprv0me;acprv0me; C:\WINDOWS\system32\drivers\acprv0me.sys []
S3 BTCFilterService;USB Networking Driver Filter Service; C:\WINDOWS\system32\DRIVERS\motfilt.sys [2009-01-29 6016]
S3 motccgp;Motorola USB Composite Device Driver; C:\WINDOWS\system32\DRIVERS\motccgp.sys [2009-06-19 19712]
S3 motccgpfl;MotCcgpFlService; C:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2009-01-29 8320]
S3 MotDev;Motorola Inc. USB Device; C:\WINDOWS\system32\DRIVERS\motodrv.sys [2009-05-08 42752]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2009-10-27 23936]
S3 MotoSwitchService;MotoSwitch Service; C:\WINDOWS\system32\DRIVERS\motswch.sys [2007-11-02 6400]
S3 Motousbnet;Motorola USB Networking Driver Service; C:\WINDOWS\system32\DRIVERS\Motousbnet.sys [2009-12-22 23552]
S3 SONYPVU1;Sterownik filtru USB Sony (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2010-04-27 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2010-04-27 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2010-04-27 132424]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-28 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Usługa Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-02 365336]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-07-04 238952]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Usuga stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]
S4 NetTcpPortSharing;Usługa udostępniania portów Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-01-06 75136]

-----------------EOF-----------------
[/log]

Tomek01
komentarz
komentarz

Przepraszam, wkradł się mały błąd. Wykonaj jeszcze raz wszystko, skrypt jest zmodyfikowany.

Gość
komentarz
komentarz (edytowane)

USUWANIE : [log]All processes killed
========== FILES ==========
C:\WINDOWS\System32\secustat.dat moved successfully.
C:\WINDOWS\System32\secushr.dat moved successfully.
C:\Documents and Settings\Administrator\Dane aplikacji\System7777DataCollection moved successfully.
C:\WINDOWS\Sys6547SettingsDB.sys moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 2653886 bytes
->Temporary Internet Files folder emptied: 388888 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 819568 bytes
->Opera cache emptied: 8551042 bytes
->Flash cache emptied: 1065 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 202137 bytes
RecycleBin emptied: 209738 bytes

Total Files Cleaned = 12,00 mb


OTL by OldTimer - Version 3.2.20.6 log created on 02112011_111637

Files\Folders moved on Reboot...
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\auth.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\burnlib.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\dsp_sps.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\enc_aacplus.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\enc_flac.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\enc_lame.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\enc_vorbis.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\enc_wav.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\enc_wma.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_classicart.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_crasher.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_ff.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_find_on_disk.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_hotkeys.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_jumpex.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_ml.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_nopro.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_orgler.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_skinmanager.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_timerestore.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_tray.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_undo.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_avi.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_cdda.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_dshow.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_flac.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_flv.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_linein.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_midi.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_mkv.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_mod.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_mp3.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_mp4.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_nsv.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_swf.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_vorbis.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_wav.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_wave.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_wm.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_wv.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_addons.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_autotag.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_bookmarks.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_devices.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_disc.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_downloads.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_enqplay.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_history.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_impex.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_local.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_nowplaying.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_online.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_orb.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_playlists.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_plg.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_pmp.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_rg.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_transcode.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_wire.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ombrowser.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\out_disk.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\out_ds.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\out_wave.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\playlist.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\pmp_activesync.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\pmp_android.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\pmp_ipod.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\pmp_njb.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\pmp_p4s.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\pmp_usb.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\pmp_wifi.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\tagz.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\vis_avs.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\vis_milk2.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\vis_nsfs.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\winamp.lng moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\winampa.lng moved successfully.
File\Folder C:\WINDOWS\temp\klsCB3.tmp not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_384.dat not found!

Registry entries deleted on Reboot...
[/log]

OTL :
[log]OTL logfile created on: 2011-02-11 11:19:41 - Run 4
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrator\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 70,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 116,19 Gb Total Space | 56,32 Gb Free Space | 48,47% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 109,08 Gb Free Space | 74,46% Space Free | Partition Type: NTFS
Drive E: | 123,96 Gb Total Space | 68,65 Gb Free Space | 55,38% Space Free | Partition Type: NTFS

Computer Name: FLIPER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
PRC - [2011-02-10 21:31:47 | 000,943,472 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010-11-12 18:53:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010-07-09 16:24:34 | 000,155,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009-02-06 11:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
MOD - [2011-01-21 15:44:11 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2010-12-09 16:15:25 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-02-10 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010-11-27 13:45:17 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-11-26 18:02:54 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010-07-09 23:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010-06-14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010-06-09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2)
DRV - [2010-06-09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010-05-07 11:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2010-04-27 03:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010-04-27 03:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010-04-27 03:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009-12-22 10:00:26 | 000,023,552 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2009-11-02 19:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-10-27 12:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2009-06-19 16:59:34 | 000,019,712 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2009-05-08 11:56:12 | 000,042,752 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev)
DRV - [2009-01-29 17:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2009-01-29 17:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008-04-14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2007-11-02 15:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005-05-17 10:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005-04-05 20:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005-04-05 20:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-796845957-1767777339-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[2011-02-08 01:46:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-12-27 19:08:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-12-06 23:03:18 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010-12-13 13:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchddr.xml

O1 HOSTS File: ([2010-11-29 07:39:38 | 000,000,789 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-796845957-1767777339-839522115-500..\Run: [Software Informer] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Pobierz w Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.50 212.76.34.49
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2010-11-20 14:53:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: [b]AutoStartNPSAgent[/b] - hkey= - key= - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: [b]facemoods[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]NPSStartup[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]nwiz[/b] - hkey= - key= - C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
MsConfig - StartUpReg: [b]Pando Media Booster[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]PCSpeedUp[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]SearchSettings[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-02-10 23:41:16 | 000,000,000 | ---D | C] -- C:\rsit
[2011-02-10 23:36:12 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-02-10 23:25:08 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
[2011-02-10 16:46:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kolekcja Klasyki
[2011-02-10 15:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\NFS Most Wanted
[2011-02-10 15:48:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA GAMES
[2011-02-10 15:31:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2011-02-10 15:31:07 | 001,962,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quartz.dll
[2011-02-10 15:31:07 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qedit.dll
[2011-02-10 15:31:07 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidctl.dll
[2011-02-10 15:31:07 | 001,201,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8.dll
[2011-02-10 15:31:07 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput8.dll
[2011-02-10 15:31:07 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dramp.dll
[2011-02-10 15:31:07 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2011-02-10 15:31:07 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim.dll
[2011-02-10 15:31:07 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3drm.dll
[2011-02-10 15:31:07 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2011-02-10 15:31:07 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdv.dll
[2011-02-10 15:31:07 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2011-02-10 15:31:07 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2011-02-10 15:31:07 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qcap.dll
[2011-02-10 15:31:07 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2011-02-10 15:31:07 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2011-02-10 15:31:07 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll
[2011-02-10 15:31:07 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qasf.dll
[2011-02-10 15:31:07 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\devenum.dll
[2011-02-10 15:31:07 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll
[2011-02-10 15:31:07 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll
[2011-02-10 15:31:07 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll
[2011-02-10 15:31:07 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2011-02-10 15:31:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll
[2011-02-10 15:31:07 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll
[2011-02-10 15:31:07 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msdv.sys
[2011-02-10 15:31:07 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2011-02-10 15:31:07 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dxof.dll
[2011-02-10 15:31:07 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstdecod.dll
[2011-02-10 15:31:07 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2011-02-10 15:31:07 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2011-02-10 15:31:07 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dpmesh.dll
[2011-02-10 15:31:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll
[2011-02-10 15:31:07 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll
[2011-02-10 15:31:07 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2011-02-10 15:31:07 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll
[2011-02-10 15:31:07 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2011-02-10 15:31:07 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2011-02-10 15:31:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2011-02-10 15:31:07 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2011-02-10 15:31:07 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2011-02-10 15:31:07 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2011-02-10 15:31:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2011-02-10 15:31:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2011-02-10 15:31:07 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2011-02-10 15:31:07 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2011-02-10 15:31:07 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2011-02-10 15:31:07 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2011-02-10 15:31:07 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxapi.sys
[2011-02-10 15:31:07 | 000,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2011-02-10 15:31:07 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2011-02-10 15:31:06 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll
[2011-02-10 15:31:06 | 001,189,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll
[2011-02-10 15:31:06 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2011-02-10 15:31:06 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim700.dll
[2011-02-10 15:31:06 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2011-02-10 15:31:06 | 000,648,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput.dll
[2011-02-10 15:31:06 | 000,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll
[2011-02-10 15:31:06 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll
[2011-02-10 15:31:06 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diactfrm.dll
[2011-02-10 15:31:06 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound.dll
[2011-02-10 15:31:06 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll
[2011-02-10 15:31:06 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddraw.dll
[2011-02-10 15:31:06 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplayx.dll
[2011-02-10 15:31:06 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gcdef.dll
[2011-02-10 15:31:06 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\joy.cpl
[2011-02-10 15:31:06 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll
[2011-02-10 15:31:06 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll
[2011-02-10 15:31:06 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2011-02-10 15:31:06 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll
[2011-02-10 15:31:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll
[2011-02-10 15:31:06 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhupnp.dll
[2011-02-10 15:31:06 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2011-02-10 15:31:06 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dimap.dll
[2011-02-10 15:31:06 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll
[2011-02-10 15:31:06 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll
[2011-02-10 15:31:06 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2011-02-10 15:31:06 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddrawex.dll
[2011-02-10 15:31:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll
[2011-02-10 15:31:06 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2011-02-10 15:31:06 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8thk.dll
[2011-02-10 15:31:06 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll
[2011-02-10 15:31:06 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll
[2011-02-10 15:16:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios
[2011-02-10 15:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Stronghold 2
[2011-02-10 14:29:16 | 000,000,000 | ---D | C] -- C:\Downloads
[2011-02-10 14:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager
[2011-02-10 14:23:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Free Download Manager
[2011-02-10 14:23:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG
[2011-02-10 14:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager
[2011-02-10 11:39:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\jv16 PowerTools 2011
[2011-02-10 11:39:10 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools 2011
[2011-02-10 11:30:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011-02-10 10:59:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kaspersky Internet Security 2011
[2011-02-10 10:58:51 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2011-02-10 10:58:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
[2011-02-10 10:58:43 | 000,475,736 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011-02-10 10:57:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
[2011-02-10 10:46:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2011-02-08 11:51:12 | 000,025,992 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2011-02-08 11:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\PageDefrag
[2011-02-08 02:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe
[2011-02-08 02:42:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje książki elektroniczne
[2011-02-08 02:41:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PrintMe Internet Printing
[2011-02-08 02:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2011-02-08 02:41:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011-02-08 02:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011-02-08 02:39:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache
[2011-02-08 01:47:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Google Chrome
[2011-02-08 01:46:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google
[2011-02-08 01:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2011-02-08 01:14:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton
[2011-02-08 01:13:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller
[2011-02-07 22:53:08 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011-02-07 22:53:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\HiJackThis
[2011-02-07 22:34:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data
[2011-02-07 22:24:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-02-07 22:24:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit
[2011-02-07 22:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\DAP
[2011-02-07 22:16:07 | 000,000,000 | ---D | C] -- C:\flash get
[2011-02-07 22:08:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\BITS
[2011-02-07 22:08:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet
[2011-02-07 22:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO
[2011-02-02 22:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\obrazki z pejnta
[2011-01-31 20:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Firefly Studios
[2011-01-31 01:19:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\pejnt
[2011-01-30 13:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Team17
[2011-01-29 21:55:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com
[2011-01-29 21:54:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\JDownloader
[2011-01-29 21:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2011-01-29 21:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader
[2011-01-29 21:45:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\VDownloader
[2011-01-29 21:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2011-01-25 19:12:39 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache
[2011-01-24 01:42:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2011-01-24 01:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011-01-24 01:29:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2011-01-24 01:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011-01-23 21:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\The Lord of the Rings Online
[2011-01-23 21:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\The Lord of the Rings Online
[2011-01-23 19:53:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Turbine
[2011-01-23 17:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ApplicationHistory
[2011-01-23 17:56:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2011-01-23 17:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Codemasters
[2011-01-22 16:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2011-01-17 17:09:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011-01-06 22:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\PunkBuster
[2011-01-06 21:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfenstein - Enemy Territory
[2010-12-29 13:49:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Winamp
[2010-12-29 13:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010-12-29 13:49:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Detektor Winampa
[2010-12-29 13:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010-12-29 13:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Winamp
[2010-12-22 22:31:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ESET
[2010-12-22 22:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
[2010-12-20 17:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\AruaROSE
[2010-12-19 20:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Call of Duty
[2010-12-19 14:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\The Duel
[2010-12-19 14:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EliteGunz
[2010-12-19 14:53:01 | 000,000,000 | ---D | C] -- C:\Program Files\EliteGunz
[2010-12-19 12:20:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE
[2010-12-18 23:30:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.thumbnails
[2010-12-18 23:30:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0
[2010-12-18 23:26:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\gegl-0.0
[2010-12-18 23:26:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.gimp-2.6
[2010-12-18 23:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\GIMP
[2010-12-18 23:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010-12-18 23:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2010-12-18 22:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\IDM
[2010-12-18 22:05:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache
[2010-12-18 22:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2010-12-18 22:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Internet Download Manager
[2010-12-18 21:17:58 | 000,023,552 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\Motousbnet.sys
[2010-12-18 21:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Motorola Driver Installer
[2010-12-18 21:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Avanquest update
[2010-12-18 21:11:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\BVRP Software
[2010-12-18 21:10:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Motorola Phone Tools
[2010-12-18 21:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Phone Tools
[2010-12-18 21:08:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software
[2010-12-18 21:08:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\InstallShield
[2010-12-18 12:08:51 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2010-12-18 12:08:24 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll
[2010-12-18 12:02:25 | 000,006,016 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motfilt.sys
[2010-12-18 12:02:24 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01007.dll
[2010-12-18 12:02:24 | 000,023,936 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motmodem.sys
[2010-12-18 12:02:24 | 000,019,712 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgp.sys
[2010-12-18 12:02:24 | 000,008,320 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgpfl.sys
[2010-12-18 12:02:24 | 000,006,400 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motswch.sys
[2010-12-18 12:02:19 | 000,042,752 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motodrv.sys
[2010-12-18 12:01:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2010-12-17 20:05:24 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2010-12-17 19:49:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010-12-17 19:48:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010-12-17 19:47:37 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010-12-17 15:39:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010-12-17 15:28:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010-12-17 15:13:07 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys
[2010-11-28 15:14:25 | 003,056,008 | ---- | C] (Ask) -- C:\Program Files\Common Files\AskToolbarInstaller.exe

