x-kom hosting

Komputer szaleje

AveX
utworzono
utworzono

Witam,

Bardzo śpieszy mi się z rozwiązaniem problemu - czas mnie goni bo muszę coś wykonac.

Ogólnie miałem tylko Ad-Aware jako cokolwiek przeciw wirusom, nigdy zapory nie miałem, żadnego antywirusa, no i generalnie z kompem
sie dzieje wszystko - wyłacza się, jakieś błędy, znika samo miejsce na dysku pliki się ukrywają, "administrator" wyłacza menedżer zadań


Skan

[log]
OTL logfile created on: 2011-03-15 20:59:12 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\start\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 78,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 94,00% Paging File free



Mam też jeszcze jeden


Nie wiem czy to coś da że mam jeszcze taki OTL Extras logfile created on: 2011-03-15 20:57:15 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\start\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 94,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 1,46 Gb Free Space | 2,99% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 19,75 Gb Free Space | 20,23% Space Free | Partition Type: NTFS
Drive E: | 86,39 Gb Total Space | 29,35 Gb Free Space | 33,97% Space Free | Partition Type: NTFS
Drive F: | 597,94 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SUKINSYNA | User Name: start | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

[color=#E56717]========== Extra Registry (All) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"57987:TCP" = 57987:TCP:*:Enabled:Pando Media Booster
"57987:UDP" = 57987:UDP:*:Enabled:Pando Media Booster
"57683:TCP" = 57683:TCP:*:Enabled:Pando Media Booster
"57683:UDP" = 57683:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"56795:TCP" = 56795:TCP:*:Enabled:Pando Media Booster
"56795:UDP" = 56795:UDP:*:Enabled:Pando Media Booster
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"20490:TCP" = 20490:TCP:*:Enabled:BitComet 20490 TCP
"20490:UDP" = 20490:UDP:*:Enabled:BitComet 20490 UDP
"25828:TCP" = 25828:TCP:*:Enabled:BitComet 25828 TCP
"25828:UDP" = 25828:UDP:*:Enabled:BitComet 25828 UDP
"57987:TCP" = 57987:TCP:*:Enabled:Pando Media Booster
"57987:UDP" = 57987:UDP:*:Enabled:Pando Media Booster
"7517:TCP" = 7517:TCP:*:Enabled:BitComet 7517 TCP
"7517:UDP" = 7517:UDP:*:Enabled:BitComet 7517 UDP
"27416:TCP" = 27416:TCP:*:Enabled:BitComet 27416 TCP
"27416:UDP" = 27416:UDP:*:Enabled:BitComet 27416 UDP
"57683:TCP" = 57683:TCP:*:Enabled:Pando Media Booster
"57683:UDP" = 57683:UDP:*:Enabled:Pando Media Booster
"7473:TCP" = 7473:TCP:*:Enabled:BitComet 7473 TCP
"7473:UDP" = 7473:UDP:*:Enabled:BitComet 7473 UDP

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"E:\GW Movie Arts\Combat Arms EU\CombatArms.exe" = E:\GW Movie Arts\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"E:\GW Movie Arts\Combat Arms EU\Engine.exe" = E:\GW Movie Arts\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\lxdecoms.exe" = C:\WINDOWS\system32\lxdecoms.exe:*:Enabled:Lexmark Communications System -- ( )
"C:\Program Files\Lexmark 4800 Series\lxdeamon.exe" = C:\Program Files\Lexmark 4800 Series\lxdeamon.exe:*:Enabled:Lexmark Device Monitor -- ()
"C:\Program Files\Lexmark 4800 Series\frun.exe" = C:\Program Files\Lexmark 4800 Series\frun.exe:*:Enabled:Lexmark Productivity Studio -- ()
"C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe" = C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader
"C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe" = C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe:*:Enabled:Fax software -- ()
"C:\Program Files\Lexmark 4800 Series\lxdemon.exe" = C:\Program Files\Lexmark 4800 Series\lxdemon.exe:*:Enabled:Printer Device Monitor -- ()
"C:\Documents and Settings\start\Ustawienia lokalne\Temp\lxde\wireless\POLISH\lxdewpss.exe" = C:\Documents and Settings\start\Ustawienia lokalne\Temp\lxde\wireless\POLISH\lxdewpss.exe:*:Enabled:
"C:\WINDOWS\system32\lxdecfg.exe" = C:\WINDOWS\system32\lxdecfg.exe:*:Enabled:Printer Communication System -- ( )
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe:*:Enabled:Printer Status Window Interface -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe:*:Enabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.)
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe:*:Enabled:Job Status Window Interface -- ()
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Program Files\GameSpy\Comrade\Comrade.exe" = C:\Program Files\GameSpy\Comrade\Comrade.exe:*:Enabled:Comrade -- (IGN Entertainment Inc.)
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe:*:Enabled:Lexmark Web Gateway -- ()
"C:\Program Files\Xfire\xfire.exe" = C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
"D:\Program Files\Gpotato\Flyff\Flyff.exe" = D:\Program Files\Gpotato\Flyff\Flyff.exe:*:Enabled:Flyff -- ()
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- (Orb Networks, Inc.)
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- (Orb Networks)
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- (Orb Networks)
"E:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe" = E:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)
"E:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe" = E:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"E:\Program Files\Cyanide\GameCenter\GameCenter.exe" = E:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter
"E:\Program Files\Cyanide\Loki\Loki.exe" = E:\Program Files\Cyanide\Loki\Loki.exe:*:Enabled:Loki
"E:\Program Files\Cyanide\Loki\Autorun\Autorun.exe" = E:\Program Files\Cyanide\Loki\Autorun\Autorun.exe:*:Enabled:Loki - AutoRun
"C:\Program Files\Gameforge4D\AirRivals_EN\Launcher.atm" = C:\Program Files\Gameforge4D\AirRivals_EN\Launcher.atm:Enabled:GameExe2
"C:\Program Files\Gameforge4D\AirRivals_EN\Res-Voip\SCVoIP.exe" = C:\Program Files\Gameforge4D\AirRivals_EN\Res-Voip\SCVoIP.exe:Enabled:GameVoIP
"C:\Nexon\Combat Arms EU\NMService.exe" = C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core
"E:\GW Movie Arts\Combat Arms EU\CombatArms.exe" = E:\GW Movie Arts\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"E:\GW Movie Arts\Combat Arms EU\Engine.exe" = E:\GW Movie Arts\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"E:\GW Movie Arts\Combat Arms EU\NMService.exe" = E:\GW Movie Arts\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- (www.BitComet.com)
"C:\Program Files\Techland\Call of Juarez - Wiezy Krwi\CoJBiBGame_x86.exe" = C:\Program Files\Techland\Call of Juarez - Wiezy Krwi\CoJBiBGame_x86.exe:*:Enabled:Call of Juarez - Więzy Krwi
"E:\Program Files\Steam\SteamApps\common\dragon age orgins character creator\DAOriginsLauncher.exe" = E:\Program Files\Steam\SteamApps\common\dragon age orgins character creator\DAOriginsLauncher.exe:*:Enabled:Dragon Age: Origins - Character Creator
"C:\Program Files\Nowe Gadu-Gadu\gg.exe" = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu -- (GG Network S.A.)
"D:\Program Files\Dragon Age\bin_ship\daorigins.exe" = D:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Początek Gra -- (BioWare)
"D:\Program Files\Dragon Age\DAOriginsLauncher.exe" = D:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Początek Program startowy -- (BioWare)
"D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe" = D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Początek Aktualizator -- (BioWare)
"C:\Program Files\WarRock\WRLauncher.exe" = C:\Program Files\WarRock\WRLauncher.exe:*:Enabled:War Rock
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"E:\Program Files\Far Cry 2\bin\FarCry2.exe" = E:\Program Files\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2 -- (Ubisoft Entertainment)
"E:\Program Files\Far Cry 2\bin\FC2Launcher.exe" = E:\Program Files\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater -- (Ubisoft)
"E:\Program Files\Far Cry 2\bin\FC2Editor.exe" = E:\Program Files\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor -- (Ubisoft Entertainment)
"E:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe" = E:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer
"E:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe" = E:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2 -- ()
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer -- ()
"E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe" = E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32 -- (Crytek GmbH)
"E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe" = E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32 -- (Crytek GmbH)
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe" = C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm -- ()
"C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe" = C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server -- ()
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Documents and Settings\start\Pulpit\facebook-pic000163927.exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor -- ()
"C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_87772.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_87772.exe:*:C:\WINDOWS\microsoft.exe
"C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_07673.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_07673.exe:*:C:\WINDOWS\microsoft.exe
"C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_46101.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_46101.exe:*:C:\WINDOWS\microsoft.exe
"C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_83488.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_83488.exe:*:C:\WINDOWS\microsoft.exe
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_14663.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_14663.exe:*:C:\WINDOWS\microsoft.exe


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{00D15456-F679-4AD4-8BD2-56450D4C3F72}" = WarRock
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{049d411d-6564-4638-96d2-41a27817a181}" = Nero 9 Essentials
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{0D8E15E1-350B-4DF5-8D76-58E429157458}" = Lineage
"{0E26E09B-6687-4A99-BD08-A9E705373029}_is1" = Vyzex Pocket POD 1.17
"{1246FF64-3035-4A92-8FE6-A968275495EB}" = Sony Vegas Pro 8.0
"{17145977-D875-4B1D-942F-9E5930823E02}_is1" = Gods - Kraina Nieskończoności
"{17D60B8C-927A-06CE-9AC5-B1949964EF15}" = Catalyst Control Center Core Implementation
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.7
"{1A4E47DC-6701-4A85-AA16-C1F99A44598C}" = Spellforce 2 - Czas Mrocznych Wojen
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1DCC7418-2089-4BDD-B321-3771956160FC}" = ijji Auto Installer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{21BB0483-3D43-46A7-A63F-72C702701438}" = GameShadow
"{21E77392-C30A-4AA2-8CA7-5728316939D6}" = AmpliTube X-GEAR
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{285139D9-633F-4674-8FA3-DB94B356FA82}_is1" = Mafia Tycoon
"{2930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments GuitarRig Mobile IO Driver
"{29B3C64A-0F93-47CD-9C54-72C0C5578487}" = Samsung PC Studio
"{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1" = Inpaint 3.0
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{30283233-3BE6-473D-A47C-ED964A2F78B4}_is1" = Inpaint 2.3
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE06D54-72B1-44B2-AB60-E4277EC80EF4}" = Microsoft XML Parser
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{430B1017-1B12-420C-8F27-05D0EC2995E0}" = Lineage II
"{46301B1E-8962-4672-B5A2-0636BA3C48F4}" = Melodyne 3.2 Demo
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4DBF3C3D-5B6D-45B2-A08B-B06490E2666F}_is1" = Wru! 1.0.4
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57383270-6F61-4DC8-A9B8-C1745FC29F38}" = Trust Webcam 14823
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = PlayNC Launcher
"{66BA35B0-1911-47EF-B170-1DCFFDA362F1}" = AmpliTube Jimi Hendrix
"{674FD2DC-B87D-D5B4-AF07-73AE91974301}" = Catalyst Control Center HydraVision Full
"{68ED7C7F-6F0A-4467-81F3-FA5899A15D16}_is1" = Moyea Flash Video MX Pro Version: 5.0.9.0
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Session IO Driver
"{7ADFF9AF-B9D8-FC53-0377-AFDDCBE8929E}" = Catalyst Control Center Graphics Full New
"{7D979C05-1742-1AE1-E61A-25A33449AF44}" = Catalyst Control Center Graphics Previews Common
"{7E4B7FD9-4ECE-4298-A910-3160B7918059}" = CryEngine(R)2 Sandbox(TM)2
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.0520.1
"{828B0E1B-C6B0-42E5-B2A3-C50E7820C077}" = IPSwitcher Basic
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8396DF41-E71D-7170-A03A-A0A2D8633B57}" = Catalyst Control Center Graphics Full Existing
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90877318-0BD0-4BDE-BFC0-C4BB12DAC86A}_is1" = Rappelz
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{93543036-BAD7-4B53-B45E-306B21202727}" = Piraci Nowego Świata 2 - Dwa skarby
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00AF-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Polish)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9811DA63-C6B4-426E-859E-12A2393DDB31}" = LanSpeed2 v3.0.7
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C6F9C01-FE98-90B4-36BD-5CCC4A8A1AA8}" = ccc-core-preinstall
"{9EDEF5B1-B740-4DFF-AC16-E2428E1713E8}" = AmpliTube Metal
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman - Krwawa Forsa
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Początek
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B6685367-A8AD-4414-A2A3-10B40EC5CF30}" = SharpKeys
"{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1" = Eraser 5.8.7
"{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3 Driver
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BF605A48-663D-AA9A-F128-95ED7F2C6413}" = Skins
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C28FC5E5-86EE-B4B5-044A-E484E78F9C7B}" = CCC Help English
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{C6752201-DC16-C30F-478C-36EC595BEFDB}" = ccc-core-static
"{C765D9FF-4A34-4BF1-9F91-E9A3C60C86FC}" = ArcSoft VideoImpression 2
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{C95AACD4-9507-4F5C-9D53-22B1ACCFECD1}" = AmpliTube2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF1D7323-8A0A-49C7-83B0-088DB90721E2}" = AmpegSVX
"{CF58B132-4C67-4E0A-BE3D-8DADB1E32258}" = Vegas Movie Studio 9.0
"{D0A85D80-425F-CBB2-B35A-69EFD283DF39}" = ccc-utility
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D52D5D70-6F8F-4690-8559-18D5EAC8B19F}" = XIII
"{D777D80E-13AE-4E6C-BCB2-9AEE10D9DEF1}" = Driver Updater
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D873FA4B-C374-4F8A-8D9A-130DB56FAB16}" = America's Army
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E144A786-D2DD-428B-9C1A-0EE3FA3515EA}" = Rappelz_USA
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{E397F6F0-AEE4-4236-BB05-1351350F8365}" = War Rock
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (JDownloader Edition) 2.1
"{E5CFDA19-A86E-4276-AB8E-5165E2FC98B8}" = Hero_Online
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EC9A0711-9823-4DD2-83C4-039886A3ECF6}" = Melodyne 3.2 Demo
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = StarCam Sports Football 300K
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Wiedźmin
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6CE1230-A694-4B86-B21C-A11A112689DA}" = Trust WB-1400T Webcam
"{F7D689BA-E7DE-4727-9F8D-936B6C30A53A}" = Rapidshare Auto Downloader 3.6.2
"{F8CF44C8-6295-417B-8B04-AAB39F1BB649}_is1" = Call of Juarez SP Demo
"{FE6FD041-F8D2-1323-178C-7C71C1980C51}" = Catalyst Control Center Graphics Light
"{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Więzy Krwi
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acoustica Beatcraft" = Acoustica Beatcraft
"Acoustica Effects Pack" = Acoustica Effects Pack
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AirRivals_EN_is1" = AirRivals_EN 1.0.0.35
"Aiseesoft DVD to MP4 Converter_is1" = Aiseesoft DVD to MP4 Converter
"All ATI Software" = ATI - Software Uninstall Utility
"Any Video Converter_is1" = Any Video Converter 3.1.7
"AP Guitar Tuner 1.02" = AP Guitar Tuner 1.02
"AP Tuner 3.08" = AP Tuner 3.08
"AQQ" = WapSter AQQ
"Arial Sound Recorder_is1" = Arial Sound Recorder version 1.7.5
"ASIO4ALL" = ASIO4ALL
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"AV Voice Changer Software 3.0" = AV Voice Changer Software 3.0
"AV Voice Changer Software DIAMOND 4.0" = AV Voice Changer Software DIAMOND 4.0
"AV Voice Changer Software DIAMOND 6.0" = AV Voice Changer Software DIAMOND 6.0
"AV Voice Changer Software DIAMOND 7.0" = AV Voice Changer Software DIAMOND 7.0
"Avidemux 2.5" = Avidemux 2.5
"AviSynth" = AviSynth 2.5
"BitComet" = BitComet 1.22
"BrainWave Generator" = BrainWave Generator
"CasinoEuroPoker" = CasinoEuroPoker (remove only)
"CDex" = CDex extraction audio
"cFosSpeed" = cFosSpeed v5.12
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combat Arms EU" = Combat Arms EU
"conduitEngine" = Conduit Engine
"Cool Edit Pro 2.0" = Cool Edit Pro 2.0
"Counter-Strike 1.6 v32" = Counter-Strike 1.6 v32
"Cpukiller3_is1" = Cpukiller3 v1.0.5
"CSS FULL DZ [Oct 15 2007]" = CSS FULL DZ [Oct 15 2007] v18.1
"Direct MIDI to MP3 Converter_is1" = Direct MIDI to MP3 Converter version 6.1.2.43
"DirectX10 for Windows XP - Win2000, 2003,..._is1" = DirectX10 RC2 Pre Fix 3
"Drumtronic" = Drumtronic
"DVD To AVI Converter_is1" = DVD To AVI Converter 1.00
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 4.1)
"EarMaster Essential 5_is1" = EarMaster Essential 5
"Easy Video Splitter_is1" = Easy Video Splitter 1.28
"easyCALL_is1" = easyCALL
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"ESET Online Scanner" = ESET Online Scanner v3
"ET3DEMO" = English Translator 3 Demo
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30
"ExpressBurn" = Express Burn
"ExpressRip" = Express Rip
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.3)
"FlightGear_is1" = FlightGear v0.9.10
"Fraps" = Fraps (remove only)
"FREE Hi-Q Recorder_is1" = FREE Hi-Q Recorder 1.92
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"Gadu-Gadu 10" = Gadu-Gadu 10
"Game Booster_is1" = Game Booster
"GameCenter" = GameCenter
"GamersFirst LIVE!" = GamersFirst LIVE!
"GamersFirst War Rock" = War Rock
"GameTracker Lite" = GameTracker Lite
"Gates of Troy_is1" = Gates of Troy
"Guild Wars" = Guild Wars
"Guitar FX BOX 2.8" = Guitar FX BOX 2.8
"Guitar Pro 5_is1" = Guitar Pro 5.2
"GuitarSpeedTrainer_is1" = GST 2.3.8.4
"Gunz" = ijji - Gunz
"Hamachi" = Hamachi 1.0.2.5
"Hitman: Kontrakty" = Hitman: Kontrakty
"Hydrogen" = Hydrogen
"Icy Tower v1.3.1_is1" = Icy Tower v1.3.1
"Icy Tower v1.4_is1" = Icy Tower v1.4
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{F6CE1230-A694-4B86-B21C-A11A112689DA}" = Trust WB-1400T Webcam
"InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Więzy Krwi
"Internet Download Manager" = Internet Download Manager
"ipla" = ipla 2.2
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"KeyFinder_is1" = Magical Jelly Bean KeyFinder
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic)
"Lexmark 4800 Series" = Lexmark 4800 Series
"Lexmark Fax Solutions" = Oprogramowanie faksowe Lexmark
"Line 6 Uninstaller" = Line 6 Uninstaller
"Lineage 2 Frintezza Full" = Lineage 2 Frintezza Full 1.2
"Loki_is1" = Loki
"Magic Mirror_is1" = Magic Mirror 3.0
"Magic Video Batch Converter_is1" = Magic Video Batch Converter 3.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"MobiMB Mobile Media Browser" = MobiMB Mobile Media Browser
"MojDzwonek.com" = MojDzwonek.com - konwerter dzwonków TrueTone
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"MP3 CD Doctor Lite_is1" = MP3 CD Doctor
"MP3 Encoder" = LS MP3 Encoder
"MPEG4 Direct Maker" = MPEG4 Direct Maker
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyWebSearch bar Uninstall" = My Web Search (Smiley Central)
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Guitar Rig 3" = Native Instruments Guitar Rig 3
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments Guitar Rig Session IO Driver" = Native Instruments Guitar Rig Session IO Driver
"Native Instruments GuitarRig Mobile IO Driver" = Native Instruments GuitarRig Mobile IO Driver
"Native Instruments Rig Kontrol 3 Driver" = Native Instruments Rig Kontrol 3 Driver
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Session IO Driver" = Native Instruments Session IO Driver
"Neffy" = Neffy 1,3,29,0
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Nero7Lite_is1" = Nero 7 Lite 7.10.1.0
"Nokia PC Suite" = Nokia PC Suite
"Nowe Gadu-Gadu" = Nowe Gadu-Gadu
"Orb" = Winamp Remote
"Pacific Warriors" = Pacific Warriors
"PingPlotter Standard" = PingPlotter Standard 3.30.1s
"Pool of Radiance" = Pool of Radiance
"Postal 2 Demo" = Postal 2 Demo
"Postal 2 Share The Pain" = Postal 2 Share The Pain
"Postal 2 STP - Free Multiplayer Edition" = Postal 2 STP - Free Multiplayer Edition
"Przyspiesz Komputer_is1" = Przyspiesz Komputer
"PunkBusterSvc" = PunkBuster Services
"QuickPar" = QuickPar 0.9
"rayman2" = rayman2
"RealPlayer 6.0" = RealPlayer
"REAPER" = REAPER
"ReValver" = ReValver
"ReValver Mk II_is1" = ReValver Mk II
"Rohan_USA" = Rohan_USA
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SeaDogs" = SeaDogs
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"Silkroad" = Silkroad
"SkanerOnline" = Skaner on-line mks_vir
"SMS Pilot_is1" = SMS Pilot 1.06 build 003
"SnadBoy's Revelation v2" = SnadBoy's Revelation v2
"Softonic-Polska Toolbar" = Softonic-Polska Toolbar
"Spartan_is1" = Spartan
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SpeedBit Video Downloader" = SpeedBit Video Downloader
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 630" = Alien Swarm
"Tactical Ops" = Tactical Ops
"TallStick TS-AudioToMIDI 3.30" = TallStick TS-AudioToMIDI 3.30 (remove only)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Tengwar Scribe" = Tengwar Scribe
"The Witcher - Doppler's Essence Mod_is1" = EoD ver 1.0.0.0
"Tibia_is1" = Tibia
"Tomb Raider: Underworld Demo" = Tomb Raider: Underworld Demo 1.0
"Tunatic" = Tunatic
"Ultra MP4 Video Converter_is1" = Ultra MP4 Video Converter 5.2.0603
"Videora iPod Converter" = Videora iPod Converter 4.07
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VS Online_is1" = VS Online 1.54
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WheelMouse" = Smart-X7 7.80
"WIC" = Windows Imaging Component
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.4.1
"WinRAR archiver" = Archiwizator WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"Xfire" = Xfire (remove only)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"YouTube Downloader App" = YouTube Downloader App 1.02