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-02-11 11:18:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-02-11 11:18:01 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job
[2011-02-11 11:18:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2011-02-11 11:17:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-02-11 00:52:07 | 000,001,164 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500UA.job
[2011-02-10 23:40:45 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\RSIT.exe
[2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
[2011-02-10 21:31:49 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2011-02-10 15:21:50 | 000,013,312 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-02-10 10:59:40 | 000,114,243 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011-02-10 10:59:40 | 000,097,859 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011-02-10 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011-02-10 10:47:22 | 000,000,414 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011-02-09 22:30:28 | 000,551,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-02-08 11:51:51 | 000,000,063 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011-02-08 11:51:12 | 000,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2011-02-08 02:38:14 | 000,144,631 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Regulamin_ESKA_Lubie_to.pdf
[2011-02-08 01:52:00 | 000,001,112 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500Core.job
[2011-02-07 23:08:24 | 000,000,365 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\MUZYKA.lnk
[2011-02-07 23:07:20 | 000,000,417 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\INSTALKI.lnk
[2011-02-07 23:05:21 | 000,000,370 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ZDJĘCIA.lnk
[2011-02-07 23:03:17 | 000,000,346 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\GRY.lnk
[2011-02-07 23:02:23 | 000,000,377 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\PROGRAMY.lnk
[2011-02-07 22:08:46 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
[2011-02-06 18:30:43 | 000,002,817 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2011-02-02 08:34:28 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011-01-31 14:28:24 | 000,042,905 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\default.htm
[2011-01-23 17:58:12 | 000,000,138 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2011-01-23 17:57:55 | 000,499,510 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-01-23 17:57:55 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-01-23 17:57:55 | 000,088,816 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-01-23 17:57:55 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-01-06 22:13:49 | 000,137,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011-01-06 22:13:23 | 000,268,952 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010-12-31 15:04:12 | 001,855,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2010-12-21 00:52:42 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2010-12-21 00:52:42 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2010-12-21 00:52:42 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2010-12-21 00:52:42 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2010-12-21 00:52:42 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2010-12-21 00:52:41 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2010-12-21 00:52:41 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2010-12-21 00:52:41 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2010-12-20 18:25:52 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lsasrv.dll
[2010-12-20 13:55:37 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2010-12-20 13:55:37 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2010-12-19 20:41:23 | 000,000,745 | ---- | M] () -- C:\WINDOWS\CoD.INI
[2010-12-18 22:58:44 | 000,000,476 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\lul.rtf
[2010-12-18 21:12:30 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf
[2010-12-18 12:37:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
[2010-12-18 12:37:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motfilt_01007.Wdf
[2010-12-18 12:08:41 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010-12-18 12:08:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2010-12-18 12:08:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf
[2010-12-18 12:08:31 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010-12-13 17:03:50 | 000,028,496 | ---- | M] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-02-10 23:40:45 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\RSIT.exe
[2011-02-10 21:31:49 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk
[2011-02-10 21:31:49 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2011-02-10 15:31:07 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2011-02-10 15:31:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011-02-10 15:31:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2011-02-10 15:31:07 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2011-02-10 15:31:07 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2011-02-10 15:31:07 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2011-02-10 15:31:07 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2011-02-10 15:31:07 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2011-02-10 15:31:07 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2011-02-10 15:31:07 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2011-02-10 15:31:07 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2011-02-10 10:59:40 | 000,114,243 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011-02-10 10:59:40 | 000,097,859 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011-02-10 10:47:22 | 000,000,414 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011-02-08 11:51:51 | 000,000,063 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011-02-08 02:41:27 | 000,001,872 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader 6.0 CE.lnk
[2011-02-08 02:38:14 | 000,144,631 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Regulamin_ESKA_Lubie_to.pdf
[2011-02-08 01:47:00 | 000,001,164 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500UA.job
[2011-02-08 01:47:00 | 000,001,112 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500Core.job
[2011-02-07 23:08:24 | 000,000,365 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\MUZYKA.lnk
[2011-02-07 23:07:20 | 000,000,417 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\INSTALKI.lnk
[2011-02-07 23:05:21 | 000,000,370 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ZDJĘCIA.lnk
[2011-02-07 23:03:17 | 000,000,346 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\GRY.lnk
[2011-02-07 23:02:23 | 000,000,377 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\PROGRAMY.lnk
[2011-02-07 22:08:46 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2011-02-06 18:30:43 | 000,002,817 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2011-01-31 14:28:23 | 000,042,905 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\default.htm
[2011-01-24 01:53:57 | 000,000,296 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2011-01-24 01:43:39 | 000,028,496 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011-01-24 01:43:39 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011-01-24 01:42:45 | 000,000,264 | ---- | C] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job
[2011-01-23 17:58:12 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2011-01-06 22:13:50 | 000,137,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011-01-06 22:13:45 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011-01-06 22:13:23 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2011-01-06 22:13:17 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010-12-22 17:57:37 | 000,013,312 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-19 20:20:33 | 000,000,745 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2010-12-18 21:12:30 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf
[2010-12-18 12:37:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
[2010-12-18 12:37:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motfilt_01007.Wdf
[2010-12-18 12:08:51 | 000,002,503 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\RSD Lite.lnk
[2010-12-18 12:08:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2010-12-18 12:08:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf
[2010-12-18 12:08:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010-11-28 15:14:26 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2010-11-27 13:45:17 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-11-21 13:36:41 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010-11-21 13:36:41 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010-11-21 13:36:37 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\$_hpcst$.hpc
[2010-11-20 17:47:46 | 000,494,557 | ---- | C] () -- C:\WINDOWS\System32\dxgi.dll
[2010-11-20 17:47:46 | 000,025,037 | ---- | C] () -- C:\WINDOWS\System32\Nucleus.dll
[2010-11-20 17:47:44 | 000,519,912 | ---- | C] () -- C:\WINDOWS\System32\d3dx10d_33.dll
[2010-11-20 17:47:44 | 000,519,912 | ---- | C] () -- C:\WINDOWS\System32\d3dx10d.dll
[2010-11-20 17:47:43 | 000,566,624 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll
[2010-11-20 15:56:48 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2010-11-20 15:56:36 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010-11-20 15:25:21 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-01-27 03:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[color=#E56717]========== LOP Check ==========[/color]

[2010-12-11 17:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ACD Systems
[2011-02-07 22:19:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\BITS
[2010-11-27 13:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite
[2011-02-07 22:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache
[2011-02-06 00:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog
[2011-01-29 21:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com
[2011-02-07 22:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet
[2011-02-07 22:08:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO
[2011-02-10 14:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager
[2010-11-20 17:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GetRightToGo
[2011-02-06 18:30:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0
[2011-02-07 22:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\IDM
[2010-11-28 15:14:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenCandy
[2010-11-20 15:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
[2010-11-21 13:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Samsung
[2011-02-10 21:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2011-01-29 21:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader
[2010-12-11 17:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems
[2010-12-18 21:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software
[2010-11-27 13:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-02-10 15:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios
[2011-02-10 14:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG
[2011-01-24 01:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2010-11-21 13:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2011-02-07 22:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit
[2011-02-07 22:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-02-11 11:18:01 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\Game_Booster_Startup.job
[2011-02-11 11:18:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-11-20 14:53:29 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-02-02 08:34:28 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2002-09-28 23:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-11-20 14:53:29 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-11-20 14:53:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-11-20 14:53:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010-11-27 22:48:25 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2011-02-11 11:17:49 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2002-09-28 23:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:010ADD2C

< End of report >[/log]

[log]OTL Extras logfile created on: 2011-02-11 11:19:41 - Run 4
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrator\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 70,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 116,19 Gb Total Space | 56,32 Gb Free Space | 48,47% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 109,08 Gb Free Space | 74,46% Space Free | Partition Type: NTFS
Drive E: | 123,96 Gb Total Space | 68,65 Gb Free Space | 55,38% Space Free | Partition Type: NTFS

Computer Name: FLIPER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger -- (Creative Team S.A.)
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"E:\Mass Effect\Binaries\MassEffect.exe" = E:\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game -- (BioWare)
"E:\Mass Effect\MassEffectLauncher.exe" = E:\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher -- (BioWare)
"C:\Program Files\Motorola\RSD Lite\SDL.exe" = C:\Program Files\Motorola\RSD Lite\SDL.exe:*:Enabled:SDL -- (Motorola)
"D:\Program Files\Call of Duty\CoDMP.exe" = D:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP -- ()
"C:\Program Files\EliteGunz\EliteGunz.exe" = C:\Program Files\EliteGunz\EliteGunz.exe:*:Enabled:Gunz -- (MAIET entertainment)
"C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe:*:Enabled:Counter-Strike
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe" = C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET
"D:\COUNTER STrike NS\hl.exe" = D:\COUNTER STrike NS\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"D:\The Lord of the Rings Online\lotroclient.exe" = D:\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient -- (Turbine, Inc.)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\flash get\FlashGet\FlashGet3.exe" = C:\flash get\FlashGet\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe" = C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero -- (Valve)
"D:\Stronghold 2\Stronghold2.exe" = D:\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2 -- (Firefly Studios)
"C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{958E2B23-6146-4A21-9532-9F59049E9B35}" = Motorola Phone Tools
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A01E2BF5-2BA5-4846-B3DC-7F8866C0C5FA}" = RSDLite
"{A0673E9E-4510-4AA0-B860-58FD5A7212A1}" = Motorola Driver Installation 4.5.0
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.0.752
"{AC76BA86-7AD7-1038-7B44-CEA000000001}" = Adobe Reader 6.0.2 CE
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB132F09-DCF1-46EA-AE92-F8B42AB7BAD4}" = Stunt GP
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = The Lord of the Rings Online™ v03.02.04.8010
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AQQ" = WapSter AQQ
"AruaROSE_is1" = AruaROSE
"Call of Duty" = Call of Duty
"CCleaner" = CCleaner
"Free Download Manager_is1" = Free Download Manager 3.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"JDownloader" = JDownloader
"jv16 PowerTools 2011" = jv16 PowerTools 2011
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MTA:SA" = MTA:SA v1.0.4
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Opera 11.01.1190" = Opera 11.01
"Steam App 10" = Counter-Strike
"Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes
"Steam App 80" = Counter-Strike: Condition Zero
"Stronghold_is1" = Twierdza
"uTorrent" = µTorrent
"VideoGet_is1" = Nuclear Coffee - VideoGet
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = Archiwizator WinRAR
"Wisdom-soft Set up ScreenHunter 5.1 Free" = Wisdom-soft Set up ScreenHunter 5.1 Free
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ System Events ]
Error - 2011-02-08 07:02:19 | Computer Name = FLIPER | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
helpsvc z argumentami „” w celu uruchomienia serwera: {833E4010-AFF7-4AC3-AAC2-9F24C1457BCE}

Error - 2011-02-10 18:47:41 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2011-02-10 18:47:42 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa FsUsbExService niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-02-10 18:47:43 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-02-10 18:49:16 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: atapi PCIIde

Error - 2011-02-11 06:04:42 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: atapi PCIIde

Error - 2011-02-11 06:16:37 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2011-02-11 06:16:38 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa FsUsbExService niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-02-11 06:16:43 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-02-11 06:18:14 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: atapi PCIIde


< End of report >
[/log]

RSIT : [log]
Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2011-02-11 11:24:01
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 58 GB (48%) free of 119 GB
Total RAM: 1535 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:24:06, on 2011-02-11
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\WapSter\WapSter AQQ\AQQ.exe
C:\Documents and Settings\Administrator\Pulpit\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Pobierz w Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O9 - Extra button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Usługa Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5313 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Game_Booster_Startup.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500UA.job
C:\WINDOWS\tasks\SmartDefrag_Startup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll [2010-10-05 68280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll [2010-10-05 191160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-02 365336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Software Informer"=C:\Program Files\Software Informer\softinfo.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods]
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\RGI2.tmp []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-02-08 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files\Pando Networks\Media Booster\PMB.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files\Przyspiesz Komputer\PCSpeedUp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2010-10-05 228024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=60