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2a4f70b48f669acd" = AA3Deploy
"BitTorrent" = BitTorrent 6.0
"BitTorrent DNA" = DNA
"Google Chrome" = Google Chrome
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"uTorrent" = µTorrent

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-03-13 07:39:20 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu.

Error - 2011-03-13 07:39:20 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2011-03-13 07:39:57 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu.

Error - 2011-03-13 07:39:57 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2011-03-13 17:50:02 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu.

Error - 2011-03-13 17:50:02 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2011-03-13 17:50:03 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2011-03-13 17:50:03 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2011-03-13 17:50:03 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2011-03-13 17:50:03 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

[ System Events ]
Error - 2011-03-13 17:07:22 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7034
Description = Usługa Usługa COM nagrywania dysków CD IMAPI niespodziewanie zakończyła
pracę. Wystąpiło to razy: 1.

Error - 2011-03-13 17:17:30 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7034
Description = Usługa cFosSpeed System Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2011-03-13 17:42:37 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7023
Description = Usługa HID Input Service zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2011-03-13 17:47:20 | Computer Name = SUKINSYNA | Source = Dhcp | ID = 1002
Description = Adres IP połączenia 10.10.0.2 dla karty sieciowej o adresie 001FD0890F66
został zabroniony przez serwer DHCP 10.10.0.1 (Serwer DHCP wysłał komunikat DHCPNACK).

Error - 2011-03-13 17:51:42 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7034
Description = Usługa McAfee Security Scan Component Host Service niespodziewanie
zakończyła pracę. Wystąpiło to razy: 1.

Error - 2011-03-15 15:23:18 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7023
Description = Usługa HID Input Service zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2011-03-15 15:23:18 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi My Web Search Service z powodu następującego
błędu: %%2

Error - 2011-03-15 15:23:24 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7034
Description = Usługa cFosSpeed System Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2011-03-15 15:53:02 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: Fips intelppm StarOpen

Error - 2011-03-15 15:53:08 | Computer Name = SUKINSYNA | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi
EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}


< End of report >


Pozdrawiam, licze na szybką pomoc.
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 1,46 Gb Free Space | 2,99% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 19,75 Gb Free Space | 20,23% Space Free | Partition Type: NTFS
Drive E: | 86,39 Gb Total Space | 29,35 Gb Free Space | 33,97% Space Free | Partition Type: NTFS
Drive F: | 597,94 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SUKINSYNA | User Name: start | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-03-15 20:56:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\start\Pulpit\OTL.exe
PRC - [2011-03-15 17:53:13 | 000,159,744 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe
PRC - [2011-03-14 20:13:32 | 000,172,032 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\dwm.exe
PRC - [2011-03-12 14:58:02 | 000,177,664 | -H-- | M] () -- C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe
PRC - [2010-04-02 01:39:57 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-06-29 15:26:55 | 000,520,024 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009-06-29 15:26:36 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011-03-15 20:56:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\start\Pulpit\OTL.exe
MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
MOD - [2004-08-03 23:42:34 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- -- (ServiceLayer)
SRV - File not found [Auto | Stopped] -- -- (MyWebSearchService)
SRV - [2010-09-02 21:18:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe -- (McComponentHostService)
SRV - [2010-05-31 12:33:48 | 000,314,584 | R--- | M] (cFos Software GmbH) [Auto | Stopped] -- C:\Program Files\cFosSpeed\spd.exe -- (cFosSpeedS)
SRV - [2010-04-27 23:33:00 | 003,547,376 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2010-03-11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010-02-26 17:19:54 | 003,623,424 | ---- | M] (Native Instruments GmbH) [Auto | Stopped] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV - [2009-12-13 21:03:04 | 000,300,656 | ---- | M] (Speedbit Ltd.) [Auto | Stopped] -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2009-07-26 06:43:14 | 000,025,832 | -H-- | M] (BioWare) [On_Demand | Stopped] -- D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009-07-20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-06-29 15:26:36 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009-02-26 13:09:14 | 001,547,264 | ---- | M] (ClanServers Hosting LLC) [Auto | Stopped] -- C:\Program Files\GameTracker\GSInGameService.exe -- (GS In-Game Service)
SRV - [2008-05-13 17:07:24 | 000,080,392 | ---- | M] () [Auto | Stopped] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2007-05-29 14:07:58 | 000,598,960 | ---- | M] ( ) [Auto | Stopped] -- C:\WINDOWS\System32\lxdecoms.exe -- (lxde_device)
SRV - [2007-05-29 14:06:43 | 000,099,248 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe -- (lxdeCATSCustConnectService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-03-15 20:23:20 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010-09-10 18:54:14 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010-08-24 01:49:24 | 000,697,328 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010-05-31 12:33:56 | 001,079,000 | ---- | M] (cFos Software GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfosspeed.sys -- (cFosSpeed)
DRV - [2009-05-24 15:24:56 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009-03-16 22:33:02 | 003,597,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-02-09 07:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009-02-09 07:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009-02-09 07:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009-02-09 07:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008-11-08 10:44:31 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008-11-08 10:44:30 | 000,025,416 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-05-07 12:21:40 | 004,739,072 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-04-10 11:52:20 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2008-01-03 15:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-11-14 20:48:20 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2007-05-14 22:41:46 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2007-05-14 22:38:22 | 000,009,216 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2007-04-17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi)
DRV - [2006-11-01 04:01:56 | 000,003,328 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rminiv3.sys -- (mirrorv3)
DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006-05-03 14:40:42 | 000,390,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd.sys -- (snpstd)
DRV - [2005-08-30 17:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005-08-30 17:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005-08-30 17:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2005-06-22 16:09:56 | 000,498,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2003-09-19 14:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002-12-09 15:11:42 | 000,006,852 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Vcs.sys -- (Vcs)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fullarticles.net
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - File not found
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:59333

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 59333
FF - prefs.js..network.proxy.type: 1


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008-11-29 21:48:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-10-20 21:48:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin [2011-03-13 23:37:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-11-18 20:46:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-11-18 20:51:11 | 000,000,000 | ---D | M]

[2008-12-02 21:10:28 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Extensions
[2011-03-14 09:53:32 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions
[2009-09-25 18:26:19 | 000,000,000 | -H-D | M] (Winamp Toolbar) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009-09-02 15:10:53 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-06-19 20:01:50 | 000,000,000 | -H-D | M] (kikin plugin (JDownloader Edition)) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
[2010-08-24 20:46:59 | 000,000,000 | -H-D | M] (BitComet Video Downloader) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2010-08-24 20:46:59 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
[2010-12-01 22:30:41 | 000,000,000 | -H-D | M] (Softonic-Polska Community Toolbar) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}
[2009-11-16 12:23:28 | 000,000,000 | -H-D | M] (DownThemAll!) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010-05-06 19:55:10 | 000,000,000 | -H-D | M] (RadioBar Toolbar) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\radiobar@toolbar
[2010-03-09 21:29:41 | 000,000,000 | -H-D | M] (Zrzuta.eu) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\zrzuta.eu@gmail.com
[2010-10-19 20:29:36 | 000,000,933 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\searchplugins\conduit.xml
[2010-05-06 20:14:20 | 000,001,589 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\searchplugins\web-search.xml
[2011-03-14 09:53:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009-01-11 00:19:35 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009-10-20 21:48:05 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC
[2008-11-29 21:48:49 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD
[2010-02-21 11:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2009-01-19 22:23:28 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2009-07-22 16:31:34 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-03-30 11:42:24 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-03-30 11:42:24 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-03-30 11:42:24 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-03-30 11:42:24 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-03-30 11:42:24 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-08-25 18:57:04 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (SBCONVERT Class) - {31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B} - File not found
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - File not found
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - File not found
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - File not found
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\ShellBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - File not found
O3 - HKCU\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [conhost] C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe ()
O4 - HKLM..\Run: [lxdeamon] C:\Program Files\Lexmark 4800 Series\lxdeamon.exe ()
O4 - HKLM..\Run: [lxdemon.exe] C:\Program Files\Lexmark 4800 Series\lxdemon.exe ()
O4 - HKLM..\Run: [Microsoft Driver Setup] C:\WINDOWS\microsoft.exe (Kxcesobjn Software)
O4 - HKLM..\Run: [My Web Search Bar] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NVIDIA driver monitor] c:\WINDOWS\nvsvc32.exe ()
O4 - HKLM..\Run: [Regedit32] File not found
O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)
O4 - HKLM..\Run: [wuaucldt] C:\WINDOWS\system32\wuaucldt.exe ()
O4 - HKCU..\Run: [Adobe ARP] C:\WINDOWS\System32\adobearp.exe (Eltgk Software)
O4 - HKCU..\Run: [Client Thailanddds] File not found
O4 - HKCU..\Run: [Driver Updater] File not found
O4 - HKCU..\Run: [Eraser] File not found
O4 - HKCU..\Run: [Flwgwl] C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe (Laupd Software)
O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKCU..\Run: [JP595IR86O] File not found
O4 - HKCU..\Run: [NVIDIA driver monitor] c:\WINDOWS\nvsvc32.exe ()
O4 - HKCU..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe (NetInternals)
O4 - HKCU..\Run: [wuaucldt] c:\Documents and Settings\start\wuaucldt.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe (GamersFirst)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe (McAfee, Inc.)
F3 - HKCU WinNT: Load - (C:\DOCUME~1\start\USTAWI~1\Temp\csrss.exe) - C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: Microsoft Driver Setup = C:\WINDOWS\microsoft.exe (Kxcesobjn Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8 - Extra context menu item: Pobierz wszystkie wideo za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - File not found
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Documents and Settings\start\Dane aplikacji\dwm.exe) - C:\Documents and Settings\start\Dane aplikacji\dwm.exe ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-09-27 12:40:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001-10-26 18:12:38 | 000,000,112 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-03-15 20:56:00 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\start\Pulpit\OTL.exe
[2011-03-15 20:46:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\start\Recent
[2011-03-15 20:45:27 | 000,032,904 | ---- | C] (Eltgk Software) -- C:\WINDOWS\System32\adobearp.exe
[2011-03-15 20:32:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\start\Menu Start\Programy\Windows Diagnostic
[2011-03-15 20:30:26 | 000,084,992 | ---- | C] (Laupd Software) -- C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe
[2011-03-15 10:48:35 | 000,573,440 | ---- | C] (NetInternals) -- C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe
[2011-03-13 22:57:42 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011-03-13 20:23:23 | 000,000,000 | ---D | C] -- C:\videooutput
[2011-03-13 20:23:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Freez software
[2011-03-13 20:21:06 | 004,130,372 | -H-- | C] (www.smallvideosoft.com ) -- C:\Documents and Settings\start\Pulpit\flvconverter.exe
[2011-03-13 20:12:16 | 009,909,254 | -H-- | C] (HOW Inc. ) -- C:\Documents and Settings\start\Pulpit\FreeYouTubeDownloaderSetup.exe
[2011-03-13 02:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011-03-11 18:09:29 | 000,060,416 | RHS- | C] (Kxcesobjn Software) -- C:\WINDOWS\microsoft.exe
[2011-03-09 06:30:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\start\Pulpit\The Rolling Stones
[2011-03-06 17:51:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\start\Pulpit\Hard Rock Backing Track in G or C 80 s Style _data
[2011-02-25 22:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\McAfee
[2011-02-25 22:21:27 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\McAfee Security Scan Plus
[2011-02-24 21:46:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan
[2011-02-24 21:46:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee
[2011-02-24 21:46:36 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2011-02-24 21:46:32 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\YouTube Downloader
[2011-02-24 21:46:31 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader
[2011-02-20 00:47:24 | 000,000,000 | ---D | C] -- C:\Program Files\Zeallsoft
[2011-02-20 00:46:55 | 003,409,741 | -H-- | C] (ZeallSoft, Inc. ) -- C:\Documents and Settings\start\Pulpit\mmsetup.exe
[2011-02-20 00:44:06 | 008,161,357 | -H-- | C] ( ) -- C:\Documents and Settings\start\Pulpit\peditorinst.exe
[2011-02-18 19:32:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Cool Edit Pro 2.0
[2010-05-17 20:22:30 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2010-05-17 20:22:30 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2010-05-17 20:22:30 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[2010-05-17 19:41:50 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2010-05-17 19:41:50 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2010-05-17 19:41:50 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2008-09-29 19:42:23 | 001,200,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeserv.dll
[2008-09-29 19:42:23 | 000,950,272 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeusb1.dll
[2008-09-29 19:42:23 | 000,434,176 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdehcp.dll
[2008-09-29 19:42:23 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeinpa.dll
[2008-09-29 19:42:23 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeiesc.dll
[2008-09-29 19:42:22 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdepmui.dll
[2008-09-29 19:42:22 | 000,565,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdelmpm.dll
[2008-09-29 19:42:22 | 000,320,432 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeih.exe
[2008-09-29 19:42:22 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeprox.dll
[2008-09-29 19:42:21 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdehbn3.dll
[2008-09-29 19:42:21 | 000,598,960 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdecoms.exe
[2008-09-29 19:42:20 | 000,860,160 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdecomc.dll
[2008-09-29 19:42:20 | 000,365,488 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdecfg.exe
[2008-09-29 19:42:20 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdecomm.dll
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Documents and Settings\start\Moje dokumenty\*.tmp files -> C:\Documents and Settings\start\Moje dokumenty\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-03-15 20:56:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\start\Pulpit\OTL.exe
[2011-03-15 20:52:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-03-15 20:45:22 | 000,032,904 | ---- | M] (Eltgk Software) -- C:\WINDOWS\System32\adobearp.exe
[2011-03-15 20:42:45 | 002,396,960 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\ComboFix.exe
[2011-03-15 20:40:00 | 000,000,246 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2011-03-15 20:34:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-03-15 20:32:50 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\~16113460r
[2011-03-15 20:32:50 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\~16113460
[2011-03-15 20:32:36 | 000,000,807 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Windows Diagnostic.lnk
[2011-03-15 20:32:32 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\16113460
[2011-03-15 20:32:30 | 000,524,800 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\16113460.exe
[2011-03-15 20:30:14 | 000,084,992 | ---- | M] (Laupd Software) -- C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe
[2011-03-15 20:23:37 | 000,003,968 | RHS- | M] () -- C:\WINDOWS\wibrf.jpg
[2011-03-15 20:23:37 | 000,003,416 | RHS- | M] () -- C:\WINDOWS\wiybr.png
[2011-03-15 20:23:27 | 000,573,440 | ---- | M] (NetInternals) -- C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe
[2011-03-15 20:23:00 | 000,173,776 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2011-03-15 20:22:57 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-03-15 20:22:56 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011-03-15 20:22:56 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2011-03-15 20:22:55 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
[2011-03-15 20:22:54 | 000,000,310 | -HS- | M] () -- C:\WINDOWS\tasks\yyki.job
[2011-03-15 20:22:54 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011-03-15 20:22:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-03-15 19:40:31 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\~13492020
[2011-03-15 19:40:16 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\13492020
[2011-03-15 19:40:15 | 000,524,800 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\13492020.exe
[2011-03-15 18:51:00 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003UA.job
[2011-03-15 17:52:55 | 000,010,698 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\3AA2.398
[2011-03-15 13:51:00 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003Core.job
[2011-03-14 20:13:32 | 000,172,032 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\dwm.exe
[2011-03-14 20:08:45 | 000,140,288 | -H-- | M] () -- C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-03-14 17:42:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011-03-14 16:25:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011-03-14 06:57:14 | 000,015,468 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2011-03-14 06:57:09 | 004,832,193 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Led Zeppelin - Stairway To Heaven - Earls Court - 1975 - HQ.mp3
[2011-03-14 06:57:08 | 002,224,079 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\The Beatles - Help.mp3
[2011-03-14 06:57:08 | 001,229,095 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\The Beatles - Twist n Shout .mp3
[2011-03-13 22:48:09 | 000,060,416 | RHS- | M] (Kxcesobjn Software) -- C:\WINDOWS\microsoft.exe
[2011-03-13 21:56:28 | 000,000,152 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Nowy Dokument sformatowany (2).rtf
[2011-03-13 20:23:21 | 000,000,691 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Freez FLV to AVI MPEG WMV Converter.lnk
[2011-03-13 20:23:04 | 004,130,372 | -H-- | M] (www.smallvideosoft.com ) -- C:\Documents and Settings\start\Pulpit\flvconverter.exe
[2011-03-13 20:19:10 | 010,980,832 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\FCTBSetup.exe
[2011-03-13 20:14:17 | 009,909,254 | -H-- | M] (HOW Inc. ) -- C:\Documents and Settings\start\Pulpit\FreeYouTubeDownloaderSetup.exe
[2011-03-13 11:30:51 | 008,273,459 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\for some fun.mp3
[2011-03-13 10:30:46 | 000,069,714 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\200068_190066684363950_100000818586203_422679_7839411_n.jpg
[2011-03-12 15:58:24 | 000,030,560 | ---- | M] () -- C:\WINDOWS\System32\drivers\wcscd.sys
[2011-03-12 15:58:02 | 000,032,256 | -H-- | M] () -- C:\Documents and Settings\start\wuaucldt.exe
[2011-03-12 15:58:02 | 000,032,256 | ---- | M] () -- C:\WINDOWS\System32\wuaucldt.exe
[2011-03-11 18:42:31 | 000,098,201 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\31879_124901487544718_100000746024542_169127_7635718_n.jpg
[2011-03-10 18:13:13 | 000,048,166 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\185694_1838581054885_1551282075_31946113_8377303_n.jpg
[2011-03-07 17:50:13 | 000,000,807 | -H-- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GamersFirst LIVE!.lnk
[2011-03-07 17:50:13 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\GamersFirst LIVE!.lnk
[2011-03-07 17:48:56 | 019,230,558 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\MOV08115.MPG
[2011-03-06 18:40:22 | 174,795,761 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\MOV08112.MPG
[2011-03-06 18:08:46 | 028,865,883 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Bez tytułu_0002.wmv
[2011-03-06 18:03:49 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011-03-06 17:51:03 | 000,065,794 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Hard Rock Backing Track in G or C 80 s Style .aup
[2011-03-03 09:20:20 | 000,002,384 | ---- | M] () -- C:\WINDOWS\ndl.dl
[2011-02-28 20:53:19 | 000,070,358 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\gretsch_countryclassicSPg_007.jpg
[2011-02-26 02:15:39 | 002,972,193 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Johny.mp3
[2011-02-26 00:58:20 | 061,666,604 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\waw2.wav
[2011-02-26 00:42:21 | 096,454,700 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\shot.wav
[2011-02-25 22:21:28 | 000,001,801 | -H-- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk
[2011-02-25 21:53:04 | 005,282,168 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\rock n roll blues.mp3
[2011-02-24 21:46:32 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\YouTube Downloader.lnk
[2011-02-24 21:46:04 | 004,698,191 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\YouTubeDownloaderSetup27_[www.programosy.pl].exe
[2011-02-21 22:55:02 | 004,112,020 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\angie.mp3
[2011-02-21 22:48:57 | 074,502,956 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\an.wav
[2011-02-20 18:39:15 | 020,596,321 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Bez tytułu_0001.wmv
[2011-02-20 18:27:05 | 005,112,520 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\AC DC - Shoot to Thrill2.mp3
[2011-02-20 18:22:46 | 121,186,073 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\MOV08096.MPG
[2011-02-20 12:26:13 | 004,657,869 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\sin city2.mp3
[2011-02-20 12:19:17 | 084,186,284 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\sin.wav
[2011-02-20 12:03:12 | 004,661,124 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\sin city.mp3
[2011-02-20 00:53:10 | 000,009,442 | -H-- | M] () -- C:\Documents and Settings\start\Moje dokumenty\skanuj0001.jpg
[2011-02-20 00:47:25 | 000,000,961 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\ZeallSoft Products.lnk
[2011-02-20 00:47:25 | 000,000,893 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Magic Mirror.lnk
[2011-02-20 00:47:18 | 003,409,741 | -H-- | M] (ZeallSoft, Inc. ) -- C:\Documents and Settings\start\Pulpit\mmsetup.exe
[2011-02-20 00:44:06 | 008,161,357 | -H-- | M] ( ) -- C:\Documents and Settings\start\Pulpit\peditorinst.exe
[2011-02-19 16:50:00 | 000,984,003 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\wwwwwa11.mp3
[2011-02-18 21:10:30 | 000,988,499 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\podklad123.mp3
[2011-02-18 19:32:23 | 000,156,910 | ---- | M] () -- C:\WINDOWS\WMSysPr8.prx
[2011-02-18 19:32:21 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Cool Edit Pro 2.0.lnk
[2011-02-18 18:56:48 | 002,320,812 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\podklad.mp3
[2011-02-16 22:51:55 | 000,002,281 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\2152.rtf
[2011-02-15 00:28:05 | 005,795,550 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\smoke on the water (2)12.mp3
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Documents and Settings\start\Moje dokumenty\*.tmp files -> C:\Documents and Settings\start\Moje dokumenty\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-03-15 20:41:00 | 002,396,960 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\ComboFix.exe
[2011-03-15 20:32:50 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~16113460r
[2011-03-15 20:32:50 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~16113460
[2011-03-15 20:32:36 | 000,000,807 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Windows Diagnostic.lnk
[2011-03-15 20:32:32 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\16113460
[2011-03-15 20:32:30 | 000,524,800 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\16113460.exe
[2011-03-15 19:40:31 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~13492020
[2011-03-15 19:40:16 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\13492020
[2011-03-15 19:40:15 | 000,524,800 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\13492020.exe
[2011-03-14 06:51:05 | 004,832,193 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Led Zeppelin - Stairway To Heaven - Earls Court - 1975 - HQ.mp3
[2011-03-13 21:56:24 | 000,000,152 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Nowy Dokument sformatowany (2).rtf
[2011-03-13 20:23:21 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll
[2011-03-13 20:23:21 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-03-13 20:23:21 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-03-13 20:23:21 | 000,000,691 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Freez FLV to AVI MPEG WMV Converter.lnk
[2011-03-13 20:13:38 | 010,980,832 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\FCTBSetup.exe
[2011-03-13 13:52:03 | 002,224,079 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\The Beatles - Help.mp3
[2011-03-13 13:46:46 | 001,229,095 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\The Beatles - Twist n Shout .mp3
[2011-03-13 11:28:00 | 008,273,459 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\for some fun.mp3
[2011-03-13 10:30:46 | 000,069,714 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\200068_190066684363950_100000818586203_422679_7839411_n.jpg
[2011-03-12 15:58:24 | 000,030,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\wcscd.sys
[2011-03-12 15:58:02 | 000,032,256 | -H-- | C] () -- C:\Documents and Settings\start\wuaucldt.exe
[2011-03-12 15:58:02 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\wuaucldt.exe
[2011-03-12 14:57:35 | 000,172,032 | -H-- | C] () -- C:\Documents and Settings\start\Dane aplikacji\dwm.exe
[2011-03-12 14:57:07 | 000,010,698 | -H-- | C] () -- C:\Documents and Settings\start\Dane aplikacji\3AA2.398
[2011-03-11 18:42:30 | 000,098,201 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\31879_124901487544718_100000746024542_169127_7635718_n.jpg
[2011-03-10 18:13:12 | 000,048,166 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\185694_1838581054885_1551282075_31946113_8377303_n.jpg
[2011-03-07 18:59:29 | 019,230,558 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\MOV08115.MPG
[2011-03-07 17:50:13 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\GamersFirst LIVE!.lnk
[2011-03-06 18:04:12 | 028,865,883 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Bez tytułu_0002.wmv
[2011-03-06 17:51:03 | 000,065,794 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Hard Rock Backing Track in G or C 80 s Style .aup
[2011-03-06 17:50:55 | 174,795,761 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\MOV08112.MPG
[2011-03-03 09:20:20 | 000,003,968 | RHS- | C] () -- C:\WINDOWS\wibrf.jpg
[2011-03-03 09:20:20 | 000,003,416 | RHS- | C] () -- C:\WINDOWS\wiybr.png
[2011-03-03 09:20:20 | 000,002,384 | ---- | C] () -- C:\WINDOWS\ndl.dl
[2011-02-28 20:53:19 | 000,070,358 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\gretsch_countryclassicSPg_007.jpg
[2011-02-26 01:50:57 | 002,972,193 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Johny.mp3
[2011-02-26 00:58:57 | 061,666,604 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\waw2.wav
[2011-02-25 21:51:12 | 005,282,168 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\rock n roll blues.mp3
[2011-02-24 21:46:36 | 000,001,801 | -H-- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk
[2011-02-24 21:46:32 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\YouTube Downloader.lnk
[2011-02-24 21:44:46 | 004,698,191 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\YouTubeDownloaderSetup27_[www.programosy.pl].exe
[2011-02-21 22:49:02 | 074,502,956 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\an.wav
[2011-02-21 22:20:26 | 004,112,020 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\angie.mp3
[2011-02-20 18:36:04 | 020,596,321 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Bez tytułu_0001.wmv
[2011-02-20 18:26:51 | 005,112,520 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\AC DC - Shoot to Thrill2.mp3
[2011-02-20 17:48:19 | 096,454,700 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\shot.wav
[2011-02-20 17:29:08 | 121,186,073 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\MOV08096.MPG
[2011-02-20 12:25:46 | 004,657,869 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\sin city2.mp3
[2011-02-20 12:19:26 | 084,186,284 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\sin.wav
[2011-02-20 12:03:11 | 004,661,124 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\sin city.mp3
[2011-02-20 00:47:25 | 000,000,961 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\ZeallSoft Products.lnk
[2011-02-20 00:47:25 | 000,000,893 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Magic Mirror.lnk
[2011-02-19 16:49:52 | 000,984,003 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\wwwwwa11.mp3
[2011-02-18 21:10:26 | 000,988,499 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\podklad123.mp3
[2011-02-18 19:32:23 | 000,156,910 | ---- | C] () -- C:\WINDOWS\WMSysPr8.prx
[2011-02-18 19:32:21 | 000,000,576 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Cool Edit Pro 2.0.lnk
[2011-02-18 18:55:48 | 002,320,812 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\podklad.mp3
[2011-02-16 22:51:55 | 000,002,281 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\2152.rtf
[2011-02-15 00:27:30 | 005,795,550 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\smoke on the water (2)12.mp3
[2011-01-09 15:48:34 | 000,074,240 | RHS- | C] () -- C:\WINDOWS\nvsvc32.exe
[2010-12-04 20:19:43 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll
[2010-12-03 12:04:21 | 000,115,712 | RHS- | C] () -- C:\WINDOWS\System32\wship6C.dll
[2010-11-18 21:39:53 | 000,626,688 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2010-11-18 21:05:11 | 000,000,193 | ---- | C] () -- C:\WINDOWS\dvdtoaviconverter.ini
[2010-11-18 20:58:59 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\SysDVDtoavi.dat
[2010-11-18 20:58:56 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010-11-18 20:58:56 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\advd.dll
[2010-11-18 20:58:56 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\auth.dll
[2010-11-18 20:52:09 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys
[2010-11-18 20:52:09 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\2ABE404A5B.sys
[2010-09-21 14:42:55 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-08-26 23:36:01 | 000,000,236 | ---- | C] () -- C:\Program Files\Common Files\dx.reg
[2010-08-26 23:36:00 | 000,874,502 | ---- | C] () -- C:\WINDOWS\System32\kernel32new.dll
[2010-08-26 23:36:00 | 000,681,478 | ---- | C] () -- C:\WINDOWS\System32\msvcrtnew.dll
[2010-08-26 23:36:00 | 000,187,398 | ---- | C] () -- C:\WINDOWS\System32\d3d10core.dll
[2010-08-26 23:35:59 | 001,029,126 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll
[2010-08-26 23:35:59 | 000,716,153 | ---- | C] () -- C:\WINDOWS\System32\unins000.exe
[2010-08-26 23:35:59 | 000,002,917 | ---- | C] () -- C:\WINDOWS\System32\unins000.dat
[2010-08-26 22:31:02 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010-08-25 17:48:07 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-08-25 17:48:07 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010-08-25 17:48:07 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010-08-25 17:48:07 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-08-25 17:48:07 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010-08-12 20:41:34 | 000,492,688 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-08-02 13:03:03 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010-07-31 10:29:02 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-07-26 10:34:34 | 000,175,616 | ---- | C] () -- C:\WINDOWS\Kneqoa.exe
[2010-05-18 14:23:24 | 000,004,940 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\mtbjfghn.xbe
[2010-05-17 20:22:33 | 000,339,968 | ---- | C] () -- C:\WINDOWS\vsnpstd.exe
[2010-05-17 20:22:33 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2010-05-17 20:22:31 | 000,390,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2010-05-17 20:22:30 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnpstd.exe
[2010-05-17 19:41:51 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2010-05-17 19:41:50 | 000,498,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd3.sys
[2010-05-17 19:41:50 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnpstd3.exe
[2009-12-20 22:01:34 | 000,000,080 | ---- | C] () -- C:\WINDOWS\msocreg32.dat
[2009-12-02 18:35:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2009-11-17 10:39:30 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009-09-27 16:50:38 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-08-10 17:28:22 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\Sx5363.ini
[2009-07-26 22:14:16 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009-06-18 18:43:43 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2009-06-18 18:43:43 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2009-05-24 15:30:46 | 000,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009-04-08 12:15:38 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-04-08 12:15:29 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009-04-08 12:15:24 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009-04-05 19:44:22 | 000,001,824 | ---- | C] () -- C:\WINDOWS\TSearch.INI
[2009-04-05 15:12:48 | 000,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc(2).exe
[2009-03-27 16:10:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt
[2009-03-27 16:08:42 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009-03-06 14:13:25 | 000,000,032 | ---- | C] () -- C:\WINDOWS\system87sG.dat
[2009-02-11 01:13:00 | 000,042,320 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009-02-02 20:59:56 | 000,000,030 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2009-01-27 20:49:21 | 000,006,852 | ---- | C] () -- C:\WINDOWS\System32\drivers\Vcs.sys
[2009-01-18 19:55:14 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008-12-02 20:24:22 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\rtl4.dat
[2008-11-29 22:26:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008-11-29 22:26:15 | 000,015,468 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008-11-10 23:06:41 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2008-11-10 20:41:12 | 000,000,130 | -H-- | C] () -- C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2008-11-08 11:03:24 | 000,669,184 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2008-11-08 10:44:31 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008-11-08 10:44:30 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008-10-16 11:08:31 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-09-30 15:28:32 | 000,140,288 | -H-- | C] () -- C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-09-29 19:44:57 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdecoin.dll
[2008-09-29 19:44:57 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdevs.dll
[2008-09-29 19:44:26 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxdedrs.dll
[2008-09-29 19:44:26 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxdecaps.dll
[2008-09-29 19:44:25 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdecnv4.dll
[2008-09-29 19:44:05 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMON.DLL
[2008-09-29 19:44:05 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxf3oem.dll
[2008-09-29 19:44:05 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXF3FXPU.DLL
[2008-09-29 19:44:05 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMRC.DLL
[2008-09-29 19:42:36 | 000,000,060 | -H-- | C] () -- C:\WINDOWS\System32\lxderwrd.ini
[2008-09-29 19:42:24 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdeinst.dll
[2008-09-29 19:42:21 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdegrd.dll
[2008-09-29 08:04:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008-09-29 07:59:09 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2008-09-29 07:59:04 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008-09-29 07:59:03 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008-09-29 07:59:02 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008-09-29 07:59:02 | 000,184,394 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008-09-27 14:29:03 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008-09-27 14:26:27 | 000,204,120 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008-09-27 12:54:29 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008-09-27 12:41:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008-09-27 12:38:16 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007-08-21 22:51:16 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2007-08-21 20:36:12 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2005-02-24 11:29:14 | 000,162,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PFC027.sys
[2005-01-25 14:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL
[2004-11-22 12:48:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\98Setup.exe
[2004-08-03 23:56:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004-08-02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-07-17 10:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004-03-17 18:15:00 | 000,000,118 | ---- | C] () -- C:\WINDOWS\smp32.dll
[2002-09-17 23:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
[2001-10-26 15:15:16 | 000,581,058 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 15:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 15:15:16 | 000,118,932 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 15:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-10-26 14:45:34 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\NSREG.DLL
[2001-08-23 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-17 20:30:24 | 000,516,814 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-17 20:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-17 20:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-17 20:30:22 | 000,094,524 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-17 20:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-21 21:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-21 21:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-21 21:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[color=#E56717]========== LOP Check ==========[/color]