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\WapSter\WapSter AQQ\AQQ.exe"="C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"E:\Mass Effect\Binaries\MassEffect.exe"="E:\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game"
"E:\Mass Effect\MassEffectLauncher.exe"="E:\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Motorola\RSD Lite\SDL.exe"="C:\Program Files\Motorola\RSD Lite\SDL.exe:*:Enabled:SDL"
"D:\Program Files\Call of Duty\CoDMP.exe"="D:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"C:\Program Files\EliteGunz\EliteGunz.exe"="C:\Program Files\EliteGunz\EliteGunz.exe:*:Enabled:Gunz"
"C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
"D:\COUNTER STrike NS\hl.exe"="D:\COUNTER STrike NS\hl.exe:*:Enabled:Half-Life Launcher"
"D:\The Lord of the Rings Online\lotroclient.exe"="D:\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\flash get\FlashGet\FlashGet3.exe"="C:\flash get\FlashGet\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero"
"D:\Stronghold 2\Stronghold2.exe"="D:\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2"
"C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe:*:Enabled:Counter-Strike"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-02-10 23:41:16 ----D---- C:\rsit
2011-02-10 23:36:12 ----D---- C:\_OTL
2011-02-10 15:31:35 ----D---- C:\WINDOWS\RegisteredPackages
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\psisdecd.dll
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\streamip.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\slip.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\mstee.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\msdv.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\mpe.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys
2011-02-10 15:31:06 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2011-02-10 15:16:24 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios
2011-02-10 14:29:16 ----D---- C:\Downloads
2011-02-10 14:23:59 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager
2011-02-10 14:23:54 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG
2011-02-10 14:23:53 ----D---- C:\Program Files\Free Download Manager
2011-02-10 11:39:10 ----D---- C:\Program Files\jv16 PowerTools 2011
2011-02-10 10:58:51 ----D---- C:\Program Files\Kaspersky Lab
2011-02-10 10:58:51 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
2011-02-10 10:58:43 ----A---- C:\WINDOWS\system32\drivers\klif.sys
2011-02-10 10:57:43 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
2011-02-10 10:46:45 ----HD---- C:\WINDOWS\system32\GroupPolicy
2011-02-09 21:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-02-09 21:59:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-02-09 21:58:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-02-09 21:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-02-09 21:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-02-09 21:56:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-02-09 21:56:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-02-08 11:51:51 ----A---- C:\WINDOWS\wininit.ini
2011-02-08 11:51:12 ----A---- C:\WINDOWS\system32\pgdfgsvc.exe
2011-02-08 02:41:22 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2011-02-08 02:41:21 ----D---- C:\Program Files\Common Files\Adobe
2011-02-08 02:41:17 ----D---- C:\Program Files\Adobe
2011-02-08 02:39:27 ----D---- C:\WINDOWS\Cache
2011-02-08 01:14:16 ----D---- C:\Program Files\Windows Sidebar
2011-02-08 01:14:07 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Norton
2011-02-08 01:13:44 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller
2011-02-07 22:53:08 ----D---- C:\Program Files\Trend Micro
2011-02-07 22:24:44 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2011-02-07 22:24:38 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit
2011-02-07 22:24:35 ----D---- C:\Program Files\DAP
2011-02-07 22:16:07 ----D---- C:\flash get
2011-02-07 22:08:46 ----A---- C:\WINDOWS\libem.INI
2011-02-07 22:08:37 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\BITS
2011-02-07 22:08:36 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet
2011-02-07 22:08:32 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO
2011-01-29 21:55:01 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com
2011-01-29 21:53:46 ----D---- C:\Program Files\JDownloader
2011-01-29 21:45:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader
2011-01-29 21:45:27 ----D---- C:\Program Files\WinPcap
2011-01-29 13:06:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-24 01:43:39 ----A---- C:\WINDOWS\system32\SmartDefragBootTime.exe
2011-01-24 01:43:39 ----A---- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys
2011-01-24 01:42:35 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\IObit
2011-01-24 01:42:34 ----D---- C:\Program Files\IObit
2011-01-24 01:29:31 ----D---- C:\Program Files\CCleaner
2011-01-23 17:56:35 ----D---- C:\WINDOWS\system32\URTTEMP
2011-01-22 16:23:39 ----D---- C:\Program Files\Pando Networks
2011-01-17 17:09:01 ----D---- C:\WINDOWS\system32\NtmsData
2011-01-12 18:59:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$

======List of files/folders modified in the last 1 months======

2011-02-11 11:18:15 ----D---- C:\WINDOWS\Temp
2011-02-11 11:16:38 ----D---- C:\WINDOWS\system32
2011-02-11 11:16:38 ----D---- C:\WINDOWS
2011-02-11 00:27:36 ----D---- C:\Program Files\Steam
2011-02-11 00:23:59 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-10 23:47:49 ----D---- C:\WINDOWS\system32\drivers
2011-02-10 23:41:24 ----D---- C:\WINDOWS\Prefetch
2011-02-10 21:31:49 ----D---- C:\Program Files\Opera
2011-02-10 21:31:47 ----SHD---- C:\WINDOWS\Installer
2011-02-10 21:12:22 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
2011-02-10 15:40:13 ----RSD---- C:\WINDOWS\assembly
2011-02-10 15:40:06 ----HD---- C:\WINDOWS\inf
2011-02-10 15:39:39 ----D---- C:\WINDOWS\system32\DirectX
2011-02-10 15:31:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-10 15:29:01 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Winamp
2011-02-10 15:07:07 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-10 14:23:53 ----RD---- C:\Program Files
2011-02-10 12:12:24 ----D---- C:\WINDOWS\system32\config
2011-02-10 11:30:45 ----D---- C:\WINDOWS\Debug
2011-02-10 10:56:40 ----SHD---- C:\System Volume Information
2011-02-10 10:56:40 ----D---- C:\Program Files\Common Files
2011-02-10 10:55:24 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-02-09 21:57:17 ----A---- C:\WINDOWS\system32\MRT.exe
2011-02-09 21:57:08 ----D---- C:\Program Files\Internet Explorer
2011-02-09 21:56:55 ----HD---- C:\WINDOWS\$hf_mig$
2011-02-08 11:39:47 ----SD---- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft
2011-02-08 02:42:22 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe
2011-02-08 01:47:00 ----SD---- C:\WINDOWS\Tasks
2011-02-08 01:46:39 ----D---- C:\Program Files\Mozilla Firefox
2011-02-07 22:58:09 ----D---- C:\WINDOWS\Registration
2011-02-07 22:47:58 ----D---- C:\Program Files\Wolfenstein - Enemy Territory
2011-02-07 22:47:45 ----D---- C:\WINDOWS\WinSxS
2011-02-07 22:16:05 ----D---- C:\Program Files\GIMP-2.0
2011-02-07 22:03:52 ----D---- C:\Program Files\Internet Download Manager
2011-02-07 22:03:02 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\IDM
2011-02-07 22:02:48 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache
2011-02-06 21:09:10 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Skype
2011-02-06 20:15:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\skypePM
2011-02-06 18:30:43 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0
2011-02-06 18:25:24 ----A---- C:\WINDOWS\ModemLog_Motorola USB Modem #2.txt
2011-02-06 00:41:13 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog
2011-02-02 08:34:28 ----SH---- C:\boot.ini
2011-02-02 08:34:28 ----A---- C:\WINDOWS\win.ini
2011-02-02 08:34:27 ----A---- C:\WINDOWS\system.ini
2011-01-30 13:20:55 ----D---- C:\Program Files\Common Files\InstallShield
2011-01-29 21:45:40 ----D---- C:\Program Files\VDownloader
2011-01-23 17:57:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-22 15:57:24 ----D---- C:\WINDOWS\system32\wbem
2011-01-22 15:56:28 ----D---- C:\WINDOWS\system32\Restore
2011-01-21 15:44:11 ----A---- C:\WINDOWS\system32\shimgvw.dll
2011-01-21 15:44:11 ----A---- C:\WINDOWS\system32\shell32.dll
2011-01-17 17:09:01 ----D---- C:\WINDOWS\repair
2011-01-16 15:00:45 ----D---- C:\Program Files\uTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 KL1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2010-06-09 132184]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-05-17 92800]
R0 ohci1394;Kontroler hosta Texas Instruments IEEE 1394 zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-27 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 kl2;kl2; C:\WINDOWS\system32\DRIVERS\kl2.sys [2010-06-09 11352]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2011-02-10 475736]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2010-05-07 32856]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-11-02 19472]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-28 12160]
R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-09 10604128]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 a2tf7vt5;a2tf7vt5; C:\WINDOWS\system32\drivers\a2tf7vt5.sys []
S3 BTCFilterService;USB Networking Driver Filter Service; C:\WINDOWS\system32\DRIVERS\motfilt.sys [2009-01-29 6016]
S3 motccgp;Motorola USB Composite Device Driver; C:\WINDOWS\system32\DRIVERS\motccgp.sys [2009-06-19 19712]
S3 motccgpfl;MotCcgpFlService; C:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2009-01-29 8320]
S3 MotDev;Motorola Inc. USB Device; C:\WINDOWS\system32\DRIVERS\motodrv.sys [2009-05-08 42752]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2009-10-27 23936]
S3 MotoSwitchService;MotoSwitch Service; C:\WINDOWS\system32\DRIVERS\motswch.sys [2007-11-02 6400]
S3 Motousbnet;Motorola USB Networking Driver Service; C:\WINDOWS\system32\DRIVERS\Motousbnet.sys [2009-12-22 23552]
S3 SONYPVU1;Sterownik filtru USB Sony (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2010-04-27 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2010-04-27 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2010-04-27 132424]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-28 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Usługa Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-02 365336]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-07-04 238952]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Usuga stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]
S4 NetTcpPortSharing;Usługa udostępniania portów Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-01-06 75136]

-----------------EOF-----------------
[/log]


@EDYCJA
Dodam iż,coś zaczeło "skakać" Choke w grze counter strike 1.6 tak gdzieś z 0 do 60 a ping jak narazie sie uspokoił.

Tomek01
komentarz
komentarz

Jeszcze nie wszystko.

W OTL, w oknie Custom scan/fixes wklej:

[code]:OTL
O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO\GetAllUrl.htm ()
C:\Program Files\Common Files\AskToolbarInstaller.exe@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:010ADD2C

:Files
C:\WINDOWS\tasks\Game_Booster_Startup.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500UA.job
C:\WINDOWS\tasks\SmartDefrag_Startup.job
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp
C:\Program Files\Common Files\Spigot\Search Settings
C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog

:Reg
[ -HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods]
[ -HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]

:Commands
[emptytemp][/code]

Klikasz run fix, komputer uruchamia się ponownie.
Wrzuć log z usuwania oraz nowe logi: OTL i RSIT


Wyłącz a następnie włącz przywracanie systemu na wszystkich partycjach.
Użyj ATF Cleaner, zaznacz trzy pierwsze fajki i empty selected.

Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i jakby coś wykryły raporty pokaż na forum.

  • 2 tygodnie później...
Gość
komentarz
komentarz (edytowane)

USUWANIE :
[log]All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\使用快车3下载\ deleted successfully.
C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO\GetUrl.htm moved successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\使用快车3下载全部链接\ deleted successfully.
C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO\GetAllUrl.htm moved successfully.
========== FILES ==========
C:\WINDOWS\tasks\Game_Booster_Startup.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500Core.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500UA.job moved successfully.
C:\WINDOWS\tasks\SmartDefrag_Startup.job moved successfully.
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WPDNSE folder moved successfully.
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\xml\xui\browser folder moved successfully.
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\xml\xui folder moved successfully.
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\xml folder moved successfully.
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Winamp Modern\window\menu folder moved successfully.
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Winamp Modern\window folder moved successfully.
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Winamp Modern\shade folder moved successfully.
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Winamp Modern\player folder moved successfully.
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Winamp Modern folder moved successfully.
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Big Bento\window folder moved successfully.
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Big Bento folder moved successfully.
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Bento\window folder moved successfully.
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Bento folder moved successfully.
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform folder moved successfully.
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp folder moved successfully.
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\hsperfdata_Administrator folder moved successfully.
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp folder moved successfully.
File\Folder C:\Program Files\Common Files\Spigot\Search Settings not found.
C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog folder moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1732119 bytes
->Java cache emptied: 272681 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 4550705 bytes
->Flash cache emptied: 1468 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 294772 bytes
RecycleBin emptied: 103844 bytes

Total Files Cleaned = 7,00 mb


OTL by OldTimer - Version 3.2.20.6 log created on 02112011_200753

Files\Folders moved on Reboot...
C:\WINDOWS\temp\klsA7BF.tmp moved successfully.

Registry entries deleted on Reboot...
[/log]
OTL :
[log]
OTL Extras logfile created on: 2011-02-11 20:15:55 - Run 5
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrator\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 116,19 Gb Total Space | 53,45 Gb Free Space | 46,01% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 106,23 Gb Free Space | 72,52% Space Free | Partition Type: NTFS
Drive E: | 123,96 Gb Total Space | 67,50 Gb Free Space | 54,45% Space Free | Partition Type: NTFS

Computer Name: FLIPER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Combat Arms EU\CombatArms.exe" = D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"D:\Combat Arms EU\Engine.exe" = D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger -- (Creative Team S.A.)
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"E:\Mass Effect\Binaries\MassEffect.exe" = E:\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game -- (BioWare)
"E:\Mass Effect\MassEffectLauncher.exe" = E:\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher -- (BioWare)
"C:\Program Files\Motorola\RSD Lite\SDL.exe" = C:\Program Files\Motorola\RSD Lite\SDL.exe:*:Enabled:SDL -- (Motorola)
"D:\Program Files\Call of Duty\CoDMP.exe" = D:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP -- ()
"C:\Program Files\EliteGunz\EliteGunz.exe" = C:\Program Files\EliteGunz\EliteGunz.exe:*:Enabled:Gunz -- (MAIET entertainment)
"C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe:*:Enabled:Counter-Strike
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe" = C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET
"D:\COUNTER STrike NS\hl.exe" = D:\COUNTER STrike NS\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"D:\The Lord of the Rings Online\lotroclient.exe" = D:\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient -- (Turbine, Inc.)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\flash get\FlashGet\FlashGet3.exe" = C:\flash get\FlashGet\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe" = C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero -- (Valve)
"D:\Stronghold 2\Stronghold2.exe" = D:\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2 -- (Firefly Studios)
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"D:\Combat Arms EU\CombatArms.exe" = D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"D:\Combat Arms EU\Engine.exe" = D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
"D:\Combat Arms EU\NMService.exe" = D:\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{6FCBE08B-EB47-448E-8566-CE38E8B8D065}" = System Requirements Lab CYRI
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{958E2B23-6146-4A21-9532-9F59049E9B35}" = Motorola Phone Tools
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A01E2BF5-2BA5-4846-B3DC-7F8866C0C5FA}" = RSDLite
"{A0673E9E-4510-4AA0-B860-58FD5A7212A1}" = Motorola Driver Installation 4.5.0
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.0.752
"{AC76BA86-7AD7-1038-7B44-CEA000000001}" = Adobe Reader 6.0.2 CE
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB132F09-DCF1-46EA-AE92-F8B42AB7BAD4}" = Stunt GP
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = The Lord of the Rings Online™ v03.02.04.8010
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AQQ" = WapSter AQQ
"AruaROSE_is1" = AruaROSE
"Call of Duty" = Call of Duty
"CCleaner" = CCleaner
"Combat Arms EU" = Combat Arms EU
"Free Download Manager_is1" = Free Download Manager 3.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"JDownloader" = JDownloader
"jv16 PowerTools 2011" = jv16 PowerTools 2011
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MTA:SA" = MTA:SA v1.0.4
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Opera 11.01.1190" = Opera 11.01
"Steam App 10" = Counter-Strike
"Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes
"Steam App 80" = Counter-Strike: Condition Zero
"Stronghold_is1" = Twierdza
"uTorrent" = µTorrent
"VideoGet_is1" = Nuclear Coffee - VideoGet
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = Archiwizator WinRAR
"Wisdom-soft Set up ScreenHunter 5.1 Free" = Wisdom-soft Set up ScreenHunter 5.1 Free
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ System Events ]
Error - 2011-02-11 06:16:37 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2011-02-11 06:16:38 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa FsUsbExService niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-02-11 06:16:43 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-02-11 06:18:14 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: atapi PCIIde