[2009-09-13 16:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AA3DeployClient
[2010-06-02 17:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2009-12-24 22:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BioWare
[2010-05-06 18:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Celemony Software GmbH
[2010-05-06 12:08:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EarMaster
[2008-11-10 21:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-09-01 13:21:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2009-12-20 21:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IK Multimedia
[2009-10-20 21:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2010-09-21 14:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-07-30 09:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LxThumbs
[2010-07-26 10:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Native Instruments
[2010-05-27 06:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NCH Swift Sound
[2009-08-23 07:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2009-01-20 20:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks
[2009-10-20 22:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2011-03-07 17:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2010-12-12 21:38:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Psicraft
[2010-02-18 20:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony
[2009-07-26 23:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2008-11-30 10:55:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Wru
[2010-12-02 23:35:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{20EFD19B-675C-417B-A498-B0161D72FF88}
[2010-12-03 17:50:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{4F32CAF7-963B-404D-BF13-C48BA3F5F6A7}
[2009-05-24 15:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{83C91755-2546-441D-AC40-9A6B4B860800}
[2010-12-03 17:49:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{AC46DC4F-66BD-4733-A8B4-0B69418C12D0}
[2010-12-02 23:33:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{B5F0C192-874D-49A8-88D7-8431E3714756}
[2010-12-03 17:52:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D69A48BF-7653-4AA8-94BC-5847522A4573}
[2010-12-03 17:48:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{EC98E512-708C-4C3B-9F07-B58768C1DD8A}
[2010-12-30 15:01:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\AnvSoft
[2010-11-30 21:03:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\avidemux
[2011-03-13 21:41:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\BitComet
[2008-11-30 20:59:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\BitTorrent
[2010-10-13 17:45:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\DMCache
[2010-10-17 11:16:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\DNA
[2008-11-12 21:04:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Gadu-Gadu
[2010-09-01 13:21:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Gadu-Gadu 10
[2009-11-17 04:04:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\GetRightToGo
[2009-12-12 22:58:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\gtk-2.0
[2010-06-20 12:51:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\kikin
[2008-11-20 19:21:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Lexmark Productivity Studio
[2010-01-05 20:38:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Line 6
[2009-10-31 14:54:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Nokia
[2009-09-04 19:38:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Nowe Gadu-Gadu
[2010-12-14 18:10:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\OpenCandy
[2009-10-20 22:03:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\PC Suite
[2011-01-22 00:37:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\PriceGong
[2009-07-26 23:19:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Publish Providers
[2009-10-04 18:02:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\REAPER
[2009-04-11 09:35:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Red Kawa
[2009-03-27 16:12:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Samsung
[2009-07-26 23:18:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Sony
[2009-07-26 22:50:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Sony Setup
[2011-01-17 21:12:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Teeworlds
[2011-03-14 16:25:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010-06-15 20:03:56 | 000,000,298 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnDowngrade.job
[2010-06-01 20:07:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnSevenDaysInit.job
[2010-06-15 20:03:56 | 000,000,298 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnShakeIcon.job
[2010-05-30 07:34:00 | 000,000,294 | ---- | M] () -- C:\WINDOWS\Tasks\expressripShakeIcon.job
[2011-03-15 20:22:56 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
[2011-03-15 20:22:54 | 000,000,310 | -HS- | M] () -- C:\WINDOWS\Tasks\yyki.job
[2011-03-15 20:22:56 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011-03-15 20:40:00 | 000,000,246 | -H-- | M] () -- C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2011-03-15 20:22:55 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
[2011-03-15 20:22:54 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

[color=#E56717]========== Purity Check ==========[/color]



< End of report >[/log]

[color="#0000FF"]//wstawiam w tagi
//Tom01[/color]

Tomek01
komentarz
komentarz

Jakby Ci się spieszyło to zaoszczędziłbyś mój czas i wstawił logi w odpowiednie tag oraz wrzuciłbyś drugi obowiązkowy log z RSIT.


Komputer masz mocno zawirusowany.

W razie czego wykona obraz partycji systemowej: [url="http://forum.pcformat.pl/Po-uruchomieniu-Combofix-system-nie-startuje-t"]KLIK[/url]


Pokaż log powstały po skanowaniu Combofix'a.

AveX
komentarz
komentarz (edytowane)

[log] ComboFix 11-03-16.01 - start 2011-03-16 20:12:55.2.2 - x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.2046.1606 [GMT 1:00]
Uruchomiony z: c:\documents and settings\start\Pulpit\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Dane aplikacji\13492020.exe
c:\documents and settings\All Users\Dane aplikacji\15064884.exe
c:\documents and settings\All Users\Dane aplikacji\16113460.exe
c:\documents and settings\start\Dane aplikacji\dwm.exe
c:\documents and settings\start\Dane aplikacji\Microsoft\conhost.exe
c:\documents and settings\start\Dane aplikacji\PriceGong
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\1.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\a.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\b.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\c.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\d.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\e.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\f.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\g.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\h.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\i.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\J.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\k.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\l.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\m.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\mru.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\n.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\o.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\p.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\q.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\r.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\s.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\t.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\u.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\v.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\w.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\x.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\y.xml
c:\documents and settings\start\Dane aplikacji\PriceGong\Data\z.xml
c:\documents and settings\start\wuaucldt.exe
c:\program files\FunWebProducts
c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\CHROME.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\1.bin\F3SCrctr.dll
c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\1.bin\INSTALL.RDF
c:\program files\MyWebSearch\bar\1.bin\M3FFtbpr.dll
c:\program files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE
c:\program files\MyWebSearch\bar\1.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\1.bin\M3MEDINT.EXE
c:\program files\MyWebSearch\bar\1.bin\M3PATCH.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKIN.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Cache\00126C7D
c:\program files\MyWebSearch\bar\Cache\03D7DFD3.exe
c:\program files\MyWebSearch\bar\Cache\07E53D03.bmp
c:\program files\MyWebSearch\bar\Cache\0A6FCF37.bin
c:\program files\MyWebSearch\bar\Cache\0A6FF7FC.bin
c:\program files\MyWebSearch\bar\Cache\0A6FF8A8.bin
c:\program files\MyWebSearch\bar\Cache\0A6FF915.bin
c:\program files\MyWebSearch\bar\Cache\files.ini
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\History\search3
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Overlay\COMMON.F3S
c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\windows\log32.txt
c:\windows\Microsoft.exe
c:\windows\ndl.dl
c:\windows\nvsvc32.exe
c:\windows\system32\adobearp.exe
c:\windows\system32\drivers\wcscd.sys
c:\windows\system32\f3PSSavr.scr
c:\windows\system32\wuaucldt.exe
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
c:\windows\wibrf.jpg
c:\windows\wiybr.png
.
.
((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CDFSS
-------\Legacy_MYWEBSEARCHSERVICE
-------\Legacy_WCSCD
-------\Service_cdfss
-------\Service_MyWebSearchService
-------\Service_wcscd
.
.
((((((((((((((((((((((((( Pliki utworzone od 2011-02-16 do 2011-03-16 )))))))))))))))))))))))))))))))
.
.
2011-03-15 20:32 . 2011-03-16 19:08 -------- d-----w- c:\program files\trend micro
2011-03-15 20:32 . 2011-03-15 20:32 -------- d-----w- C:\rsit
2011-03-15 20:31 . 2011-03-15 20:31 -------- d-----w- C:\_OTL
2011-03-15 09:48 . 2011-03-15 19:23 573440 ----a-w- c:\documents and settings\All Users\Dane aplikacji\wjfrjCrTGl.exe
2011-03-13 21:57 . 2011-03-13 21:57 -------- d-----w- c:\program files\ESET
2011-03-13 19:23 . 2011-03-13 19:23 -------- d-----w- C:\videooutput
2011-03-13 19:23 . 2009-06-04 12:17 8676883 ----a-w- c:\windows\system32\NCMedia2.dll
2011-03-13 19:23 . 2009-05-19 17:32 758018 ----a-w- c:\windows\system32\xvidcore.dll
2011-03-13 19:23 . 2008-12-04 20:46 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2011-03-13 01:35 . 2011-03-13 01:35 -------- d-----w- c:\program files\Common Files\Skype
2011-02-25 21:22 . 2011-02-25 21:22 -------- d-----w- c:\documents and settings\LocalService\Dane aplikacji\McAfee
2011-02-24 20:46 . 2011-02-24 20:46 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\McAfee
2011-02-24 20:46 . 2011-02-24 20:46 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\McAfee Security Scan
2011-02-24 20:46 . 2011-02-25 21:21 -------- d-----w- c:\program files\McAfee Security Scan
2011-02-24 20:46 . 2011-02-24 20:46 -------- d-----w- c:\program files\YouTube Downloader
2011-02-19 23:47 . 2011-02-19 23:47 -------- d-----w- c:\program files\Zeallsoft
2011-02-18 18:32 . 2001-10-19 13:40 1683792 ----a-w- c:\windows\system32\wmvcore2.dll
2011-02-18 18:32 . 2001-10-19 13:40 438608 ----a-w- c:\windows\system32\wmv8dmod.dll
2011-02-18 18:32 . 2001-10-19 13:40 665424 ----a-w- c:\windows\system32\wmv8dmoe.dll
2011-02-18 18:32 . 2001-10-19 13:39 572752 ----a-w- c:\windows\system32\wmvdmoe.dll
2011-02-18 18:32 . 2001-10-19 01:05 285184 ----a-w- c:\windows\system32\wmidx2.ocx
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-16 19:18 . 2008-09-27 11:44 16608 ----a-w- c:\windows\gdrv.sys
2010-05-06 23:41 . 2010-05-08 11:41 44 ---h--w- c:\program files\237f4ecd.tmp
2008-03-09 05:25 . 2010-08-26 22:36 236 ----a-w- c:\program files\Common Files\dx.reg
.
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-05-06 1262888]
"{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}"= "c:\program files\Softonic-Polska\tbSoft.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]
.
[HKEY_CLASSES_ROOT\clsid\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 11:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]
2010-10-18 11:26 3908192 ----a-w- c:\program files\Softonic-Polska\tbSoft.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}"= "c:\program files\Softonic-Polska\tbSoft.dll" [2010-10-18 3908192]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{C86EB8A9-CCC2-4B6C-B75D-73576ED591BF}"= "c:\program files\Softonic-Polska\tbSoft.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-19 68856]
"Gadu-Gadu 10"="c:\program files\Gadu-Gadu 10\gg.exe" [2010-10-07 12661344]
"Google Update"="c:\documents and settings\start\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" [2010-03-11 136176]
"wjfrjCrTGl"="c:\documents and settings\All Users\Dane aplikacji\wjfrjCrTGl.exe" [2011-03-15 573440]
"Adobe ARP"="adobearp.exe" [2011-03-16 37016]
"wuaucldt"="c:\documents and settings\start\wuaucldt.exe" [2011-03-16 32256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"lxdemon.exe"="c:\program files\Lexmark 4800 Series\lxdemon.exe" [2007-06-11 455600]
"lxdeamon"="c:\program files\Lexmark 4800 Series\lxdeamon.exe" [2007-06-01 20480]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-11-29 185872]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-10 136600]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-17 61440]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2007-05-15 204800]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-07 16862208]
"QuickTime Task"="e:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"snpstd"="c:\windows\vsnpstd.exe" [2005-10-11 339968]
"wuaucldt"="c:\windows\system32\wuaucldt.exe" [2011-03-16 32256]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"wjfrjCrTGl"="c:\documents and settings\All Users\Dane aplikacji\wjfrjCrTGl.exe" [2011-03-15 573440]
.
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
GamersFirst LIVE!.lnk - c:\program files\GamersFirst\LIVE!\Live.exe [2011-3-3 2845552]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.189\SSScheduler.exe [2010-9-2 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^start^Menu Start^Programy^Autostart^hamachi.lnk]
path=c:\documents and settings\start\Menu Start\Programy\Autostart\hamachi.lnk
backup=c:\windows\pss\hamachi.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^start^Menu Start^Programy^Autostart^smgr34.exe]
path=c:\documents and settings\start\Menu Start\Programy\Autostart\smgr34.exe
backup=c:\windows\pss\smgr34.exeStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
2009-06-29 14:26 520024 ----a-w- c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater6]
2009-06-05 15:13 2521464 ----a-w- c:\program files\Common Files\Adobe\Updater6\Adobe_Updater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-11-15 09:42 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AQQ]
2010-07-14 03:39 7654400 ----a-w- c:\progra~1\WapSter\WAPSTE~1\AQQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2009-10-07 14:16 323392 ----a-w- c:\program files\DNA\btdna.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cFosSpeed]
2010-05-31 11:33 801496 ----a-r- c:\program files\cFosSpeed\cfosspeed.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
2007-06-29 13:03 36864 ----a-w- c:\program files\GameSpy\Comrade\Comrade.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
2007-06-11 17:55 316336 ----a-w- c:\program files\Lexmark Fax Solutions\fm3032.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10]
2010-10-07 08:04 12661344 ----a-w- c:\program files\Gadu-Gadu 10\gg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameTracker]
2009-02-26 12:35 2446688 ----a-w- c:\program files\GameTracker\GTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-03-11 03:05 136176 ---hatw- c:\documents and settings\start\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
2008-12-17 11:51 2745776 ----a-w- c:\program files\Internet Download Manager\IDMan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
2001-08-17 22:56 44032 ----a-w- c:\windows\ime\imkr6_1\imekrmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-03 20:32 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!]
2010-09-17 16:03 17438712 ----a-w- c:\program files\ipla\ipla.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-08-03 22:44 1667584 ------w- c:\program files\messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2004-08-03 20:31 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nowe Gadu-Gadu]
2009-05-28 09:23 10486376 ----a-w- c:\program files\Nowe Gadu-Gadu\gg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
2008-04-01 01:54 507904 ----a-w- c:\program files\Winamp Remote\bin\OrbTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-06-25 13:12 1414144 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2004-08-03 20:32 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2004-08-03 20:32 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-09-05 00:54 417792 ----a-w- e:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-01-26 16:05 15026056 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd]
2005-10-11 11:54 339968 ----a-w- c:\windows\vsnpstd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
2005-01-14 09:00 339968 ----a-w- c:\windows\vsnpstd3.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedBitVideoAccelerator]
2009-12-13 20:03 1590888 ----a-w- c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-12-27 13:04 1242448 ----a-w- c:\program files\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\lxdecoms.exe"=
"c:\\Program Files\\Lexmark 4800 Series\\lxdeamon.exe"=
"c:\\Program Files\\Lexmark 4800 Series\\frun.exe"=
"c:\\Program Files\\Lexmark Fax Solutions\\FaxCtr.exe"=
"c:\\Program Files\\Lexmark 4800 Series\\lxdemon.exe"=
"c:\\WINDOWS\\system32\\lxdecfg.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdepswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdetime.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdejswx.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\GameSpy\\Comrade\\Comrade.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdewbgw.exe"=
"d:\\Program Files\\Gpotato\\Flyff\\Flyff.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"e:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"e:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Documents and Settings\\All Users\\Dane aplikacji\\NexonEU\\NGM\\NGM.exe"=
"e:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"d:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"=
"d:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"=
"d:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"e:\\Program Files\\Far Cry 2\\bin\\FarCry2.exe"=
"e:\\Program Files\\Far Cry 2\\bin\\FC2Launcher.exe"=
"e:\\Program Files\\Far Cry 2\\bin\\FC2Editor.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"e:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"e:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\Gadu-Gadu 10\\gg.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\swarm.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\srcds.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56795:TCP"= 56795:TCP:Pando Media Booster
"56795:UDP"= 56795:UDP:Pando Media Booster
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"20490:TCP"= 20490:TCP:BitComet 20490 TCP
"20490:UDP"= 20490:UDP:BitComet 20490 UDP
"25828:TCP"= 25828:TCP:BitComet 25828 TCP
"25828:UDP"= 25828:UDP:BitComet 25828 UDP
"57987:TCP"= 57987:TCP:Pando Media Booster
"57987:UDP"= 57987:UDP:Pando Media Booster
"7517:TCP"= 7517:TCP:BitComet 7517 TCP
"7517:UDP"= 7517:UDP:BitComet 7517 UDP
"27416:TCP"= 27416:TCP:BitComet 27416 TCP
"27416:UDP"= 27416:UDP:BitComet 27416 UDP
"57683:TCP"= 57683:TCP:Pando Media Booster
"57683:UDP"= 57683:UDP:Pando Media Booster
"7473:TCP"= 7473:TCP:BitComet 7473 TCP
"7473:UDP"= 7473:UDP:BitComet 7473 UDP
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-05-24 64160]
R2 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\EnergySaver\GSvr.exe [2008-09-27 80392]
R2 GS In-Game Service;GS In-Game Service;c:\program files\GameTracker\GSInGameService.exe [2009-04-04 1547264]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 1029456]
R2 lxde_device;lxde_device;c:\windows\system32\lxdecoms.exe -service --> c:\windows\system32\lxdecoms.exe -service [?]
R2 lxdeCATSCustConnectService;lxdeCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdeserv.exe [2008-09-29 99248]
R2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2010-02-26 3623424]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
R2 Vcs;Vcs support;c:\windows\system32\drivers\Vcs.sys [2009-01-27 6852]
R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SPEEDB~2\VideoAcceleratorService.exe -start -scm --> c:\progra~1\SPEEDB~2\VideoAcceleratorService.exe -start -scm [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c9b9f9cd8e90bc;Usługa Google Update (gupdate1c9b9f9cd8e90bc);c:\program files\Google\Update\GoogleUpdate.exe [2009-04-10 133104]
S3 DAUpdaterSvc;Dragon Age: Początek - Aktualizator zawartości;d:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [2009-12-24 25832]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.189\McCHSvc.exe [2010-09-02 227232]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-08-24 697328]
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - CDFSS
*Deregistered* - cdfss
.
Zawartość folderu 'Zaplanowane zadania'
.
2011-03-14 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 14:31]
.
2011-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-10 16:31]
.
2011-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-10 16:31]
.
2011-03-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003Core.job
- c:\documents and settings\start\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-05-31 03:05]
.
2011-03-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003UA.job
- c:\documents and settings\start\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-05-31 03:05]
.
2011-03-16 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-05-20 20:18]
.
2011-03-16 c:\windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
- c:\docume~1\start\USTAWI~1\Temp\Kvg.exe [2011-03-16 19:31]
.
2011-03-16 c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
- c:\windows\Kneqod.exe [2011-03-16 19:31]
.
2011-03-16 c:\windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
- c:\docume~1\start\USTAWI~1\Temp\Kvh.exe [2011-03-16 19:31]
.
2011-03-16 c:\windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
- c:\docume~1\start\USTAWI~1\Temp\Kvh.exe [2011-03-16 19:31]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://fullarticles.net
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = http=127.0.0.1:59333
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
IE: &Winamp Search - c:\documents and settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Pobierz wszystkie wideo za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Pobierz wszystko za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: Pobierz za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Ściągnij przez IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Ściągnij wszystkie linki przez IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Ściągnij zawartość wideo FLV przez IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
LSP: c:\progra~1\SPEEDB~2\sblsp.dll
FF - ProfilePath - c:\documents and settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 59333
FF - prefs.js: network.proxy.type - 1
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
BHO-{31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B} - c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
BHO-{E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
HKCU-Run-Eraser - c:\program files\Eraser\eraser.exe
HKCU-Run-Driver Updater - c:\program files\Carambis\Driver Updater\dupdater.exe
HKCU-Run-Client Thailanddds - C:\r1.exe
HKCU-Run-Flwgwl - c:\documents and settings\start\Dane aplikacji\Flwgwl.exe
HKLM-Run-conhost - c:\documents and settings\start\Dane aplikacji\Microsoft\conhost.exe
MSConfigStartUp-cdoosoft - c:\docume~1\start\USTAWI~1\Temp\herss.exe
MSConfigStartUp-MyWebSearch Email Plugin - c:\progra~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
MSConfigStartUp-PrzyspieszKomputer - c:\program files\Przyspiesz Komputer\przyspieszkomputer.exe
MSConfigStartUp-Unogokiqo - c:\windows\kbdpxdmy.dll
MSConfigStartUp-VS Online - c:\program files\VS Online\VSOnline.exe
MSConfigStartUp-WinampAgent - c:\program files\Winamp\winampa.exe
MSConfigStartUp-Wru - c:\program files\Wru\Wru.exe
AddRemove-AirRivals_EN_is1 - c:\program files\Gameforge4D\AirRivals_EN\unins000.exe
AddRemove-AP Guitar Tuner 1.02 - c:\program files\Audio Phonics
AddRemove-Arial Sound Recorder_is1 - c:\program files\Arial Sound Recorder\unins000.exe
AddRemove-AV Voice Changer Software 3.0 - c:\progra~1\AVVCS3~1.0\UNWISE.EXE
AddRemove-AV Voice Changer Software DIAMOND 4.0 - c:\progra~1\AVVCS4~1.0DI\UNWISE.EXE
AddRemove-AV Voice Changer Software DIAMOND 6.0 - c:\progra~1\AVVCS6~1.0DI\UNWISE.EXE
AddRemove-AviSynth - c:\program files\AviSynth 2.5\Uninstall.exe
AddRemove-BrainWave Generator - c:\program files\BrainWave Generator\Uninst.isu
AddRemove-CasinoEuroPoker - c:\program files\CasinoEuro\uninst.exe
AddRemove-CDex - c:\program files\CDex_150\uninstall.exe
AddRemove-Counter-Strike 1.6 v32 - e:\program files\Counter-Strike\Uninstal.exe
AddRemove-Cpukiller3_is1 - c:\program files\Cpukiller3\unins000.exe
AddRemove-Direct MIDI to MP3 Converter_is1 - c:\program files\Direct MIDI to MP3 Converter\unins000.exe
AddRemove-E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84 - c:\progra~1\DIFX\270581355A767BF1\dpinst.exe
AddRemove-EarMaster Essential 5_is1 - c:\program files\EarMaster Essential 5\unins000.exe
AddRemove-easyCALL_is1 - c:\program files\easyCALL\unins000.exe
AddRemove-eMusic Promotion - c:\program files\Winamp\eMusic\Uninst-eMusic-promotion.exe
AddRemove-ET3DEMO - c:\program files\English Translator 3 Demo\setup.exe
AddRemove-ExpressBurn - c:\program files\NCH Swift Sound\ExpressBurn\uninst.exe
AddRemove-ExpressRip - c:\program files\NCH Swift Sound\ExpressRip\uninst.exe
AddRemove-F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7 - c:\progra~1\DIFX\270581355A767BF1\dpinst.exe
AddRemove-FlightGear_is1 - d:\program files\FlightGear\unins000.exe
AddRemove-FREE Hi-Q Recorder_is1 - c:\program files\FREE Hi-Q Recorder\unins000.exe
AddRemove-Game Booster_is1 - c:\program files\IObit\Game Booster\unins000.exe
AddRemove-GameCenter - e:\program files\Cyanide\GameCenter\uninstall.exe
AddRemove-Guild Wars - c:\program files\Guild Wars\Gw.exe
AddRemove-Guitar FX BOX 2.8 - c:\program files\Guitar FX BOX 2.8\uninst.exe
AddRemove-Gunz - c:\ijji\ENGLISH\Gunz\Uninstall.exe
AddRemove-Hitman: Kontrakty - e:\progra~1\HITMAN~1\UNWISE.EXE
AddRemove-Hydrogen - c:\program files\Hydrogen\uninstall.exe
AddRemove-Icy Tower v1.3.1_is1 - c:\games\icytower1.3\unins000.exe
AddRemove-Icy Tower v1.4_is1 - c:\games\icytower1.4\unins000.exe
AddRemove-IrfanView - c:\program files\IrfanView\iv_uninstall.exe
AddRemove-JDownloader - c:\program files\JDownloader\uninstall.exe
AddRemove-Lineage 2 Frintezza Full - e:\program files\Lineage\Nowy folder\Uninstall.exe
AddRemove-Loki_is1 - e:\program files\Cyanide\Loki\unins000.exe
AddRemove-MojDzwonek.com - c:\program files\MojDzwonek.com\uninstall.exe
AddRemove-MP3 CD Doctor Lite_is1 - c:\program files\MP3 CD Doctor\unins000.exe
AddRemove-Native Instruments Guitar Rig Session IO Driver - c:\documents and settings\All Users\Dane aplikacji\{84BD2490-E07B-459A-85CD-649AABFCE52D}\Guitar Rig Session IO Driver Setup.exe
AddRemove-Nero - Burning Rom!UninstallKey - c:\program files\Ahead\nero\uninstall\UNNERO.exe
AddRemove-Nero7Lite_is1 - c:\program files\Nero\unins000.exe
AddRemove-Nowe Gadu-Gadu - c:\program files\Nowe Gadu-Gadu\Uninstall.exe
AddRemove-Pacific Warriors - e:\program files\InterActive Vision\Pacific Warriors\Uninstal.exe
AddRemove-PingPlotter Standard - c:\program files\PingPlotter Standard\uninst.exe
AddRemove-Przyspiesz Komputer_is1 - c:\program files\Przyspiesz Komputer\unins000.exe
AddRemove-QuickPar - c:\program files\QuickPar\uninst.exe
AddRemove-REAPER - c:\program files\REAPER (x64)\Uninstall.exe
AddRemove-ReValver - c:\program files\Alien Connections\ReValver\alloff.exe
AddRemove-ReValver Mk II_is1 - c:\program files\Alien Connections\ReValver Mk II\unins000.exe
AddRemove-Rohan_USA - e:\rohan_usa\GoUninstUSA.exe
AddRemove-SeaDogs - c:\progra~1\BETHES~1\SeaDogs\UNINST~1.EXE
AddRemove-SHOUTcastDSP - c:\program files\Winamp\uninst-dsp.exe
AddRemove-Silkroad - c:\program files\Silkroad\Remove.Exe
AddRemove-SMS Pilot_is1 - c:\program files\SMS Pilot\unins000.exe
AddRemove-SnadBoy's Revelation v2 - c:\progra~1\SNADBO~1\UNWISE.EXE
AddRemove-SpeedBit Video Downloader - c:\program files\SpeedBit Video Downloader\GRRemove.exe
AddRemove-Tactical Ops - e:\program files\Infogrames\Tactical Ops\Uninst.isu
AddRemove-TallStick TS-AudioToMIDI 3.30 - c:\program files\TallStick\TS-AudioToMIDI 3.30\Uninstall.exe
AddRemove-Teamspeak 2 RC2_is1 - c:\program files\Teamspeak2_RC2\unins000.exe
AddRemove-Tengwar Scribe - c:\progra~1\TENGSC~1\UNWISE.EXE
AddRemove-Tibia_is1 - c:\program files\Tibia\unins000.exe
AddRemove-Tomb Raider: Underworld Demo - c:\program files\Eidos\Tomb Raider - Underworld Demo\uninst.exe
AddRemove-Ultra MP4 Video Converter_is1 - e:\program files\Ultra MP4 Video Converter\unins000.exe
AddRemove-VS Online_is1 - c:\program files\VS Online\unins000.exe
AddRemove-WinGimp-2.0_is1 - c:\program files\GIMP-2.0\setup\unins000.exe
AddRemove-Xfire - c:\program files\Xfire\uninst.exe
AddRemove-YouTube Downloader App - c:\program files\Regensoft\Downloader App\uninstaller.exe
AddRemove-{17145977-D875-4B1D-942F-9E5930823E02}_is1 - e:\program files\Gods\Uninstall Information\unins000.exe
AddRemove-{285139D9-633F-4674-8FA3-DB94B356FA82}_is1 - e:\program files\Mafia Tycoon\unins000.exe
AddRemove-{4DBF3C3D-5B6D-45B2-A08B-B06490E2666F}_is1 - c:\program files\Wru\unins000.exe
AddRemove-{68ED7C7F-6F0A-4467-81F3-FA5899A15D16}_is1 - c:\program files\Moyea\Flash Video MX Pro 5\unins000.exe
AddRemove-{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1 - c:\program files\Eraser\unins000.exe
AddRemove-{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA} - c:\program files\kikin\uninst.exe
AddRemove-{F8CF44C8-6295-417B-8B04-AAB39F1BB649}_is1 - e:\program files\Ubisoft\Demo\Techland\Call of Juarez SP Demo\unins000.exe
AddRemove-BitTorrent - c:\program files\BitTorrent\uninst.exe
AddRemove-uTorrent - c:\program files\uTorrent\uTorrent.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-16 20:24
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
.
detected NTDLL code modification:
ZwEnumerateValueKey, ZwQueryDirectoryFile
.
skanowanie ukrytych procesów ...
.
skanowanie ukrytych wpisów autostartu ...
.
skanowanie ukrytych plików ...
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cdfss]
"ImagePath"="\??\c:\docume~1\start\USTAWI~1\Temp\cdfss"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-854245398-2077806209-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D597EF19-20A5-8635-A692-06E87C0C16A8}*]
"oajcoabfpkefmnnndcciembgifmpnl"=hex:64,61,6b,61,6c,67,6a,6b,00,7c
"oafaocodbdikojaiefpepdgidbaeen"=hex:6a,61,69,61,62,68,65,61,61,66,63,6f,66,63,
62,61,6a,62,67,63,00,02
"nappedpjhjijiibfjknjlbiplenk"=hex:6a,61,69,61,62,68,65,61,61,66,63,6f,66,63,
62,61,6a,62,67,63,00,02
.
[HKEY_USERS\S-1-5-21-854245398-2077806209-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:1e,29,6e,9c,54,73,99,11,06,0f,31,ab,f2,f7,4a,79,25,89,71,05,a7,7c,fb,
93,76,0c,6d,fa,59,6c,ce,ef,eb,97,aa,89,34,f2,92,c1,9c,97,ba,ed,ab,aa,36,21,\
"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
.
[HKEY_USERS\S-1-5-21-854245398-2077806209-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:23,1d,77,7b,cf,e9,0f,28,6d,e3,2e,fe,5e,3b,fc,25,f6,e6,9d,e4,93,
1e,b5,3c,93,e3,c1,b3,be,8e,96,e4,9c,4f,c0,86,7d,9e,84,8d,27,f5,24,81,a5,e4,\
"rkeysecu"=hex:39,cc,8a,da,7f,44,84,09,da,b7,e2,0c,b8,a9,a5,33
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):85,37,13,de,b7,87,d6,64,e6,db,61,dc,2c,4f,3e,12,1b,a5,aa,fa,96,
72,97,9e,19,1e,d2,58,09,82,82,73,63,3a,1d,51,e0,ad,3c,c0,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{64f34fed-9f08-4acc-ab17-73ab7a4014b5}]
@Denied: (Full) (Everyone)
"Model"=dword:0000000f
"Therad"=dword:0000001f
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'winlogon.exe'(1144)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'lsass.exe'(1200)
c:\program files\SpeedBit Video Accelerator\Accelerator.dll
c:\program files\SpeedBit Video Accelerator\CommPipe.dll
c:\program files\SpeedBit Video Accelerator\Collector.dll
.
- - - - - - - > 'explorer.exe'(6016)
c:\program files\SpeedBit Video Accelerator\Accelerator.dll
c:\program files\SpeedBit Video Accelerator\CommPipe.dll
c:\program files\SpeedBit Video Accelerator\Collector.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_pol.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\cFosSpeed\spd.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lxdecoms.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\progra~1\SPEEDB~2\VideoAcceleratorService.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
c:\progra~1\SPEEDB~2\VideoAcceleratorEngine.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\attrib.exe
c:\documents and settings\All Users\Dane aplikacji\15064884.exe
c:\windows\system32\attrib.exe
c:\docume~1\start\USTAWI~1\Temp\NS19.tmp
c:\docume~1\start\USTAWI~1\Temp\arpm.exe
c:\windows\TEMP\sdn9DE8.tmp
c:\windows\system32\dwwin.exe
.
**************************************************************************
.
Czas ukończenia: 2011-03-16 20:34:22 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2011-03-16 19:34
.
Przed: 1 524 297 728 bajtów wolnych
Po: 2 719 653 888 bajtów wolnych
.
- - End Of File - - 44934176AF485B6B98FE76CE6CBD60A5
[/log]