Error - 2011-02-11 08:57:50 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: atapi PCIIde

Error - 2011-02-11 10:37:35 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: atapi PCIIde

Error - 2011-02-11 15:07:54 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2011-02-11 15:07:54 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa FsUsbExService niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-02-11 15:07:55 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-02-11 15:10:45 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: atapi PCIIde


< End of report >
[/log]

[log]
OTL logfile created on: 2011-02-11 20:15:55 - Run 5
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrator\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 116,19 Gb Total Space | 53,45 Gb Free Space | 46,01% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 106,23 Gb Free Space | 72,52% Space Free | Partition Type: NTFS
Drive E: | 123,96 Gb Total Space | 67,50 Gb Free Space | 54,45% Space Free | Partition Type: NTFS

Computer Name: FLIPER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
PRC - [2011-02-10 21:31:47 | 000,943,472 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011-02-07 12:56:24 | 008,993,280 | ---- | M] (Creative Team S.A.) -- C:\Program Files\WapSter\WapSter AQQ\AQQ.exe
PRC - [2010-11-12 18:53:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010-07-09 16:24:34 | 000,155,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
MOD - [2011-01-21 15:44:11 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2010-12-09 16:15:25 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-02-10 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010-11-27 13:45:17 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-11-26 18:02:54 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010-07-09 23:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010-06-14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010-06-09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2)
DRV - [2010-06-09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010-05-07 11:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2010-04-27 03:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010-04-27 03:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010-04-27 03:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009-12-22 10:00:26 | 000,023,552 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2009-11-02 19:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-10-27 12:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2009-06-19 16:59:34 | 000,019,712 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2009-05-08 11:56:12 | 000,042,752 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev)
DRV - [2009-01-29 17:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2009-01-29 17:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008-04-14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2007-11-02 15:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005-05-17 10:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005-04-05 20:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005-04-05 20:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[2011-02-08 01:46:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-12-27 19:08:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-12-06 23:03:18 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010-12-13 13:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchddr.xml

O1 HOSTS File: ([2010-11-29 07:39:38 | 000,000,789 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKCU..\Run: [Software Informer] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Pobierz w Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.50 212.76.34.49
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2010-11-20 14:53:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: [b]AutoStartNPSAgent[/b] - hkey= - key= - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: [b]facemoods[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]NPSStartup[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]nwiz[/b] - hkey= - key= - C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
MsConfig - StartUpReg: [b]Pando Media Booster[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]PCSpeedUp[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]SearchSettings[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-02-11 20:16:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes
[2011-02-11 20:16:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011-02-11 20:16:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2011-02-11 20:16:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2011-02-11 20:16:24 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-02-11 20:16:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-02-11 19:19:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nexon
[2011-02-11 16:17:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nexon
[2011-02-11 16:13:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2011-02-11 15:49:00 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2011-02-11 15:48:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\SystemRequirementsLab
[2011-02-11 15:47:53 | 000,000,000 | ---D | C] -- C:\Nexon
[2011-02-11 15:47:47 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
[2011-02-11 12:42:39 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011-02-10 23:41:16 | 000,000,000 | ---D | C] -- C:\rsit
[2011-02-10 23:36:12 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-02-10 23:25:08 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
[2011-02-10 16:46:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kolekcja Klasyki
[2011-02-10 15:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\NFS Most Wanted
[2011-02-10 15:48:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA GAMES
[2011-02-10 15:31:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2011-02-10 15:16:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios
[2011-02-10 15:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Stronghold 2
[2011-02-10 14:29:16 | 000,000,000 | ---D | C] -- C:\Downloads
[2011-02-10 14:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager
[2011-02-10 14:23:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Free Download Manager
[2011-02-10 14:23:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG
[2011-02-10 14:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager
[2011-02-10 11:39:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\jv16 PowerTools 2011
[2011-02-10 11:39:10 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools 2011
[2011-02-10 10:59:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kaspersky Internet Security 2011
[2011-02-10 10:58:51 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2011-02-10 10:58:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
[2011-02-10 10:58:43 | 000,475,736 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011-02-10 10:57:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
[2011-02-10 10:46:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2011-02-08 11:51:12 | 000,025,992 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2011-02-08 11:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\PageDefrag
[2011-02-08 02:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe
[2011-02-08 02:42:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje książki elektroniczne
[2011-02-08 02:41:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PrintMe Internet Printing
[2011-02-08 02:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2011-02-08 02:41:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011-02-08 02:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011-02-08 02:39:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache
[2011-02-08 01:47:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Google Chrome
[2011-02-08 01:46:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google
[2011-02-08 01:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2011-02-08 01:14:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton
[2011-02-08 01:13:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller
[2011-02-07 22:53:08 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011-02-07 22:53:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\HiJackThis
[2011-02-07 22:34:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data
[2011-02-07 22:24:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-02-07 22:24:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit
[2011-02-07 22:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\DAP
[2011-02-07 22:16:07 | 000,000,000 | ---D | C] -- C:\flash get
[2011-02-07 22:08:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\BITS
[2011-02-07 22:08:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet
[2011-02-07 22:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO
[2011-02-02 22:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\obrazki z pejnta
[2011-01-31 20:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Firefly Studios
[2011-01-31 01:19:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\pejnt
[2011-01-30 13:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Team17
[2011-01-29 21:55:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com
[2011-01-29 21:54:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\JDownloader
[2011-01-29 21:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2011-01-29 21:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader
[2011-01-29 21:45:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\VDownloader
[2011-01-29 21:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2011-01-25 19:12:39 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache
[2011-01-24 01:42:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2011-01-24 01:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011-01-24 01:29:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2011-01-24 01:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011-01-23 21:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\The Lord of the Rings Online
[2011-01-23 21:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\The Lord of the Rings Online
[2011-01-23 19:53:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Turbine
[2011-01-23 17:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ApplicationHistory
[2011-01-23 17:56:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2011-01-23 17:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Codemasters
[2011-01-22 16:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2011-01-17 17:09:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011-01-06 22:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\PunkBuster
[2011-01-06 21:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfenstein - Enemy Territory
[2010-12-29 13:49:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Winamp
[2010-12-29 13:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010-12-29 13:49:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Detektor Winampa
[2010-12-29 13:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010-12-29 13:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Winamp
[2010-12-22 22:31:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ESET
[2010-12-22 22:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
[2010-12-20 17:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\AruaROSE
[2010-12-19 20:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Call of Duty
[2010-12-19 14:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\The Duel
[2010-12-19 14:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EliteGunz
[2010-12-19 14:53:01 | 000,000,000 | ---D | C] -- C:\Program Files\EliteGunz
[2010-12-19 12:20:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE
[2010-12-18 23:30:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.thumbnails
[2010-12-18 23:30:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0
[2010-12-18 23:26:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\gegl-0.0
[2010-12-18 23:26:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.gimp-2.6
[2010-12-18 23:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\GIMP
[2010-12-18 23:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010-12-18 23:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2010-12-18 22:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\IDM
[2010-12-18 22:05:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache
[2010-12-18 22:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2010-12-18 22:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Internet Download Manager
[2010-12-18 21:17:58 | 000,023,552 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\Motousbnet.sys
[2010-12-18 21:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Motorola Driver Installer
[2010-12-18 21:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Avanquest update
[2010-12-18 21:11:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\BVRP Software
[2010-12-18 21:10:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Motorola Phone Tools
[2010-12-18 21:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Phone Tools
[2010-12-18 21:08:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software
[2010-12-18 21:08:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\InstallShield
[2010-12-18 12:08:51 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2010-12-18 12:02:25 | 000,006,016 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motfilt.sys
[2010-12-18 12:02:24 | 000,023,936 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motmodem.sys
[2010-12-18 12:02:24 | 000,019,712 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgp.sys
[2010-12-18 12:02:24 | 000,008,320 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgpfl.sys
[2010-12-18 12:02:24 | 000,006,400 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motswch.sys
[2010-12-18 12:02:19 | 000,042,752 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motodrv.sys
[2010-12-18 12:01:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2010-12-17 20:05:24 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2010-12-17 19:49:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010-12-17 19:48:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010-12-17 19:47:37 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010-12-17 15:39:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010-12-17 15:28:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010-11-28 15:14:25 | 003,056,008 | ---- | C] (Ask) -- C:\Program Files\Common Files\AskToolbarInstaller.exe

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-02-11 20:16:43 | 000,246,740 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\launch.exe
[2011-02-11 20:16:29 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-02-11 20:10:51 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-02-11 20:10:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-02-11 19:47:46 | 000,019,438 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ScreenHunter_01 Feb. 11 19.47.jpg
[2011-02-11 16:17:14 | 000,000,596 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Combat Arms EU.lnk
[2011-02-11 15:47:53 | 000,000,235 | ---- | M] () -- C:\WINDOWS\System32\nxEuUninstall.bat
[2011-02-11 15:47:48 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
[2011-02-10 23:40:45 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\RSIT.exe
[2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
[2011-02-10 21:31:49 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2011-02-10 15:21:50 | 000,013,312 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-02-10 10:59:40 | 000,114,243 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011-02-10 10:59:40 | 000,097,859 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011-02-10 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011-02-10 10:47:22 | 000,000,414 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011-02-09 22:30:28 | 000,551,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-02-08 11:51:51 | 000,000,063 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011-02-08 11:51:12 | 000,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2011-02-08 02:38:14 | 000,144,631 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Regulamin_ESKA_Lubie_to.pdf
[2011-02-07 23:08:24 | 000,000,365 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\MUZYKA.lnk
[2011-02-07 23:07:20 | 000,000,417 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\INSTALKI.lnk
[2011-02-07 23:05:21 | 000,000,370 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ZDJĘCIA.lnk
[2011-02-07 23:03:17 | 000,000,346 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\GRY.lnk
[2011-02-07 23:02:23 | 000,000,377 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\PROGRAMY.lnk
[2011-02-07 22:08:46 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
[2011-02-06 18:30:43 | 000,002,817 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2011-02-02 08:34:28 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011-01-31 14:28:24 | 000,042,905 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\default.htm
[2011-01-23 17:58:12 | 000,000,138 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2011-01-23 17:57:55 | 000,499,510 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-01-23 17:57:55 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-01-23 17:57:55 | 000,088,816 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-01-23 17:57:55 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-01-06 22:13:49 | 000,137,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011-01-06 22:13:23 | 000,268,952 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010-12-20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-12-20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-12-19 20:41:23 | 000,000,745 | ---- | M] () -- C:\WINDOWS\CoD.INI
[2010-12-18 22:58:44 | 000,000,476 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\lul.rtf
[2010-12-18 21:12:30 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf
[2010-12-18 12:37:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
[2010-12-18 12:37:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motfilt_01007.Wdf
[2010-12-18 12:08:41 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010-12-18 12:08:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2010-12-18 12:08:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf
[2010-12-18 12:08:31 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-02-11 20:16:29 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-02-11 20:16:13 | 000,246,740 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\launch.exe
[2011-02-11 19:47:46 | 000,019,438 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ScreenHunter_01 Feb. 11 19.47.jpg
[2011-02-11 16:17:14 | 000,000,596 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Combat Arms EU.lnk
[2011-02-11 15:47:53 | 000,000,235 | ---- | C] () -- C:\WINDOWS\System32\nxEuUninstall.bat
[2011-02-10 23:40:45 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\RSIT.exe
[2011-02-10 21:31:49 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk
[2011-02-10 21:31:49 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2011-02-10 15:31:07 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2011-02-10 15:31:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011-02-10 15:31:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2011-02-10 15:31:07 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2011-02-10 15:31:07 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2011-02-10 15:31:07 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2011-02-10 15:31:07 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2011-02-10 15:31:07 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2011-02-10 15:31:07 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2011-02-10 15:31:07 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2011-02-10 15:31:07 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2011-02-10 10:59:40 | 000,114,243 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011-02-10 10:59:40 | 000,097,859 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011-02-10 10:47:22 | 000,000,414 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011-02-08 11:51:51 | 000,000,063 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011-02-08 02:41:27 | 000,001,872 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader 6.0 CE.lnk
[2011-02-08 02:38:14 | 000,144,631 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Regulamin_ESKA_Lubie_to.pdf
[2011-02-07 23:08:24 | 000,000,365 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\MUZYKA.lnk
[2011-02-07 23:07:20 | 000,000,417 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\INSTALKI.lnk
[2011-02-07 23:05:21 | 000,000,370 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ZDJĘCIA.lnk
[2011-02-07 23:03:17 | 000,000,346 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\GRY.lnk
[2011-02-07 23:02:23 | 000,000,377 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\PROGRAMY.lnk
[2011-02-07 22:08:46 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2011-02-06 18:30:43 | 000,002,817 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2011-01-31 14:28:23 | 000,042,905 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\default.htm
[2011-01-24 01:43:39 | 000,028,496 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011-01-24 01:43:39 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011-01-23 17:58:12 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2011-01-06 22:13:50 | 000,137,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011-01-06 22:13:45 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011-01-06 22:13:23 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2011-01-06 22:13:17 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010-12-22 17:57:37 | 000,013,312 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-19 20:20:33 | 000,000,745 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2010-12-18 21:12:30 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf
[2010-12-18 12:37:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
[2010-12-18 12:37:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motfilt_01007.Wdf
[2010-12-18 12:08:51 | 000,002,503 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\RSD Lite.lnk
[2010-12-18 12:08:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2010-12-18 12:08:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf
[2010-12-18 12:08:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010-11-28 15:14:26 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2010-11-27 13:45:17 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-11-21 13:36:41 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010-11-21 13:36:41 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010-11-21 13:36:37 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\$_hpcst$.hpc
[2010-11-20 17:47:46 | 000,494,557 | ---- | C] () -- C:\WINDOWS\System32\dxgi.dll
[2010-11-20 17:47:46 | 000,025,037 | ---- | C] () -- C:\WINDOWS\System32\Nucleus.dll
[2010-11-20 17:47:44 | 000,519,912 | ---- | C] () -- C:\WINDOWS\System32\d3dx10d_33.dll
[2010-11-20 17:47:44 | 000,519,912 | ---- | C] () -- C:\WINDOWS\System32\d3dx10d.dll
[2010-11-20 17:47:43 | 000,566,624 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll
[2010-11-20 15:56:48 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2010-11-20 15:56:36 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010-11-20 15:25:21 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-01-27 03:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[color=#E56717]========== LOP Check ==========[/color]