Już

Tomek01
komentarz
komentarz

Ja chciałem wcześniejszy log, który powstał wcześniej. Nie kazałem uruchamiać Combofix'a.
Teraz chciałbym zobaczyć nowe logi OTL i RSIT.

AveX
komentarz
komentarz

[log]
Logfile of random's system information tool 1.08 (written by random/random)
Run by start at 2011-03-16 21:14:39
Microsoft Windows XP Professional Dodatek Service Pack 2
System drive C: has 3 GB (5%) free of 50 GB
Total RAM: 2046 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:15:08, on 2011-03-16
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\start\Pulpit\RSIT(2).exe
C:\Program Files\trend micro\start.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fullarticles.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:59333
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Softonic-Polska Toolbar - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Softonic-Polska Toolbar - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\start\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (file missing)
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\SPEEDB~1\Toolbar\grabber.dll (file missing)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll (file missing)
O3 - Toolbar: Softonic-Polska Toolbar - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [lxdemon.exe] "C:\Program Files\Lexmark 4800 Series\lxdemon.exe"
O4 - HKLM\..\Run: [lxdeamon] "C:\Program Files\Lexmark 4800 Series\lxdeamon.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [wuaucldt] c:\windows\system32\wuaucldt.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files\Gadu-Gadu 10\gg.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe
O4 - HKCU\..\Run: [Adobe ARP] adobearp.exe
O4 - HKCU\..\Run: [wuaucldt] c:\documents and settings\start\wuaucldt.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O8 - Extra context menu item: Pobierz wszystkie wideo za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Pobierz za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~2\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~2\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~2\sblsp.dll
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: Dragon Age: Początek - Aktualizator zawartości (DAUpdaterSvc) - BioWare - D:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: GS In-Game Service - ClanServers Hosting LLC - C:\Program Files\GameTracker\GSInGameService.exe
O23 - Service: Usługa Google Update (gupdate1c9b9f9cd8e90bc) (gupdate1c9b9f9cd8e90bc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: lxdeCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe
O23 - Service: lxde_device - - C:\WINDOWS\system32\lxdecoms.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~2\VideoAcceleratorService.exe

--
End of file - 11041 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003UA.job
C:\WINDOWS\tasks\WGASetup.job
C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2008-12-17 161200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-11-29 304736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-10-18 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll [2010-06-22 734512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-11 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-12-19 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-26 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]
Softonic-Polska Toolbar - C:\Program Files\Softonic-Polska\tbSoft.dll [2010-10-18 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-11 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]
IEPluginBHO Class - C:\Documents and Settings\start\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF7C3CF0-4B15-11D1-ABED-709549C10000}]
GrabberObj Class - C:\PROGRA~1\SPEEDB~1\Toolbar\grabber.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]
{0329E7D6-6F54-462D-93F6-F5C3118BADF2} - SpeedBit Video Downloader - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll []
{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - Softonic-Polska Toolbar - C:\Program Files\Softonic-Polska\tbSoft.dll [2010-10-18 3908192]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-10-18 3908192]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-12-19 297648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"lxdemon.exe"=C:\Program Files\Lexmark 4800 Series\lxdemon.exe [2007-06-11 455600]
"lxdeamon"=C:\Program Files\Lexmark 4800 Series\lxdeamon.exe [2007-06-01 20480]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-11-29 185872]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-11 136600]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-03-17 61440]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-05-15 204800]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-07 16862208]
"QuickTime Task"=E:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
"snpstd"=C:\WINDOWS\vsnpstd.exe [2005-10-11 339968]
"wuaucldt"=c:\windows\system32\wuaucldt.exe [2011-03-16 32256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-11-19 68856]
"Gadu-Gadu 10"=C:\Program Files\Gadu-Gadu 10\gg.exe [2010-10-07 12661344]
"Google Update"=C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-03-11 136176]
"wjfrjCrTGl"=C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe [2011-03-15 573440]
"Adobe ARP"=C:\WINDOWS\system32\adobearp.exe [2011-03-16 37016]
"wuaucldt"=c:\documents and settings\start\wuaucldt.exe [2011-03-16 32256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-06-29 520024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater6]
C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe [2009-06-05 2521464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AQQ]
C:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe [2010-07-14 7654400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
C:\Program Files\DNA\btdna.exe [2009-10-07 323392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cFosSpeed]
C:\Program Files\cFosSpeed\cFosSpeed.exe [2010-05-31 801496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
C:\Program Files\GameSpy\Comrade\Comrade.exe [2007-06-29 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2007-06-11 316336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10]
C:\Program Files\Gadu-Gadu 10\gg.exe [2010-10-07 12661344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameTracker]
C:\Program Files\GameTracker\GTLite.exe [2009-02-26 2446688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-03-11 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
C:\Program Files\Internet Download Manager\IDMan.exe [2008-12-17 2745776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2001-08-17 44032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-03 208952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!]
C:\Program Files\ipla\ipla.exe [2010-09-17 17438712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-08-03 1667584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-03 59392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nowe Gadu-Gadu]
C:\Program Files\Nowe Gadu-Gadu\gg.exe [2009-05-28 10486376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
C:\Program Files\Winamp Remote\bin\OrbTray.exe [2008-04-01 507904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
E:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-01-26 15026056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd]
C:\WINDOWS\vsnpstd.exe [2005-10-11 339968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
C:\WINDOWS\vsnpstd3.exe [2005-01-14 339968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedBitVideoAccelerator]
C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe [2009-12-13 1590888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files\steam\steam.exe [2010-12-27 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^start^Menu Start^Programy^Autostart^hamachi.lnk]
C:\PROGRA~1\Hamachi\hamachi.exe [2010-09-10 624416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^start^Menu Start^Programy^Autostart^smgr34.exe]
C:\Documents and Settings\start\Menu Start\Programy\Autostart\smgr34.exe []

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
GamersFirst LIVE!.lnk - C:\Program Files\GamersFirst\LIVE!\Live.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-03-16 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\lxdecoms.exe"="C:\WINDOWS\system32\lxdecoms.exe:*:Enabled:Lexmark Communications System"
"C:\Program Files\Lexmark 4800 Series\lxdeamon.exe"="C:\Program Files\Lexmark 4800 Series\lxdeamon.exe:*:Enabled:Lexmark Device Monitor"
"C:\Program Files\Lexmark 4800 Series\frun.exe"="C:\Program Files\Lexmark 4800 Series\frun.exe:*:Enabled:Lexmark Productivity Studio"
"C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe"="C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe:*:Enabled:Fax software"
"C:\Program Files\Lexmark 4800 Series\lxdemon.exe"="C:\Program Files\Lexmark 4800 Series\lxdemon.exe:*:Enabled:Printer Device Monitor"
"C:\WINDOWS\system32\lxdecfg.exe"="C:\WINDOWS\system32\lxdecfg.exe:*:Enabled:Printer Communication System"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe:*:Enabled:Printer Status Window Interface"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe:*:Enabled:Lexmark Connect Time Executable"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe:*:Enabled:Job Status Window Interface"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\GameSpy\Comrade\Comrade.exe"="C:\Program Files\GameSpy\Comrade\Comrade.exe:*:Enabled:Comrade"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe:*:Enabled:Lexmark Web Gateway"
"D:\Program Files\Gpotato\Flyff\Flyff.exe"="D:\Program Files\Gpotato\Flyff\Flyff.exe:*:Enabled:Flyff"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"E:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe"="E:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"E:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe"="E:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\Nowe Gadu-Gadu\gg.exe"="C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu"
"D:\Program Files\Dragon Age\bin_ship\daorigins.exe"="D:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Początek Gra"
"D:\Program Files\Dragon Age\DAOriginsLauncher.exe"="D:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Początek Program startowy"
"D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe"="D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Początek Aktualizator"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"E:\Program Files\Far Cry 2\bin\FarCry2.exe"="E:\Program Files\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"E:\Program Files\Far Cry 2\bin\FC2Launcher.exe"="E:\Program Files\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"E:\Program Files\Far Cry 2\bin\FC2Editor.exe"="E:\Program Files\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe"="C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe"="C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"
"E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe"="C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm"
"C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe"="C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"E:\GW Movie Arts\Combat Arms EU\CombatArms.exe"="E:\GW Movie Arts\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"E:\GW Movie Arts\Combat Arms EU\Engine.exe"="E:\GW Movie Arts\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

======List of files/folders created in the last 1 months======

2011-03-16 20:34:22 ----A---- C:\ComboFix.txt
2011-03-16 20:31:06 ----A---- C:\WINDOWS\system32\drivers\wcscd.sys
2011-03-16 20:31:06 ----A---- C:\WINDOWS\system32\adobearp.exe
2011-03-16 20:30:46 ----A---- C:\WINDOWS\system32\wuaucldt.exe
2011-03-16 20:16:52 ----D---- C:\WINDOWS\temp
2011-03-16 20:08:54 ----D---- C:\Qoobox
2011-03-15 21:32:23 ----D---- C:\rsit
2011-03-15 21:32:23 ----D---- C:\Program Files\trend micro
2011-03-15 21:31:10 ----D---- C:\_OTL
2011-03-15 20:30:26 -------- C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe
2011-03-15 20:22:42 ----ASH---- C:\pagefile.sys
2011-03-15 10:48:35 ----A---- C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe
2011-03-13 22:57:42 ----D---- C:\Program Files\ESET
2011-03-13 20:23:23 ----D---- C:\videooutput
2011-03-13 20:23:21 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2011-03-13 20:23:21 ----A---- C:\WINDOWS\system32\xvidcore.dll
2011-03-13 20:23:21 ----A---- C:\WINDOWS\system32\NCMedia2.dll
2011-03-13 02:35:06 ----D---- C:\Program Files\Common Files\Skype
2011-02-24 21:46:37 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan
2011-02-24 21:46:37 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\McAfee
2011-02-24 21:46:36 ----D---- C:\Program Files\McAfee Security Scan
2011-02-24 21:46:31 ----D---- C:\Program Files\YouTube Downloader
2011-02-20 00:47:24 ----D---- C:\Program Files\Zeallsoft
2011-02-18 19:32:22 ----A---- C:\WINDOWS\system32\wmvdmoe.dll
2011-02-18 19:32:22 ----A---- C:\WINDOWS\system32\wmvcore2.dll
2011-02-18 19:32:22 ----A---- C:\WINDOWS\system32\wmv8dmoe.dll
2011-02-18 19:32:22 ----A---- C:\WINDOWS\system32\wmv8dmod.dll

======List of files/folders modified in the last 1 months======

2011-03-16 21:07:32 ----D---- C:\Program Files\Mozilla Firefox
2011-03-16 20:57:15 ----A---- C:\WINDOWS\ntbtlog.txt
2011-03-16 20:54:39 ----D---- C:\Program Files\cFosSpeed
2011-03-16 20:54:28 ----D---- C:\WINDOWS
2011-03-16 20:53:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-03-16 20:51:00 ----SD---- C:\WINDOWS\Tasks
2011-03-16 20:34:26 ----D---- C:\WINDOWS\system32\drivers
2011-03-16 20:32:07 ----D---- C:\WINDOWS\ERDNT
2011-03-16 20:31:06 ----D---- C:\WINDOWS\system32
2011-03-16 20:25:42 ----D---- C:\WINDOWS\system32\CatRoot2
2011-03-16 20:24:54 ----A---- C:\WINDOWS\system.ini
2011-03-16 20:24:19 ----D---- C:\WINDOWS\system32\drivers\etc
2011-03-16 20:24:15 ----D---- C:\WINDOWS\Prefetch
2011-03-16 20:17:07 ----D---- C:\WINDOWS\system32\config
2011-03-16 20:16:41 ----RD---- C:\Program Files
2011-03-16 20:16:26 ----SD---- C:\Documents and Settings\start\Dane aplikacji\Microsoft
2011-03-16 20:15:39 ----D---- C:\WINDOWS\AppPatch
2011-03-16 20:15:36 ----D---- C:\Program Files\Common Files
2011-03-16 19:55:17 ----SHD---- C:\WINDOWS\CSC
2011-03-15 05:47:07 ----HD---- C:\Documents and Settings\start\Dane aplikacji\Skype
2011-03-14 21:06:56 ----HD---- C:\Documents and Settings\start\Dane aplikacji\skypePM
2011-03-14 06:57:14 ----A---- C:\WINDOWS\cdplayer.ini
2011-03-13 23:37:07 ----D---- C:\Program Files\Native Instruments
2011-03-13 21:41:27 ----HD---- C:\Documents and Settings\start\Dane aplikacji\BitComet
2011-03-13 19:17:06 ----D---- C:\Downloads
2011-03-13 02:35:11 ----SHD---- C:\WINDOWS\Installer
2011-03-12 15:22:41 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-07 17:48:46 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
2011-03-06 18:03:49 ----A---- C:\WINDOWS\NeroDigital.ini
2011-02-21 20:42:11 ----HD---- C:\WINDOWS\inf
2011-02-18 19:32:47 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2009-05-24 64160]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-17 12032]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336]
R3 cFosSpeed;cFosSpeed Miniport; C:\WINDOWS\system32\DRIVERS\cfosspeed.sys [2010-05-31 1079000]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-09-10 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856]
R3 usbstor;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-05-14 9216]
S1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 40320]
S1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
S1 wceusbsh;Sterownik hosta szeregowego USB Windows CE; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2004-08-03 31872]
S2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-11-08 278984]
S2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-11-08 25416]
S2 regi;regi; \??\C:\WINDOWS\system32\drivers\regi.sys []
S2 Vcs;Vcs support; \??\C:\WINDOWS\system32\Drivers\Vcs.sys []
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-03-16 3597312]
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-11-14 84992]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-07 4739072]
S3 mirrorv3;mirrorv3; C:\WINDOWS\system32\DRIVERS\rminiv3.sys [2006-11-01 3328]
S3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 npkcrypt;npkcrypt; \??\E:\Program Files\Lineage\system\npkcrypt.sys []
S3 npkcusb;npkcusb; \??\E:\Program Files\Lineage\system\npkcusb.sys []
S3 NPPTNT2;NPPTNT2; \??\C:\WINDOWS\system32\npptNT2.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 snpstd;Trust Webcam 14823; C:\WINDOWS\system32\DRIVERS\snpstd.sys [2006-05-03 390784]
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2005-06-22 498432]
S3 SONYPVU1;Sterownik filtru USB Sony (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-08-24 697328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-06-29 1029456]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-03-16 602112]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-03-17 593920]
S2 cFosSpeedS;cFosSpeed System Service; C:\Program Files\cFosSpeed\spd.exe [2010-05-31 314584]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 GEST Service;GEST Service for program management.; C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2008-05-13 80392]
S2 GS In-Game Service;GS In-Game Service; C:\Program Files\GameTracker\GSInGameService.exe [2009-02-26 1547264]
S2 gupdate1c9b9f9cd8e90bc;Usługa Google Update (gupdate1c9b9f9cd8e90bc); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-10 133104]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-11 152984]
S2 lxde_device;lxde_device; C:\WINDOWS\system32\lxdecoms.exe [2007-05-29 598960]
S2 lxdeCATSCustConnectService;lxdeCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe [2007-05-29 99248]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2010-02-26 3623424]
S2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-07-27 75064]
S2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-11 193824]
S2 VideoAcceleratorService;VideoAcceleratorService; C:\PROGRA~1\SPEEDB~2\VideoAcceleratorService.exe [2009-12-13 300656]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
S3 aspnet_state;„Usługa stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 DAUpdaterSvc;Dragon Age: Początek - Aktualizator zawartości; D:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-05 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe [2010-09-02 227232]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2010-04-27 3547376]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe []
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336]
S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
[/log]

To był z RSIT, a tu OTL:

[log]OTL logfile created on: 2011-03-15 21:31:42 - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\start\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 75,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 1,44 Gb Free Space | 2,95% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 19,75 Gb Free Space | 20,23% Space Free | Partition Type: NTFS
Drive E: | 86,39 Gb Total Space | 29,35 Gb Free Space | 33,97% Space Free | Partition Type: NTFS
Drive F: | 597,94 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SUKINSYNA | User Name: start | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-03-15 20:56:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\start\Pulpit\OTL.exe
PRC - [2011-03-15 17:53:13 | 000,159,744 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe
PRC - [2011-03-14 20:13:32 | 000,172,032 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\dwm.exe
PRC - [2011-03-12 14:58:02 | 000,177,664 | -H-- | M] () -- C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe
PRC - [2010-04-02 01:39:57 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-06-29 15:26:55 | 000,520,024 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009-06-29 15:26:36 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009-02-09 11:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009-02-06 17:39:29 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2001-10-26 16:30:04 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-03-15 20:56:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\start\Pulpit\OTL.exe
MOD - [2010-04-16 16:37:04 | 000,625,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2010-04-16 16:37:04 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 09:48:08 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 16:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 15:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 11:22:08 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 11:22:06 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 14:01:37 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-10-15 18:00:47 | 000,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2008-07-03 14:16:27 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2004-08-03 23:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2004-08-03 23:44:14 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2004-08-03 23:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2004-08-03 23:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2004-08-03 23:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-03 23:44:02 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll
MOD - [2004-08-03 23:44:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2004-08-03 23:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2004-08-03 23:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2004-08-03 23:43:54 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2004-08-03 23:42:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2004-08-03 23:42:34 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- -- (ServiceLayer)
SRV - File not found [Auto | Stopped] -- -- (MyWebSearchService)
SRV - [2010-09-02 21:18:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe -- (McComponentHostService)
SRV - [2010-05-31 12:33:48 | 000,314,584 | R--- | M] (cFos Software GmbH) [Auto | Stopped] -- C:\Program Files\cFosSpeed\spd.exe -- (cFosSpeedS)
SRV - [2010-04-27 23:33:00 | 003,547,376 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2010-03-11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010-02-26 17:19:54 | 003,623,424 | ---- | M] (Native Instruments GmbH) [Auto | Stopped] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV - [2009-12-13 21:03:04 | 000,300,656 | ---- | M] (Speedbit Ltd.) [Auto | Stopped] -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2009-07-26 06:43:14 | 000,025,832 | -H-- | M] (BioWare) [On_Demand | Stopped] -- D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009-07-20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-06-29 15:26:36 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009-02-26 13:09:14 | 001,547,264 | ---- | M] (ClanServers Hosting LLC) [Auto | Stopped] -- C:\Program Files\GameTracker\GSInGameService.exe -- (GS In-Game Service)
SRV - [2008-05-13 17:07:24 | 000,080,392 | ---- | M] () [Auto | Stopped] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2007-05-29 14:07:58 | 000,598,960 | ---- | M] ( ) [Auto | Stopped] -- C:\WINDOWS\System32\lxdecoms.exe -- (lxde_device)
SRV - [2007-05-29 14:06:43 | 000,099,248 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe -- (lxdeCATSCustConnectService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-03-15 20:23:20 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010-09-10 18:54:14 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010-08-24 01:49:24 | 000,697,328 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010-05-31 12:33:56 | 001,079,000 | ---- | M] (cFos Software GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfosspeed.sys -- (cFosSpeed)
DRV - [2009-05-24 15:24:56 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009-03-16 22:33:02 | 003,597,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-02-09 07:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009-02-09 07:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009-02-09 07:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009-02-09 07:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008-11-08 10:44:31 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008-11-08 10:44:30 | 000,025,416 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-05-07 12:21:40 | 004,739,072 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-04-10 11:52:20 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2008-01-03 15:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-11-14 20:48:20 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2007-05-14 22:41:46 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2007-05-14 22:38:22 | 000,009,216 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2007-04-17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi)
DRV - [2006-11-01 04:01:56 | 000,003,328 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rminiv3.sys -- (mirrorv3)
DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006-05-03 14:40:42 | 000,390,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd.sys -- (snpstd)
DRV - [2005-08-30 17:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005-08-30 17:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005-08-30 17:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2005-06-22 16:09:56 | 000,498,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2003-09-19 14:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002-12-09 15:11:42 | 000,006,852 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Vcs.sys -- (Vcs)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fullarticles.net
IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - File not found
IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:59333

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 59333
FF - prefs.js..network.proxy.type: 1


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008-11-29 21:48:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-10-20 21:48:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin [2011-03-13 23:37:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-11-18 20:46:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-11-18 20:51:11 | 000,000,000 | ---D | M]