[2010-12-11 17:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ACD Systems
[2011-02-07 22:19:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\BITS
[2010-11-27 13:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite
[2011-02-07 22:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache
[2011-01-29 21:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com
[2011-02-07 22:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet
[2011-02-11 20:07:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO
[2011-02-10 14:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager
[2010-11-20 17:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GetRightToGo
[2011-02-06 18:30:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0
[2011-02-07 22:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\IDM
[2010-11-28 15:14:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenCandy
[2010-11-20 15:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
[2010-11-21 13:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Samsung
[2011-02-11 15:47:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2011-01-29 21:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader
[2010-12-11 17:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems
[2010-12-18 21:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software
[2010-11-27 13:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-02-10 15:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios
[2011-02-10 14:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG
[2011-01-24 01:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2011-02-11 19:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nexon
[2011-02-11 19:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2010-11-21 13:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2011-02-07 22:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit
[2011-02-07 22:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-11-20 14:53:29 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-02-02 08:34:28 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2002-09-28 23:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-11-20 14:53:29 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-11-20 14:53:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-11-20 14:53:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010-11-27 22:48:25 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2011-02-11 20:10:18 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2002-09-28 23:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:010ADD2C

< End of report >
[/log]

RSIT :
[log]
Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2011-02-11 20:21:03
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 55 GB (46%) free of 119 GB
Total RAM: 1535 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:21:14, on 2011-02-11
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Administrator\Pulpit\RSIT.exe
C:\Program Files\trend micro\Administrator.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Pobierz w Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O9 - Extra button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Usługa Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5490 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll [2010-10-05 68280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll [2010-10-05 191160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-02 365336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-12-20 443728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Software Informer"=C:\Program Files\Software Informer\softinfo.exe -autorun []
"KPeerNexonEU"=C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [2011-02-11 438272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods]
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\RGI2.tmp []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-02-08 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files\Pando Networks\Media Booster\PMB.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files\Przyspiesz Komputer\PCSpeedUp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2010-10-05 228024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=60

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\WapSter\WapSter AQQ\AQQ.exe"="C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"E:\Mass Effect\Binaries\MassEffect.exe"="E:\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game"
"E:\Mass Effect\MassEffectLauncher.exe"="E:\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Motorola\RSD Lite\SDL.exe"="C:\Program Files\Motorola\RSD Lite\SDL.exe:*:Enabled:SDL"
"D:\Program Files\Call of Duty\CoDMP.exe"="D:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"C:\Program Files\EliteGunz\EliteGunz.exe"="C:\Program Files\EliteGunz\EliteGunz.exe:*:Enabled:Gunz"
"C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
"D:\COUNTER STrike NS\hl.exe"="D:\COUNTER STrike NS\hl.exe:*:Enabled:Half-Life Launcher"
"D:\The Lord of the Rings Online\lotroclient.exe"="D:\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\flash get\FlashGet\FlashGet3.exe"="C:\flash get\FlashGet\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero"
"D:\Stronghold 2\Stronghold2.exe"="D:\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine.exe"
"C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"D:\Combat Arms EU\CombatArms.exe"="D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"D:\Combat Arms EU\Engine.exe"="D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"D:\Combat Arms EU\NMService.exe"="D:\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Combat Arms EU\CombatArms.exe"="D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"D:\Combat Arms EU\Engine.exe"="D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

======List of files/folders created in the last 1 months======

2011-02-11 20:16:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes
2011-02-11 20:16:29 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-02-11 20:16:28 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2011-02-11 20:16:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-02-11 20:16:24 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-02-11 19:19:36 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Nexon
2011-02-11 16:13:57 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU
2011-02-11 15:49:00 ----D---- C:\Program Files\SystemRequirementsLab
2011-02-11 15:47:53 ----D---- C:\Nexon
2011-02-11 15:47:53 ----A---- C:\WINDOWS\system32\nxEuUninstall.bat
2011-02-11 15:47:47 ----A---- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
2011-02-10 23:41:16 ----D---- C:\rsit
2011-02-10 23:36:12 ----D---- C:\_OTL
2011-02-10 15:31:35 ----D---- C:\WINDOWS\RegisteredPackages
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\psisdecd.dll
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\streamip.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\slip.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\mstee.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\msdv.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\mpe.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys
2011-02-10 15:31:06 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2011-02-10 15:16:24 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios
2011-02-10 14:29:16 ----D---- C:\Downloads
2011-02-10 14:23:59 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager
2011-02-10 14:23:54 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG
2011-02-10 14:23:53 ----D---- C:\Program Files\Free Download Manager
2011-02-10 11:39:10 ----D---- C:\Program Files\jv16 PowerTools 2011
2011-02-10 10:58:51 ----D---- C:\Program Files\Kaspersky Lab
2011-02-10 10:58:51 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
2011-02-10 10:58:43 ----A---- C:\WINDOWS\system32\drivers\klif.sys
2011-02-10 10:57:43 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
2011-02-10 10:46:45 ----HD---- C:\WINDOWS\system32\GroupPolicy
2011-02-09 21:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-02-09 21:59:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-02-09 21:58:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-02-09 21:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-02-09 21:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-02-09 21:56:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-02-09 21:56:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-02-08 11:51:51 ----A---- C:\WINDOWS\wininit.ini
2011-02-08 11:51:12 ----A---- C:\WINDOWS\system32\pgdfgsvc.exe
2011-02-08 02:41:22 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2011-02-08 02:41:21 ----D---- C:\Program Files\Common Files\Adobe
2011-02-08 02:41:17 ----D---- C:\Program Files\Adobe
2011-02-08 02:39:27 ----D---- C:\WINDOWS\Cache
2011-02-08 01:14:16 ----D---- C:\Program Files\Windows Sidebar
2011-02-08 01:14:07 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Norton
2011-02-08 01:13:44 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller
2011-02-07 22:53:08 ----D---- C:\Program Files\Trend Micro
2011-02-07 22:24:44 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2011-02-07 22:24:38 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit
2011-02-07 22:24:35 ----D---- C:\Program Files\DAP
2011-02-07 22:16:07 ----D---- C:\flash get
2011-02-07 22:08:46 ----A---- C:\WINDOWS\libem.INI
2011-02-07 22:08:37 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\BITS
2011-02-07 22:08:36 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet
2011-02-07 22:08:32 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO
2011-01-29 21:55:01 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com
2011-01-29 21:53:46 ----D---- C:\Program Files\JDownloader
2011-01-29 21:45:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader
2011-01-29 21:45:27 ----D---- C:\Program Files\WinPcap
2011-01-29 13:06:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-24 01:43:39 ----A---- C:\WINDOWS\system32\SmartDefragBootTime.exe
2011-01-24 01:43:39 ----A---- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys
2011-01-24 01:42:35 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\IObit
2011-01-24 01:42:34 ----D---- C:\Program Files\IObit
2011-01-24 01:29:31 ----D---- C:\Program Files\CCleaner
2011-01-23 17:56:35 ----D---- C:\WINDOWS\system32\URTTEMP
2011-01-22 16:23:39 ----D---- C:\Program Files\Pando Networks
2011-01-17 17:09:01 ----D---- C:\WINDOWS\system32\NtmsData
2011-01-12 18:59:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$

======List of files/folders modified in the last 1 months======

2011-02-11 20:16:51 ----D---- C:\WINDOWS\Prefetch
2011-02-11 20:16:29 ----D---- C:\WINDOWS\system32\drivers
2011-02-11 20:16:24 ----RD---- C:\Program Files
2011-02-11 20:10:50 ----D---- C:\WINDOWS\Temp
2011-02-11 20:07:55 ----SD---- C:\WINDOWS\Tasks
2011-02-11 20:01:26 ----D---- C:\WINDOWS
2011-02-11 19:15:11 ----D---- C:\Program Files\Steam
2011-02-11 18:54:22 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-11 15:49:11 ----D---- C:\Program Files\Opera
2011-02-11 15:49:01 ----SHD---- C:\WINDOWS\Installer
2011-02-11 15:47:53 ----D---- C:\WINDOWS\system32
2011-02-11 15:47:52 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
2011-02-11 13:10:48 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Winamp
2011-02-10 15:40:13 ----RSD---- C:\WINDOWS\assembly
2011-02-10 15:40:06 ----HD---- C:\WINDOWS\inf
2011-02-10 15:39:39 ----D---- C:\WINDOWS\system32\DirectX
2011-02-10 15:31:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-10 15:07:07 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-10 12:12:24 ----D---- C:\WINDOWS\system32\config
2011-02-10 11:30:45 ----D---- C:\WINDOWS\Debug
2011-02-10 10:56:40 ----SHD---- C:\System Volume Information
2011-02-10 10:56:40 ----D---- C:\Program Files\Common Files
2011-02-10 10:55:24 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-02-09 21:57:17 ----A---- C:\WINDOWS\system32\MRT.exe
2011-02-09 21:57:08 ----D---- C:\Program Files\Internet Explorer
2011-02-09 21:56:55 ----HD---- C:\WINDOWS\$hf_mig$
2011-02-08 11:39:47 ----SD---- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft
2011-02-08 02:42:22 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe
2011-02-08 01:46:39 ----D---- C:\Program Files\Mozilla Firefox
2011-02-07 22:58:09 ----D---- C:\WINDOWS\Registration
2011-02-07 22:47:58 ----D---- C:\Program Files\Wolfenstein - Enemy Territory
2011-02-07 22:47:45 ----D---- C:\WINDOWS\WinSxS
2011-02-07 22:16:05 ----D---- C:\Program Files\GIMP-2.0
2011-02-07 22:03:52 ----D---- C:\Program Files\Internet Download Manager
2011-02-07 22:03:02 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\IDM
2011-02-07 22:02:48 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache
2011-02-06 21:09:10 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Skype
2011-02-06 20:15:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\skypePM
2011-02-06 18:30:43 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0
2011-02-06 18:25:24 ----A---- C:\WINDOWS\ModemLog_Motorola USB Modem #2.txt
2011-02-02 08:34:28 ----SH---- C:\boot.ini
2011-02-02 08:34:28 ----A---- C:\WINDOWS\win.ini
2011-02-02 08:34:27 ----A---- C:\WINDOWS\system.ini
2011-01-30 13:20:55 ----D---- C:\Program Files\Common Files\InstallShield
2011-01-29 21:45:40 ----D---- C:\Program Files\VDownloader
2011-01-23 17:57:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-22 15:57:24 ----D---- C:\WINDOWS\system32\wbem
2011-01-22 15:56:28 ----D---- C:\WINDOWS\system32\Restore
2011-01-21 15:44:11 ----A---- C:\WINDOWS\system32\shimgvw.dll
2011-01-21 15:44:11 ----A---- C:\WINDOWS\system32\shell32.dll
2011-01-17 17:09:01 ----D---- C:\WINDOWS\repair
2011-01-16 15:00:45 ----D---- C:\Program Files\uTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 KL1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2010-06-09 132184]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-05-17 92800]
R0 ohci1394;Kontroler hosta Texas Instruments IEEE 1394 zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-27 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 kl2;kl2; C:\WINDOWS\system32\DRIVERS\kl2.sys [2010-06-09 11352]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2011-02-10 475736]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2010-05-07 32856]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-11-02 19472]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-28 12160]
R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-09 10604128]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 af53g448;af53g448; C:\WINDOWS\system32\drivers\af53g448.sys []
S3 BTCFilterService;USB Networking Driver Filter Service; C:\WINDOWS\system32\DRIVERS\motfilt.sys [2009-01-29 6016]
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 motccgp;Motorola USB Composite Device Driver; C:\WINDOWS\system32\DRIVERS\motccgp.sys [2009-06-19 19712]
S3 motccgpfl;MotCcgpFlService; C:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2009-01-29 8320]
S3 MotDev;Motorola Inc. USB Device; C:\WINDOWS\system32\DRIVERS\motodrv.sys [2009-05-08 42752]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2009-10-27 23936]
S3 MotoSwitchService;MotoSwitch Service; C:\WINDOWS\system32\DRIVERS\motswch.sys [2007-11-02 6400]
S3 Motousbnet;Motorola USB Networking Driver Service; C:\WINDOWS\system32\DRIVERS\Motousbnet.sys [2009-12-22 23552]
S3 SONYPVU1;Sterownik filtru USB Sony (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2010-04-27 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2010-04-27 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2010-04-27 132424]
S3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-28 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Usługa Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-02 365336]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-07-04 238952]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Usuga stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]
S4 NetTcpPortSharing;Usługa udostępniania portów Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-01-06 75136]

-----------------EOF-----------------
[/log]

@EDYCJA : MALWAREBYTES Anti-Malwe :
[log]Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Wersja bazy: 5742

Windows 5.1.2600 Dodatek Service Pack 3
Internet Explorer 8.0.6001.18702

2011-02-11 21:34:26
mbam-log-2011-02-11 (21-34-23).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|)
Przeskanowano obiektów: 274959
Upłynęło: 51 minut(y), 41 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 0
Zainfekowanych wartości rejestru: 1
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 0
Zainfekowanych plików: 2

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
(Nie znaleziono zagrożeń)

Zainfekowanych wartości rejestru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run\NVIDIA driver monitor (Backdoor.Agent) -> Value: NVIDIA driver monitor -> No action taken.

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
(Nie znaleziono zagrożeń)

Zainfekowanych plików:
e:\instalki dominik\ventrilo-2.1.4-windows-i386.exe (Trojan.Dropper) -> No action taken.
c:\WINDOWS\system32\d3dx10d.dll (Trojan.FakeAlert) -> No action taken.
[/log]

@edit2
dr web nic nie wykryl.

refresh@

Tomek01
komentarz
komentarz

Wklej do OTL:

[code]:Files
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\RGI2.tmp
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe

:Reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]

:Commands
[emptytemp][/code]

Klikasz run fix, komputer uruchamia się ponownie.
Wrzuć log z usuwania oraz nowe logi: OTL i RSIT


Przeskanuj na virustotal poniższy plik:
C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe

Gość
komentarz
komentarz (edytowane)

[log]All processes killed
========== FILES ==========
File\Folder C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\RGI2.tmp not found.
File\Folder C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 21266452 bytes
->Temporary Internet Files folder emptied: 1140342 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 161731607 bytes
->Opera cache emptied: 15530408 bytes
->Flash cache emptied: 2059 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 866532058 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 017,00 mb


OTL by OldTimer - Version 3.2.20.6 log created on 02212011_223531

Files\Folders moved on Reboot...
C:\WINDOWS\temp\kls8D4A.tmp moved successfully.

Registry entries deleted on Reboot...
[/log]


Wynik virus total 0/42
http://www.virustotal.com/file-scan/report.html?id=fdf6a15e87b9028f6c38620a77e5cc5f82582d3dd0c09e81dabb8d35621c0b61-1288029949

otl ;
[log]OTL logfile created on: 2011-02-21 22:41:47 - Run 6
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrator\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 116,19 Gb Total Space | 29,16 Gb Free Space | 25,09% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 98,58 Gb Free Space | 67,30% Space Free | Partition Type: NTFS
Drive E: | 123,96 Gb Total Space | 43,28 Gb Free Space | 34,91% Space Free | Partition Type: NTFS

Computer Name: FLIPER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-02-21 22:35:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL_3.2.20.6(dobreprogramy.pl).exe
PRC - [2011-02-10 21:31:47 | 000,943,472 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011-02-07 12:56:24 | 008,993,280 | ---- | M] (Creative Team S.A.) -- C:\Program Files\WapSter\WapSter AQQ\AQQ.exe
PRC - [2010-11-12 18:53:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010-07-09 16:24:34 | 000,155,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-06-29 02:41:56 | 000,401,408 | R--- | M] () -- C:\WINDOWS\713xRMT.exe
PRC - [2007-06-29 02:41:56 | 000,352,256 | R--- | M] () -- C:\WINDOWS\713xRMTMon.exe
PRC - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2005-08-25 10:30:14 | 000,307,200 | ---- | M] () -- C:\Program Files\honestech\honestech TVR\scheduleTV.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-02-21 22:35:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL_3.2.20.6(dobreprogramy.pl).exe
MOD - [2011-01-21 15:44:11 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2010-12-09 16:15:25 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-02-10 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010-11-27 13:45:17 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-11-26 18:02:54 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010-07-09 23:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010-06-14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010-06-09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2)
DRV - [2010-06-09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010-05-07 11:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2010-04-27 03:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010-04-27 03:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010-04-27 03:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009-12-22 10:00:26 | 000,023,552 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2009-11-02 19:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-10-27 12:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2009-06-19 16:59:34 | 000,019,712 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2009-05-08 11:56:12 | 000,042,752 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev)
DRV - [2009-01-29 17:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2009-01-29 17:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008-04-14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2007-11-02 15:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2007-06-29 02:42:02 | 000,279,552 | R--- | M] (Philips Semiconductors) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SAA713x.sys -- (713xTVCard)
DRV - [2007-06-29 02:42:02 | 000,025,984 | R--- | M] (Philips Semiconductors) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WDMTuner.sys -- (WDMTVTuner)
DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005-05-17 10:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005-04-05 20:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005-04-05 20:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-796845957-1767777339-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[2011-02-08 01:46:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-12-27 19:08:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-12-06 23:03:18 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010-12-13 13:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchddr.xml

O1 HOSTS File: ([2010-11-29 07:39:38 | 000,000,789 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IE to GetRight Helper) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll (Headlight Software, Inc.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\713xRMTMon.exe ()
O4 - HKU\S-1-5-21-796845957-1767777339-839522115-500..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Scheduler for OEM.lnk = C:\Program Files\honestech\honestech TVR\scheduleTV.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Download with GetRight Pro - C:\Program Files\GetRight\GRDownload.htm ()
O8 - Extra context menu item: Open with GetRight Pro Browser - C:\Program Files\GetRight\GRBrowse.htm ()
O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Pobierz w Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.50 212.76.34.49
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2010-11-20 14:53:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: [b]AutoStartNPSAgent[/b] - hkey= - key= - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: [b]KPeerNexonEU[/b] - hkey= - key= - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]NPSStartup[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]nwiz[/b] - hkey= - key= - C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
MsConfig - StartUpReg: [b]Pando Media Booster[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]PCSpeedUp[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Software Informer[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-02-21 22:35:08 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL_3.2.20.6(dobreprogramy.pl).exe
[2011-02-21 16:41:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\TechSmith
[2011-02-21 16:04:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Camtasia Studio
[2011-02-21 16:04:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\QuickTime
[2011-02-21 16:03:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Camtasia Studio 7
[2011-02-21 16:03:30 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011-02-21 16:02:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TechSmith Shared
[2011-02-21 16:02:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TechSmith
[2011-02-21 16:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith
[2011-02-21 15:38:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ALLPlayer
[2011-02-21 15:38:46 | 000,000,000 | ---D | C] -- C:\Program Files\NAPI-PROJEKT
[2011-02-21 15:38:21 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer
[2011-02-21 15:29:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Sony
[2011-02-21 14:14:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\GetRight
[2011-02-21 14:14:51 | 000,000,000 | ---D | C] -- C:\Program Files\GetRight
[2011-02-21 13:42:50 | 000,000,000 | ---D | C] -- C:\Fraps
[2011-02-20 14:28:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NFSMW (Black Edition 1.3) Mega Trainer
[2011-02-20 14:28:02 | 000,000,000 | ---D | C] -- C:\Program Files\vbNFSMWMegaTrainer
[2011-02-20 12:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Nowy folder
[2011-02-19 14:28:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog
[2011-02-19 01:04:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011-02-18 22:15:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\honestech
[2011-02-18 22:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\honestech
[2011-02-18 22:15:23 | 000,204,800 | ---- | C] (Items Technology Co., Ltd.) -- C:\WINDOWS\System32\713xTTXDecoder.ax
[2011-02-18 22:15:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\MyInstall
[2011-02-18 22:15:05 | 000,025,984 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\drivers\WDMTuner.sys
[2011-02-18 22:14:51 | 000,069,632 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\34TVCtrl.dll
[2011-02-18 22:14:51 | 000,061,440 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\Prop713x.dll
[2011-02-18 22:14:50 | 000,135,168 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\34API.dll
[2011-02-18 22:14:42 | 000,279,552 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\drivers\SAA713x.sys
[2011-02-17 16:17:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\NFS Carbon
[2011-02-17 11:42:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Blue Byte
[2011-02-17 11:41:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\WINDOWS
[2011-02-17 11:28:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Electronic Arts
[2011-02-16 13:19:06 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2011-02-16 13:12:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Activision
[2011-02-16 12:51:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\bizarre creations
[2011-02-16 12:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Blur(TM)
[2011-02-16 12:36:52 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2011-02-11 21:42:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\DoctorWeb
[2011-02-11 20:25:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Internet Download Manager
[2011-02-11 20:16:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes
[2011-02-11 20:16:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011-02-11 20:16:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2011-02-11 20:16:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2011-02-11 20:16:24 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-02-11 20:16:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-02-11 19:19:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nexon
[2011-02-11 16:17:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nexon
[2011-02-11 16:13:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2011-02-11 15:49:00 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2011-02-11 15:48:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\SystemRequirementsLab
[2011-02-11 15:47:53 | 000,000,000 | ---D | C] -- C:\Nexon
[2011-02-11 15:47:47 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
[2011-02-10 23:41:16 | 000,000,000 | ---D | C] -- C:\rsit
[2011-02-10 23:36:12 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-02-10 16:46:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kolekcja Klasyki
[2011-02-10 15:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\NFS Most Wanted
[2011-02-10 15:48:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA GAMES
[2011-02-10 15:31:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2011-02-10 15:16:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios
[2011-02-10 15:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Stronghold 2
[2011-02-10 14:29:16 | 000,000,000 | ---D | C] -- C:\Downloads
[2011-02-10 14:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager
[2011-02-10 14:23:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Free Download Manager
[2011-02-10 14:23:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG
[2011-02-10 14:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager
[2011-02-10 11:39:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\jv16 PowerTools 2011
[2011-02-10 11:39:10 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools 2011
[2011-02-10 10:59:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kaspersky Internet Security 2011
[2011-02-10 10:58:51 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2011-02-10 10:58:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
[2011-02-10 10:58:43 | 000,475,736 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011-02-10 10:57:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
[2011-02-10 10:46:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2011-02-08 11:51:12 | 000,025,992 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2011-02-08 11:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\PageDefrag
[2011-02-08 02:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe
[2011-02-08 02:42:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje książki elektroniczne
[2011-02-08 02:41:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PrintMe Internet Printing
[2011-02-08 02:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2011-02-08 02:41:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011-02-08 02:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011-02-08 02:39:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache
[2011-02-08 01:47:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Google Chrome
[2011-02-08 01:46:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google
[2011-02-08 01:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2011-02-08 01:14:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton
[2011-02-08 01:13:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller
[2011-02-07 22:53:08 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011-02-07 22:53:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\HiJackThis
[2011-02-07 22:34:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data
[2011-02-07 22:24:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-02-07 22:24:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit
[2011-02-07 22:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\DAP
[2011-02-07 22:16:07 | 000,000,000 | ---D | C] -- C:\flash get
[2011-02-07 22:08:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\BITS
[2011-02-07 22:08:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet
[2011-02-07 22:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO
[2011-02-02 22:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\obrazki z pejnta
[2011-01-31 20:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Firefly Studios
[2011-01-31 01:19:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\pejnt
[2011-01-30 13:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Team17
[2011-01-29 21:55:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com
[2011-01-29 21:54:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\JDownloader
[2011-01-29 21:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2011-01-29 21:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader
[2011-01-29 21:45:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\VDownloader
[2011-01-29 21:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2011-01-25 19:12:39 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache
[2011-01-24 01:42:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2011-01-24 01:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011-01-24 01:29:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2011-01-24 01:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011-01-23 21:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\The Lord of the Rings Online
[2011-01-23 21:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\The Lord of the Rings Online
[2011-01-23 19:53:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Turbine
[2011-01-23 17:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ApplicationHistory
[2011-01-23 17:56:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2011-01-23 17:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Codemasters
[2011-01-22 16:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2011-01-17 17:09:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011-01-06 22:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\PunkBuster
[2011-01-06 21:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfenstein - Enemy Territory
[2010-12-29 13:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010-11-28 15:14:25 | 003,056,008 | ---- | C] (Ask) -- C:\Program Files\Common Files\AskToolbarInstaller.exe

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-02-21 22:37:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-02-21 22:36:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-02-21 22:35:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL_3.2.20.6(dobreprogramy.pl).exe
[2011-02-21 16:52:48 | 000,021,262 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\PlayList.mbl
[2011-02-21 16:45:07 | 000,014,848 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-02-19 00:19:18 | 000,551,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-02-18 22:15:59 | 000,001,755 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Scheduler for OEM.lnk
[2011-02-17 21:27:18 | 000,000,040 | ---- | M] () -- C:\WINDOWS\nfsc_patch.ini
[2011-02-17 11:41:33 | 000,003,421 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2011-02-16 13:12:09 | 000,000,319 | ---- | M] () -- C:\WINDOWS\game.ini
[2011-02-11 20:43:04 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011-02-11 15:47:53 | 000,000,235 | ---- | M] () -- C:\WINDOWS\System32\nxEuUninstall.bat
[2011-02-11 15:47:48 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
[2011-02-10 10:59:40 | 000,114,243 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011-02-10 10:59:40 | 000,097,859 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011-02-10 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011-02-10 10:47:22 | 000,000,414 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011-02-08 11:51:51 | 000,000,063 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011-02-08 11:51:12 | 000,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2011-02-08 02:38:14 | 000,144,631 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Regulamin_ESKA_Lubie_to.pdf
[2011-02-07 23:08:24 | 000,000,365 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\MUZYKA.lnk
[2011-02-07 23:07:20 | 000,000,417 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\INSTALKI.lnk
[2011-02-07 23:05:21 | 000,000,370 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ZDJĘCIA.lnk
[2011-02-07 23:03:17 | 000,000,346 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\GRY.lnk
[2011-02-07 23:02:23 | 000,000,377 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\PROGRAMY.lnk
[2011-02-07 22:08:46 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
[2011-01-31 14:28:24 | 000,042,905 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\default.htm
[2011-01-23 17:58:12 | 000,000,138 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2011-01-23 17:57:55 | 000,499,510 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-01-23 17:57:55 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-01-23 17:57:55 | 000,088,816 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-01-23 17:57:55 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-01-06 22:13:49 | 000,137,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011-01-06 22:13:23 | 000,268,952 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-02-21 16:52:48 | 000,021,262 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\PlayList.mbl
[2011-02-21 15:38:37 | 000,810,496 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-02-21 15:38:37 | 000,797,184 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.ax
[2011-02-21 15:38:37 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll
[2011-02-18 22:16:08 | 000,401,408 | R--- | C] () -- C:\WINDOWS\713xRMT.exe
[2011-02-18 22:16:07 | 000,352,256 | R--- | C] () -- C:\WINDOWS\713xRMTMon.exe
[2011-02-18 22:15:59 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Scheduler for OEM.lnk
[2011-02-17 21:27:18 | 000,000,040 | ---- | C] () -- C:\WINDOWS\nfsc_patch.ini
[2011-02-17 11:41:33 | 000,003,421 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2011-02-16 13:12:09 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2011-02-11 15:47:53 | 000,000,235 | ---- | C] () -- C:\WINDOWS\System32\nxEuUninstall.bat
[2011-02-10 21:31:49 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk
[2011-02-10 15:31:07 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2011-02-10 15:31:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011-02-10 15:31:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2011-02-10 15:31:07 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2011-02-10 15:31:07 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2011-02-10 15:31:07 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2011-02-10 15:31:07 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2011-02-10 15:31:07 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2011-02-10 15:31:07 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2011-02-10 15:31:07 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2011-02-10 15:31:07 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2011-02-10 10:59:40 | 000,114,243 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011-02-10 10:59:40 | 000,097,859 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011-02-10 10:47:22 | 000,000,414 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011-02-08 11:51:51 | 000,000,063 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011-02-08 02:41:27 | 000,001,872 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader 6.0 CE.lnk
[2011-02-08 02:38:14 | 000,144,631 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Regulamin_ESKA_Lubie_to.pdf
[2011-02-07 23:08:24 | 000,000,365 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\MUZYKA.lnk
[2011-02-07 23:07:20 | 000,000,417 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\INSTALKI.lnk
[2011-02-07 23:05:21 | 000,000,370 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ZDJĘCIA.lnk
[2011-02-07 23:03:17 | 000,000,346 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\GRY.lnk
[2011-02-07 23:02:23 | 000,000,377 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\PROGRAMY.lnk
[2011-02-07 22:08:46 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2011-01-31 14:28:23 | 000,042,905 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\default.htm
[2011-01-24 01:43:39 | 000,028,496 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011-01-24 01:43:39 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011-01-23 17:58:12 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2011-01-06 22:13:50 | 000,137,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011-01-06 22:13:45 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011-01-06 22:13:23 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2011-01-06 22:13:17 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010-12-22 17:57:37 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-19 20:20:33 | 000,000,745 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2010-11-28 15:14:26 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2010-11-27 13:45:17 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-11-21 13:36:41 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010-11-21 13:36:41 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010-11-21 13:36:37 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\$_hpcst$.hpc
[2010-11-20 17:47:46 | 000,494,557 | ---- | C] () -- C:\WINDOWS\System32\dxgi.dll
[2010-11-20 17:47:46 | 000,025,037 | ---- | C] () -- C:\WINDOWS\System32\Nucleus.dll
[2010-11-20 17:47:44 | 000,519,912 | ---- | C] () -- C:\WINDOWS\System32\d3dx10d_33.dll
[2010-11-20 17:47:43 | 000,566,624 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll
[2010-11-20 15:56:48 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2010-11-20 15:56:36 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010-11-20 15:25:21 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-01-27 03:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[color=#E56717]========== LOP Check ==========[/color]

[2010-12-11 17:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ACD Systems
[2011-02-07 22:19:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\BITS
[2011-02-16 12:51:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\bizarre creations
[2010-11-27 13:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite
[2011-02-21 14:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache
[2011-02-19 14:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog
[2011-01-29 21:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com
[2011-02-07 22:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet
[2011-02-11 20:07:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO
[2011-02-10 14:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager
[2010-11-20 17:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GetRightToGo
[2011-02-06 18:30:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0
[2011-02-21 13:34:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\IDM
[2010-11-28 15:14:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenCandy
[2010-11-20 15:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
[2010-11-21 13:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Samsung
[2011-02-21 15:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Sony
[2011-02-21 19:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2011-01-29 21:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader
[2010-12-11 17:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems
[2010-12-18 21:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software
[2010-11-27 13:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-02-10 15:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios
[2011-02-10 14:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG
[2011-01-24 01:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2011-02-11 19:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nexon
[2011-02-11 19:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2010-11-21 13:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2011-02-07 22:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit
[2011-02-21 16:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TechSmith
[2011-02-07 22:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-11-20 14:53:29 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-02-11 20:43:04 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2002-09-28 23:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-11-20 14:53:29 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-11-20 14:53:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-11-20 14:53:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010-11-27 22:48:25 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2011-02-21 22:36:43 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2002-09-28 23:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:010ADD2C

< End of report >
[/log]

[log]OTL Extras logfile created on: 2011-02-21 22:41:47 - Run 6
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrator\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 116,19 Gb Total Space | 29,16 Gb Free Space | 25,09% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 98,58 Gb Free Space | 67,30% Space Free | Partition Type: NTFS
Drive E: | 123,96 Gb Total Space | 43,28 Gb Free Space | 34,91% Space Free | Partition Type: NTFS

Computer Name: FLIPER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Combat Arms EU\CombatArms.exe" = D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"D:\Combat Arms EU\Engine.exe" = D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger -- (Creative Team S.A.)
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"E:\Mass Effect\Binaries\MassEffect.exe" = E:\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game -- (BioWare)
"E:\Mass Effect\MassEffectLauncher.exe" = E:\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher -- (BioWare)
"C:\Program Files\Motorola\RSD Lite\SDL.exe" = C:\Program Files\Motorola\RSD Lite\SDL.exe:*:Enabled:SDL -- (Motorola)
"D:\Program Files\Call of Duty\CoDMP.exe" = D:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP -- ()
"C:\Program Files\EliteGunz\EliteGunz.exe" = C:\Program Files\EliteGunz\EliteGunz.exe:*:Enabled:Gunz -- (MAIET entertainment)
"C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe:*:Enabled:Counter-Strike
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe" = C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET
"D:\COUNTER STrike NS\hl.exe" = D:\COUNTER STrike NS\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"D:\The Lord of the Rings Online\lotroclient.exe" = D:\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient -- (Turbine, Inc.)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\flash get\FlashGet\FlashGet3.exe" = C:\flash get\FlashGet\FlashGet3.exe:*:Enabled:Flashget3
"D:\Stronghold 2\Stronghold2.exe" = D:\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2 -- (Firefly Studios)
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"D:\Combat Arms EU\CombatArms.exe" = D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"D:\Combat Arms EU\Engine.exe" = D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"D:\Combat Arms EU\NMService.exe" = D:\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
"C:\Program Files\Activision\Blur(TM)\Blur.exe" = C:\Program Files\Activision\Blur(TM)\Blur.exe:*:Enabled:Blur -- ()
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
"C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe" = C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero -- (Valve)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}" = Camtasia Studio 7
"{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Activision(R)
"{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6FCBE08B-EB47-448E-8566-CE38E8B8D065}" = System Requirements Lab CYRI
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{958E2B23-6146-4A21-9532-9F59049E9B35}" = Motorola Phone Tools
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A01E2BF5-2BA5-4846-B3DC-7F8866C0C5FA}" = RSDLite
"{A0673E9E-4510-4AA0-B860-58FD5A7212A1}" = Motorola Driver Installation 4.5.0
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.0.752
"{AC76BA86-7AD7-1038-7B44-CEA000000001}" = Adobe Reader 6.0.2 CE
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BE27845A-6438-4DCF-AE3D-44EC96CB31CA}" = honestech TVR
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB132F09-DCF1-46EA-AE92-F8B42AB7BAD4}" = Stunt GP
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = The Lord of the Rings Online™ v03.02.04.8010
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALLPlayer_is1" = ALLPlayer V4.X
"AQQ" = WapSter AQQ
"AruaROSE_is1" = AruaROSE
"Call of Duty" = Call of Duty
"CCleaner" = CCleaner
"Combat Arms EU" = Combat Arms EU
"Free Download Manager_is1" = Free Download Manager 3.0
"GetRight Pro_is1" = GetRight
"ie8" = Windows Internet Explorer 8
"InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Blur(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"JDownloader" = JDownloader
"jv16 PowerTools 2011" = jv16 PowerTools 2011
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MTA:SA" = MTA:SA v1.0.4
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Opera 11.01.1190" = Opera 11.01
"S3 Gold" = The Settlers III Gold Edition
"ST6UNST #1" = Need For Speed Most Wanted (Black Edition 1.3) Mega Trainer
"Steam App 10" = Counter-Strike
"Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes
"Steam App 80" = Counter-Strike: Condition Zero
"Stronghold_is1" = Twierdza
"uTorrent" = µTorrent
"VideoGet_is1" = Nuclear Coffee - VideoGet
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = Archiwizator WinRAR
"Wisdom-soft Set up ScreenHunter 5.1 Free" = Wisdom-soft Set up ScreenHunter 5.1 Free
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-02-16 07:36:26 | Computer Name = FLIPER | Source = MsiInstaller | ID = 1013
Description = Product: Activision(R) -- This installation cannot be run by directly
launching the MSI package. You must run setup.exe.

Error - 2011-02-16 07:57:53 | Computer Name = FLIPER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd blur.exe, wersja 0.0.0.0, moduł powodujący
błąd blur.exe, wersja 0.0.0.0, adres błędu 0x004419a4.

Error - 2011-02-17 06:16:59 | Computer Name = FLIPER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd nfs_inst.exe, wersja 0.0.0.0, moduł powodujący
błąd nfs_inst.exe, wersja 0.0.0.0, adres błędu 0x00002850.

Error - 2011-02-17 17:05:09 | Computer Name = FLIPER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd nfsc.exe, wersja 0.0.0.0, moduł powodujący
błąd nfsc.exe, wersja 0.0.0.0, adres błędu 0x00200a7d.

Error - 2011-02-17 18:05:29 | Computer Name = FLIPER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd nfsc.exe, wersja 0.0.0.0, moduł powodujący
błąd nfsc.exe, wersja 0.0.0.0, adres błędu 0x0029d26d.

Error - 2011-02-20 09:29:54 | Computer Name = FLIPER | Source = | ID = 0
Description =

Error - 2011-02-20 09:29:54 | Computer Name = FLIPER | Source = | ID = 0
Description =

Error - 2011-02-20 09:31:19 | Computer Name = FLIPER | Source = | ID = 0
Description =

Error - 2011-02-20 09:31:19 | Computer Name = FLIPER | Source = | ID = 0
Description =

[ System Events ]
Error - 2011-02-21 09:10:25 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: atapi PCIIde

Error - 2011-02-21 09:18:08 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: atapi PCIIde

Error - 2011-02-21 11:45:55 | Computer Name = FLIPER | Source = DCOM | ID = 10000
Description = Nie można uruchomić serwera DCOM: {46986115-84D6-459C-8F95-52DD653E532E}.
Błąd:
„%2”
wystąpił
podczas uruchamiania tego polecenia: "C:\Program Files\Winamp\winamp.exe" -Embedding

Error - 2011-02-21 11:46:07 | Computer Name = FLIPER | Source = DCOM | ID = 10000
Description = Nie można uruchomić serwera DCOM: {46986115-84D6-459C-8F95-52DD653E532E}.
Błąd:
„%2”
wystąpił
podczas uruchamiania tego polecenia: "C:\Program Files\Winamp\winamp.exe" -Embedding

Error - 2011-02-21 11:49:53 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: atapi PCIIde

Error - 2011-02-21 15:27:41 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: atapi PCIIde

Error - 2011-02-21 17:35:32 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2011-02-21 17:35:32 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa FsUsbExService niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-02-21 17:35:33 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-02-21 17:37:06 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: atapi PCIIde


< End of report >
[/log]

rsit ;
[log]
Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2011-02-21 22:46:10
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 30 GB (25%) free of 119 GB
Total RAM: 1535 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:46:17, on 2011-02-21
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\WINDOWS\713xRMTMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\honestech\honestech TVR\scheduleTV.exe
C:\WINDOWS\713xRMT.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\WapSter\WapSter AQQ\AQQ.exe
E:\Programy\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IE to GetRight Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\713xRMTMon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Scheduler for OEM.lnk = C:\Program Files\honestech\honestech TVR\scheduleTV.exe
O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: Download with GetRight Pro - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Pro Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Pobierz w Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O9 - Extra button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll, C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Usługa Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5949 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31FF080D-12A3-439A-A2EF-4BA95A3148E8}]
IE to GetRight Helper - C:\Program Files\GetRight\xx2gr.dll [2007-07-18 246848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll [2010-10-05 68280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
IplexToALLPlayer - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL [2011-02-09 400384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll [2010-10-05 191160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-02 365336]
"TV Card Remote Control Device Monitor"=C:\WINDOWS\713xRMTMon.exe [2007-06-29 352256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ALLUpdate"=C:\Program Files\ALLPlayer\ALLUpdate.exe [2011-02-08 1362944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-02-08 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KPeerNexonEU]
C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [2011-02-11 438272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files\Pando Networks\Media Booster\PMB.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files\Przyspiesz Komputer\PCSpeedUp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer]
C:\Program Files\Software Informer\softinfo.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
Scheduler for OEM.lnk - C:\Program Files\honestech\honestech TVR\scheduleTV.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll, C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2010-10-05 228024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=60

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\WapSter\WapSter AQQ\AQQ.exe"="C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"E:\Mass Effect\Binaries\MassEffect.exe"="E:\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game"
"E:\Mass Effect\MassEffectLauncher.exe"="E:\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Motorola\RSD Lite\SDL.exe"="C:\Program Files\Motorola\RSD Lite\SDL.exe:*:Enabled:SDL"
"D:\Program Files\Call of Duty\CoDMP.exe"="D:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"C:\Program Files\EliteGunz\EliteGunz.exe"="C:\Program Files\EliteGunz\EliteGunz.exe:*:Enabled:Gunz"
"C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
"D:\COUNTER STrike NS\hl.exe"="D:\COUNTER STrike NS\hl.exe:*:Enabled:Half-Life Launcher"
"D:\The Lord of the Rings Online\lotroclient.exe"="D:\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\flash get\FlashGet\FlashGet3.exe"="C:\flash get\FlashGet\FlashGet3.exe:*:Enabled:Flashget3"
"D:\Stronghold 2\Stronghold2.exe"="D:\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine.exe"
"C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"D:\Combat Arms EU\CombatArms.exe"="D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"D:\Combat Arms EU\Engine.exe"="D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"D:\Combat Arms EU\NMService.exe"="D:\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core"
"C:\Program Files\Activision\Blur(TM)\Blur.exe"="C:\Program Files\Activision\Blur(TM)\Blur.exe:*:Enabled:Blur"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
"C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Combat Arms EU\CombatArms.exe"="D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"D:\Combat Arms EU\Engine.exe"="D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

======List of files/folders created in the last 1 months======

2011-02-21 16:04:17 ----A---- C:\WINDOWS\system32\tsccvid.dll
2011-02-21 16:04:14 ----D---- C:\WINDOWS\system32\QuickTime
2011-02-21 16:03:30 ----D---- C:\Program Files\QuickTime
2011-02-21 16:02:49 ----D---- C:\Program Files\Common Files\TechSmith Shared
2011-02-21 16:02:38 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\TechSmith
2011-02-21 16:02:36 ----D---- C:\Program Files\TechSmith
2011-02-21 15:38:46 ----D---- C:\Program Files\NAPI-PROJEKT
2011-02-21 15:38:37 ----A---- C:\WINDOWS\system32\xvidcore.dll
2011-02-21 15:38:37 ----A---- C:\WINDOWS\system32\libFLAC.dll
2011-02-21 15:38:21 ----D---- C:\Program Files\ALLPlayer
2011-02-21 15:29:04 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Sony
2011-02-21 14:14:51 ----D---- C:\Program Files\GetRight
2011-02-21 13:42:50 ----D---- C:\Fraps
2011-02-20 14:28:02 ----D---- C:\Program Files\vbNFSMWMegaTrainer
2011-02-20 14:27:41 ----N---- C:\WINDOWS\Setup1.exe
2011-02-20 14:27:40 ----A---- C:\WINDOWS\ST6UNST.EXE
2011-02-19 14:28:03 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog
2011-02-18 22:16:23 ----RA---- C:\WINDOWS\system32\wmv8dmod.dll
2011-02-18 22:16:21 ----RA---- C:\WINDOWS\system32\mpg4c32.dll
2011-02-18 22:16:08 ----RA---- C:\WINDOWS\713xRMT.exe
2011-02-18 22:16:07 ----RA---- C:\WINDOWS\713xRMTMon.exe
2011-02-18 22:15:49 ----D---- C:\Program Files\honestech
2011-02-18 22:15:21 ----D---- C:\WINDOWS\MyInstall
2011-02-18 22:15:05 ----RA---- C:\WINDOWS\system32\drivers\WDMTuner.sys
2011-02-18 22:14:51 ----RA---- C:\WINDOWS\system32\Prop713x.dll
2011-02-18 22:14:51 ----RA---- C:\WINDOWS\system32\34TVCtrl.dll
2011-02-18 22:14:50 ----RA---- C:\WINDOWS\system32\34API.dll
2011-02-18 22:14:42 ----RA---- C:\WINDOWS\system32\drivers\SAA713x.sys
2011-02-18 22:14:40 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2011-02-17 21:27:18 ----A---- C:\WINDOWS\nfsc_patch.ini
2011-02-17 11:41:33 ----A---- C:\WINDOWS\IsUninst.exe
2011-02-16 13:19:06 ----SHD---- C:\WINDOWS\ftpcache
2011-02-16 13:12:09 ----A---- C:\WINDOWS\game.ini
2011-02-16 12:51:36 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\bizarre creations
2011-02-16 12:36:52 ----D---- C:\Program Files\Activision
2011-02-11 20:16:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes
2011-02-11 20:16:29 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-02-11 20:16:28 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2011-02-11 20:16:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-02-11 20:16:24 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-02-11 19:19:36 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Nexon
2011-02-11 16:13:57 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU
2011-02-11 15:49:00 ----D---- C:\Program Files\SystemRequirementsLab
2011-02-11 15:47:53 ----D---- C:\Nexon
2011-02-11 15:47:53 ----A---- C:\WINDOWS\system32\nxEuUninstall.bat
2011-02-11 15:47:47 ----A---- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
2011-02-10 23:41:16 ----D---- C:\rsit
2011-02-10 23:36:12 ----D---- C:\_OTL
2011-02-10 15:31:35 ----D---- C:\WINDOWS\RegisteredPackages
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\psisdecd.dll
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\streamip.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\slip.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\mstee.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\msdv.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\mpe.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys
2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys
2011-02-10 15:31:06 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2011-02-10 15:16:24 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios
2011-02-10 14:29:16 ----D---- C:\Downloads
2011-02-10 14:23:59 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager
2011-02-10 14:23:54 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG
2011-02-10 14:23:53 ----D---- C:\Program Files\Free Download Manager
2011-02-10 11:39:10 ----D---- C:\Program Files\jv16 PowerTools 2011
2011-02-10 10:58:51 ----D---- C:\Program Files\Kaspersky Lab
2011-02-10 10:58:51 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
2011-02-10 10:58:43 ----A---- C:\WINDOWS\system32\drivers\klif.sys
2011-02-10 10:57:43 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
2011-02-10 10:46:45 ----HD---- C:\WINDOWS\system32\GroupPolicy
2011-02-09 21:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-02-09 21:59:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-02-09 21:58:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-02-09 21:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-02-09 21:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-02-09 21:56:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-02-09 21:56:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-02-08 11:51:51 ----A---- C:\WINDOWS\wininit.ini
2011-02-08 11:51:12 ----A---- C:\WINDOWS\system32\pgdfgsvc.exe
2011-02-08 02:41:22 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2011-02-08 02:41:21 ----D---- C:\Program Files\Common Files\Adobe
2011-02-08 02:41:17 ----D---- C:\Program Files\Adobe
2011-02-08 02:39:27 ----D---- C:\WINDOWS\Cache
2011-02-08 01:14:16 ----D---- C:\Program Files\Windows Sidebar
2011-02-08 01:14:07 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Norton
2011-02-08 01:13:44 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller
2011-02-07 22:53:08 ----D---- C:\Program Files\Trend Micro
2011-02-07 22:24:44 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2011-02-07 22:24:38 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit
2011-02-07 22:24:35 ----D---- C:\Program Files\DAP
2011-02-07 22:16:07 ----D---- C:\flash get
2011-02-07 22:08:46 ----A---- C:\WINDOWS\libem.INI
2011-02-07 22:08:37 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\BITS
2011-02-07 22:08:36 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet
2011-02-07 22:08:32 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO
2011-01-29 21:55:01 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com
2011-01-29 21:53:46 ----D---- C:\Program Files\JDownloader
2011-01-29 21:45:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader
2011-01-29 21:45:27 ----D---- C:\Program Files\WinPcap
2011-01-29 13:06:19 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-01-24 01:43:39 ----A---- C:\WINDOWS\system32\SmartDefragBootTime.exe
2011-01-24 01:43:39 ----A---- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys
2011-01-24 01:42:35 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\IObit
2011-01-24 01:42:34 ----D---- C:\Program Files\IObit
2011-01-24 01:29:31 ----D---- C:\Program Files\CCleaner
2011-01-23 17:56:35 ----D---- C:\WINDOWS\system32\URTTEMP
2011-01-22 16:23:39 ----D---- C:\Program Files\Pando Networks

======List of files/folders modified in the last 1 months======

2011-02-21 22:45:49 ----D---- C:\WINDOWS\Prefetch
2011-02-21 22:45:48 ----D---- C:\WINDOWS
2011-02-21 22:37:16 ----D---- C:\WINDOWS\Temp
2011-02-21 22:28:28 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-21 22:27:59 ----D---- C:\Program Files\Steam
2011-02-21 19:55:34 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
2011-02-21 16:05:55 ----SHD---- C:\WINDOWS\Installer
2011-02-21 16:04:17 ----D---- C:\WINDOWS\system32
2011-02-21 16:03:30 ----RD---- C:\Program Files
2011-02-21 16:02:49 ----D---- C:\Program Files\Common Files
2011-02-21 15:40:19 ----D---- C:\Program Files\Winamp
2011-02-21 14:09:56 ----D---- C:\Program Files\Internet Download Manager
2011-02-21 14:07:56 ----D---- C:\WINDOWS\system32\drivers
2011-02-21 14:07:26 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache
2011-02-21 13:34:22 ----HD---- C:\WINDOWS\inf
2011-02-21 13:34:15 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\IDM
2011-02-18 22:15:52 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-18 22:15:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-17 11:19:03 ----D---- C:\WINDOWS\system32\DirectX
2011-02-17 11:19:01 ----RSD---- C:\WINDOWS\assembly
2011-02-16 12:49:24 ----D---- C:\WINDOWS\WinSxS
2011-02-11 21:35:40 ----D---- C:\WINDOWS\Registration
2011-02-11 20:43:04 ----SH---- C:\boot.ini
2011-02-11 20:43:04 ----A---- C:\WINDOWS\win.ini
2011-02-11 20:43:04 ----A---- C:\WINDOWS\system.ini
2011-02-11 20:22:50 ----SHD---- C:\System Volume Information
2011-02-11 20:22:50 ----D---- C:\WINDOWS\system32\Restore
2011-02-11 20:07:55 ----SD---- C:\WINDOWS\Tasks
2011-02-11 15:49:11 ----D---- C:\Program Files\Opera
2011-02-10 12:12:24 ----D---- C:\WINDOWS\system32\config
2011-02-10 11:30:45 ----D---- C:\WINDOWS\Debug
2011-02-10 10:55:24 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-02-09 21:57:17 ----A---- C:\WINDOWS\system32\MRT.exe
2011-02-09 21:57:08 ----D---- C:\Program Files\Internet Explorer
2011-02-09 21:56:55 ----HD---- C:\WINDOWS\$hf_mig$
2011-02-08 11:39:47 ----SD---- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft
2011-02-08 02:42:22 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe
2011-02-08 01:46:39 ----D---- C:\Program Files\Mozilla Firefox
2011-02-07 22:58:48 ----D---- C:\WINDOWS\system32\NtmsData
2011-02-07 22:47:58 ----D---- C:\Program Files\Wolfenstein - Enemy Territory
2011-02-07 22:16:05 ----D---- C:\Program Files\GIMP-2.0
2011-02-06 21:09:10 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Skype
2011-02-06 20:15:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\skypePM
2011-02-06 18:30:43 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0
2011-02-06 18:25:24 ----A---- C:\WINDOWS\ModemLog_Motorola USB Modem #2.txt
2011-01-30 13:20:55 ----D---- C:\Program Files\Common Files\InstallShield
2011-01-29 21:45:40 ----D---- C:\Program Files\VDownloader
2011-01-23 17:57:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-22 15:57:24 ----D---- C:\WINDOWS\system32\wbem

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 KL1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2010-06-09 132184]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-05-17 92800]
R0 ohci1394;Kontroler hosta Texas Instruments IEEE 1394 zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-27 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 kl2;kl2; C:\WINDOWS\system32\DRIVERS\kl2.sys [2010-06-09 11352]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2011-02-10 475736]
R2 713xTVCard;SAA7130 TV Card; C:\WINDOWS\system32\DRIVERS\SAA713x.sys [2007-06-29 279552]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704]
R2 WDMTVTuner;Universal WDM TV Tuner; C:\WINDOWS\system32\drivers\WDMTuner.sys [2007-06-29 25984]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2010-05-07 32856]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-11-02 19472]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-28 12160]
R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-09 10604128]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 ahy1yjap;ahy1yjap; C:\WINDOWS\system32\drivers\ahy1yjap.sys []
S3 BTCFilterService;USB Networking Driver Filter Service; C:\WINDOWS\system32\DRIVERS\motfilt.sys [2009-01-29 6016]
S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 motccgp;Motorola USB Composite Device Driver; C:\WINDOWS\system32\DRIVERS\motccgp.sys [2009-06-19 19712]
S3 motccgpfl;MotCcgpFlService; C:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2009-01-29 8320]
S3 MotDev;Motorola Inc. USB Device; C:\WINDOWS\system32\DRIVERS\motodrv.sys [2009-05-08 42752]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2009-10-27 23936]
S3 MotoSwitchService;MotoSwitch Service; C:\WINDOWS\system32\DRIVERS\motswch.sys [2007-11-02 6400]
S3 Motousbnet;Motorola USB Networking Driver Service; C:\WINDOWS\system32\DRIVERS\Motousbnet.sys [2009-12-22 23552]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 SONYPVU1;Sterownik filtru USB Sony (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2010-04-27 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2010-04-27 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2010-04-27 132424]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-28 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Usługa Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-02 365336]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-07-04 238952]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Usuga stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]
S4 NetTcpPortSharing;Usługa udostępniania portów Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-01-06 75136]

-----------------EOF-----------------
[/log]

Tomek01
komentarz
komentarz

Jeszcze resztki.
[code]
:Files
C:\Program Files\Common Files\AskToolbarInstaller.exe
C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog

:OTL
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:010ADD2C

:Commands
[emptytemp][/code]


Po tej operacji w OTL użyj funkcji Clean Up.

Gość
komentarz
komentarz (edytowane)

[log]All processes killed
========== FILES ==========
C:\Program Files\Common Files\AskToolbarInstaller.exe moved successfully.
C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog folder moved successfully.
========== OTL ==========
ADS C:\Documents and Settings\All Users\Dane aplikacji\TEMP:010ADD2C deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 744683 bytes
->Temporary Internet Files folder emptied: 660606 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 136032009 bytes
->Opera cache emptied: 16915821 bytes
->Flash cache emptied: 1314 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 235085 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 147,00 mb


OTL by OldTimer - Version 3.2.20.6 log created on 02222011_151219

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\klsAFA9.tmp not found!

Registry entries deleted on Reboot...
[/log]

Dzieki za pomoc,problemy zniknely :)

Tomek01
komentarz
komentarz

Jest ok.
W OTL użyj funkcji Clean Up.
Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i jakby coś wykryły raporty pokaż na forum.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.