[2008-12-02 21:10:28 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Extensions
[2011-03-14 09:53:32 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions
[2009-09-25 18:26:19 | 000,000,000 | -H-D | M] (Winamp Toolbar) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009-09-02 15:10:53 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-06-19 20:01:50 | 000,000,000 | -H-D | M] (kikin plugin (JDownloader Edition)) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
[2010-08-24 20:46:59 | 000,000,000 | -H-D | M] (BitComet Video Downloader) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2010-08-24 20:46:59 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
[2010-12-01 22:30:41 | 000,000,000 | -H-D | M] (Softonic-Polska Community Toolbar) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}
[2009-11-16 12:23:28 | 000,000,000 | -H-D | M] (DownThemAll!) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010-05-06 19:55:10 | 000,000,000 | -H-D | M] (RadioBar Toolbar) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\radiobar@toolbar
[2010-03-09 21:29:41 | 000,000,000 | -H-D | M] (Zrzuta.eu) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\zrzuta.eu@gmail.com
[2010-10-19 20:29:36 | 000,000,933 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\searchplugins\conduit.xml
[2010-05-06 20:14:20 | 000,001,589 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\searchplugins\web-search.xml
[2011-03-14 09:53:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009-01-11 00:19:35 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009-10-20 21:48:05 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC
[2008-11-29 21:48:49 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD
[2010-02-21 11:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2009-01-19 22:23:28 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2009-07-22 16:31:34 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-03-30 11:42:24 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-03-30 11:42:24 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-03-30 11:42:24 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-03-30 11:42:24 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-03-30 11:42:24 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-08-25 18:57:04 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (SBCONVERT Class) - {31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B} - File not found
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - File not found
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - File not found
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - File not found
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\ShellBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - File not found
O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\ShellBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - Reg Error: Value error. File not found
O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - File not found
O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - Reg Error: Value error. File not found
O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [conhost] C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe ()
O4 - HKLM..\Run: [lxdeamon] C:\Program Files\Lexmark 4800 Series\lxdeamon.exe ()
O4 - HKLM..\Run: [lxdemon.exe] C:\Program Files\Lexmark 4800 Series\lxdemon.exe ()
O4 - HKLM..\Run: [Microsoft Driver Setup] C:\WINDOWS\microsoft.exe (Kxcesobjn Software)
O4 - HKLM..\Run: [My Web Search Bar] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NVIDIA driver monitor] c:\WINDOWS\nvsvc32.exe ()
O4 - HKLM..\Run: [Regedit32] File not found
O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)
O4 - HKLM..\Run: [wuaucldt] C:\WINDOWS\system32\wuaucldt.exe ()
O4 - HKU\.DEFAULT..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe (NetInternals)
O4 - HKU\S-1-5-18..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe (NetInternals)
O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [Adobe ARP] C:\WINDOWS\System32\adobearp.exe (Eltgk Software)
O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [Client Thailanddds] File not found
O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [Driver Updater] File not found
O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [Eraser] File not found
O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [Flwgwl] C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe (Laupd Software)
O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [JP595IR86O] File not found
O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [NVIDIA driver monitor] c:\WINDOWS\nvsvc32.exe ()
O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe (NetInternals)
O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [wuaucldt] c:\Documents and Settings\start\wuaucldt.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe (GamersFirst)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe (McAfee, Inc.)
F3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003 WinNT: Load - (C:\DOCUME~1\start\USTAWI~1\Temp\csrss.exe) - C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: Microsoft Driver Setup = C:\WINDOWS\microsoft.exe (Kxcesobjn Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8 - Extra context menu item: Pobierz wszystkie wideo za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - File not found
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-854245398-2077806209-725345543-1003 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-854245398-2077806209-725345543-1003 Winlogon: Shell - (C:\Documents and Settings\start\Dane aplikacji\dwm.exe) - C:\Documents and Settings\start\Dane aplikacji\dwm.exe ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-09-27 12:40:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001-10-26 18:12:38 | 000,000,112 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: SSHNAS - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^start^Menu Start^Programy^Autostart^hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe - (LogMeIn Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^start^Menu Start^Programy^Autostart^smgr34.exe - - File not found
MsConfig - StartUpReg: [b]Ad-Watch[/b] - hkey= - key= - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
MsConfig - StartUpReg: [b]AdobeUpdater6[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]AlcoholAutomount[/b] - hkey= - key= - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
MsConfig - StartUpReg: [b]AQQ[/b] - hkey= - key= - C:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.)
MsConfig - StartUpReg: [b]BitTorrent DNA[/b] - hkey= - key= - C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
MsConfig - StartUpReg: [b]cdoosoft[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]cFosSpeed[/b] - hkey= - key= - C:\Program Files\cFosSpeed\cfosspeed.exe (cFos Software GmbH)
MsConfig - StartUpReg: [b]Comrade.exe[/b] - hkey= - key= - C:\Program Files\GameSpy\Comrade\Comrade.exe (IGN Entertainment Inc.)
MsConfig - StartUpReg: [b]FaxCenterServer[/b] - hkey= - key= - C:\Program Files\Lexmark Fax Solutions\fm3032.exe ()
MsConfig - StartUpReg: [b]Gadu-Gadu 10[/b] - hkey= - key= - C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
MsConfig - StartUpReg: [b]GameTracker[/b] - hkey= - key= - C:\Program Files\GameTracker\GTLite.exe (ClanServers Hosting LLC)
MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: [b]IDMan[/b] - hkey= - key= - C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
MsConfig - StartUpReg: [b]IMEKRMIG6.1[/b] - hkey= - key= - C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]IMJPMIG8.1[/b] - hkey= - key= - C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
MsConfig - StartUpReg: [b]IPLA![/b] - hkey= - key= - C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.)
MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]MSPY2002[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]MyWebSearch Email Plugin[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Nowe Gadu-Gadu[/b] - hkey= - key= - C:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)
MsConfig - StartUpReg: [b]Orb[/b] - hkey= - key= - C:\Program Files\Winamp Remote\bin\OrbTray.exe (Orb Networks)
MsConfig - StartUpReg: [b]PC Suite Tray[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
MsConfig - StartUpReg: [b]PHIME2002A[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]PHIME2002ASync[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]PlayNC Launcher[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]PrzyspieszKomputer[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - E:\Program Files\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: [b]snpstd[/b] - hkey= - key= - C:\WINDOWS\vsnpstd.exe ()
MsConfig - StartUpReg: [b]snpstd3[/b] - hkey= - key= - C:\WINDOWS\vsnpstd3.exe (Sonix)
MsConfig - StartUpReg: [b]SpeedBitVideoAccelerator[/b] - hkey= - key= - C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe (Speedbit Ltd.)
MsConfig - StartUpReg: [b]Steam[/b] - hkey= - key= - c:\program files\steam\steam.exe (Valve Corporation)
MsConfig - StartUpReg: [b]Unogokiqo[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]VS Online[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]WinampAgent[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Wru[/b] - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-03-15 21:31:10 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-03-15 20:56:00 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\start\Pulpit\OTL.exe
[2011-03-15 20:46:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\start\Recent
[2011-03-15 20:45:27 | 000,032,904 | ---- | C] (Eltgk Software) -- C:\WINDOWS\System32\adobearp.exe
[2011-03-15 20:32:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\start\Menu Start\Programy\Windows Diagnostic
[2011-03-15 20:30:26 | 000,084,992 | ---- | C] (Laupd Software) -- C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe
[2011-03-15 10:48:35 | 000,573,440 | ---- | C] (NetInternals) -- C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe
[2011-03-13 22:57:42 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011-03-13 20:23:23 | 000,000,000 | ---D | C] -- C:\videooutput
[2011-03-13 20:23:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Freez software
[2011-03-13 20:21:06 | 004,130,372 | -H-- | C] (www.smallvideosoft.com ) -- C:\Documents and Settings\start\Pulpit\flvconverter.exe
[2011-03-13 20:12:16 | 009,909,254 | -H-- | C] (HOW Inc. ) -- C:\Documents and Settings\start\Pulpit\FreeYouTubeDownloaderSetup.exe
[2011-03-13 02:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011-03-11 18:09:29 | 000,060,416 | RHS- | C] (Kxcesobjn Software) -- C:\WINDOWS\microsoft.exe
[2011-03-09 06:30:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\start\Pulpit\The Rolling Stones
[2011-03-06 17:51:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\start\Pulpit\Hard Rock Backing Track in G or C 80 s Style _data
[2011-02-25 22:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\McAfee
[2011-02-25 22:21:27 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\McAfee Security Scan Plus
[2011-02-24 21:46:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan
[2011-02-24 21:46:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee
[2011-02-24 21:46:36 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2011-02-24 21:46:32 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\YouTube Downloader
[2011-02-24 21:46:31 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader
[2011-02-20 00:47:24 | 000,000,000 | ---D | C] -- C:\Program Files\Zeallsoft
[2011-02-20 00:46:55 | 003,409,741 | -H-- | C] (ZeallSoft, Inc. ) -- C:\Documents and Settings\start\Pulpit\mmsetup.exe
[2011-02-20 00:44:06 | 008,161,357 | -H-- | C] ( ) -- C:\Documents and Settings\start\Pulpit\peditorinst.exe
[2011-02-18 19:32:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Cool Edit Pro 2.0
[2011-01-16 01:39:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\gPotato.eu
[2011-01-15 22:16:41 | 000,389,120 | -H-- | C] (CDNetworks) -- C:\Documents and Settings\start\Pulpit\Rappelz_PL.exe
[2011-01-15 12:20:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\start\Dane aplikacji\PriceGong
[2010-05-17 20:22:30 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2010-05-17 20:22:30 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2010-05-17 20:22:30 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[2010-05-17 19:41:50 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2010-05-17 19:41:50 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2010-05-17 19:41:50 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2008-09-29 19:42:23 | 001,200,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeserv.dll
[2008-09-29 19:42:23 | 000,950,272 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeusb1.dll
[2008-09-29 19:42:23 | 000,434,176 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdehcp.dll
[2008-09-29 19:42:23 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeinpa.dll
[2008-09-29 19:42:23 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeiesc.dll
[2008-09-29 19:42:22 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdepmui.dll
[2008-09-29 19:42:22 | 000,565,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdelmpm.dll
[2008-09-29 19:42:22 | 000,320,432 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeih.exe
[2008-09-29 19:42:22 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeprox.dll
[2008-09-29 19:42:21 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdehbn3.dll
[2008-09-29 19:42:21 | 000,598,960 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdecoms.exe
[2008-09-29 19:42:20 | 000,860,160 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdecomc.dll
[2008-09-29 19:42:20 | 000,365,488 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdecfg.exe
[2008-09-29 19:42:20 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdecomm.dll
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Documents and Settings\start\Moje dokumenty\*.tmp files -> C:\Documents and Settings\start\Moje dokumenty\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-03-15 21:32:11 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\start\Pulpit\RSIT.exe
[2011-03-15 21:18:30 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-03-15 20:56:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\start\Pulpit\OTL.exe
[2011-03-15 20:52:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-03-15 20:45:22 | 000,032,904 | ---- | M] (Eltgk Software) -- C:\WINDOWS\System32\adobearp.exe
[2011-03-15 20:42:45 | 002,396,960 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\ComboFix.exe
[2011-03-15 20:40:00 | 000,000,246 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2011-03-15 20:34:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-03-15 20:32:50 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\~16113460r
[2011-03-15 20:32:50 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\~16113460
[2011-03-15 20:32:36 | 000,000,807 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Windows Diagnostic.lnk
[2011-03-15 20:32:32 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\16113460
[2011-03-15 20:32:30 | 000,524,800 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\16113460.exe
[2011-03-15 20:30:14 | 000,084,992 | ---- | M] (Laupd Software) -- C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe
[2011-03-15 20:23:37 | 000,003,968 | RHS- | M] () -- C:\WINDOWS\wibrf.jpg
[2011-03-15 20:23:37 | 000,003,416 | RHS- | M] () -- C:\WINDOWS\wiybr.png
[2011-03-15 20:23:27 | 000,573,440 | ---- | M] (NetInternals) -- C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe
[2011-03-15 20:23:00 | 000,173,776 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2011-03-15 20:22:57 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-03-15 20:22:56 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011-03-15 20:22:56 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2011-03-15 20:22:55 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
[2011-03-15 20:22:54 | 000,000,310 | -HS- | M] () -- C:\WINDOWS\tasks\yyki.job
[2011-03-15 20:22:54 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011-03-15 20:22:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-03-15 19:40:31 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\~13492020
[2011-03-15 19:40:16 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\13492020
[2011-03-15 19:40:15 | 000,524,800 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\13492020.exe
[2011-03-15 18:51:00 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003UA.job
[2011-03-15 17:52:55 | 000,010,698 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\3AA2.398
[2011-03-15 13:51:00 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003Core.job
[2011-03-14 20:13:32 | 000,172,032 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\dwm.exe
[2011-03-14 20:08:45 | 000,140,288 | -H-- | M] () -- C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-03-14 17:42:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011-03-14 16:25:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011-03-14 06:57:14 | 000,015,468 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2011-03-14 06:57:09 | 004,832,193 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Led Zeppelin - Stairway To Heaven - Earls Court - 1975 - HQ.mp3
[2011-03-14 06:57:08 | 002,224,079 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\The Beatles - Help.mp3
[2011-03-14 06:57:08 | 001,229,095 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\The Beatles - Twist n Shout .mp3
[2011-03-13 22:48:09 | 000,060,416 | RHS- | M] (Kxcesobjn Software) -- C:\WINDOWS\microsoft.exe
[2011-03-13 21:56:28 | 000,000,152 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Nowy Dokument sformatowany (2).rtf
[2011-03-13 20:23:21 | 000,000,691 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Freez FLV to AVI MPEG WMV Converter.lnk
[2011-03-13 20:23:04 | 004,130,372 | -H-- | M] (www.smallvideosoft.com ) -- C:\Documents and Settings\start\Pulpit\flvconverter.exe
[2011-03-13 20:19:10 | 010,980,832 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\FCTBSetup.exe
[2011-03-13 20:14:17 | 009,909,254 | -H-- | M] (HOW Inc. ) -- C:\Documents and Settings\start\Pulpit\FreeYouTubeDownloaderSetup.exe
[2011-03-13 11:30:51 | 008,273,459 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\for some fun.mp3
[2011-03-13 10:30:46 | 000,069,714 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\200068_190066684363950_100000818586203_422679_7839411_n.jpg
[2011-03-12 15:58:24 | 000,030,560 | ---- | M] () -- C:\WINDOWS\System32\drivers\wcscd.sys
[2011-03-12 15:58:02 | 000,032,256 | -H-- | M] () -- C:\Documents and Settings\start\wuaucldt.exe
[2011-03-12 15:58:02 | 000,032,256 | ---- | M] () -- C:\WINDOWS\System32\wuaucldt.exe
[2011-03-11 18:42:31 | 000,098,201 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\31879_124901487544718_100000746024542_169127_7635718_n.jpg
[2011-03-10 18:13:13 | 000,048,166 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\185694_1838581054885_1551282075_31946113_8377303_n.jpg
[2011-03-07 17:50:13 | 000,000,807 | -H-- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GamersFirst LIVE!.lnk
[2011-03-07 17:50:13 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\GamersFirst LIVE!.lnk
[2011-03-07 17:48:56 | 019,230,558 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\MOV08115.MPG
[2011-03-06 18:40:22 | 174,795,761 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\MOV08112.MPG
[2011-03-06 18:08:46 | 028,865,883 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Bez tytułu_0002.wmv
[2011-03-06 18:03:49 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011-03-06 17:51:03 | 000,065,794 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Hard Rock Backing Track in G or C 80 s Style .aup
[2011-03-03 09:20:20 | 000,002,384 | ---- | M] () -- C:\WINDOWS\ndl.dl
[2011-02-28 20:53:19 | 000,070,358 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\gretsch_countryclassicSPg_007.jpg
[2011-02-26 02:15:39 | 002,972,193 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Johny.mp3
[2011-02-26 00:58:20 | 061,666,604 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\waw2.wav
[2011-02-26 00:42:21 | 096,454,700 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\shot.wav
[2011-02-25 22:21:28 | 000,001,801 | -H-- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk
[2011-02-25 21:53:04 | 005,282,168 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\rock n roll blues.mp3
[2011-02-24 21:46:32 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\YouTube Downloader.lnk
[2011-02-24 21:46:04 | 004,698,191 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\YouTubeDownloaderSetup27_[www.programosy.pl].exe
[2011-02-21 22:55:02 | 004,112,020 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\angie.mp3
[2011-02-21 22:48:57 | 074,502,956 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\an.wav
[2011-02-20 18:39:15 | 020,596,321 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Bez tytułu_0001.wmv
[2011-02-20 18:27:05 | 005,112,520 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\AC DC - Shoot to Thrill2.mp3
[2011-02-20 18:22:46 | 121,186,073 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\MOV08096.MPG
[2011-02-20 12:26:13 | 004,657,869 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\sin city2.mp3
[2011-02-20 12:19:17 | 084,186,284 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\sin.wav
[2011-02-20 12:03:12 | 004,661,124 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\sin city.mp3
[2011-02-20 00:53:10 | 000,009,442 | -H-- | M] () -- C:\Documents and Settings\start\Moje dokumenty\skanuj0001.jpg
[2011-02-20 00:47:25 | 000,000,961 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\ZeallSoft Products.lnk
[2011-02-20 00:47:25 | 000,000,893 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Magic Mirror.lnk
[2011-02-20 00:47:18 | 003,409,741 | -H-- | M] (ZeallSoft, Inc. ) -- C:\Documents and Settings\start\Pulpit\mmsetup.exe
[2011-02-20 00:44:06 | 008,161,357 | -H-- | M] ( ) -- C:\Documents and Settings\start\Pulpit\peditorinst.exe
[2011-02-19 16:50:00 | 000,984,003 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\wwwwwa11.mp3
[2011-02-18 21:10:30 | 000,988,499 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\podklad123.mp3
[2011-02-18 19:32:23 | 000,156,910 | ---- | M] () -- C:\WINDOWS\WMSysPr8.prx
[2011-02-18 19:32:21 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Cool Edit Pro 2.0.lnk
[2011-02-18 18:56:48 | 002,320,812 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\podklad.mp3
[2011-02-16 22:51:55 | 000,002,281 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\2152.rtf
[2011-02-15 00:28:05 | 005,795,550 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\smoke on the water (2)12.mp3
[2011-01-17 21:12:27 | 000,000,753 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Skrót do teeworlds.lnk
[2011-01-16 01:39:40 | 000,000,672 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Rappelz.lnk
[2011-01-15 22:16:44 | 000,389,120 | -H-- | M] (CDNetworks) -- C:\Documents and Settings\start\Pulpit\Rappelz_PL.exe
[2011-01-15 12:22:40 | 000,581,058 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-01-15 12:22:40 | 000,516,814 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-01-15 12:22:40 | 000,118,932 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-01-15 12:22:40 | 000,094,524 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-01-15 12:21:06 | 000,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Documents and Settings\start\Moje dokumenty\*.tmp files -> C:\Documents and Settings\start\Moje dokumenty\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-03-15 21:32:09 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\start\Pulpit\RSIT.exe
[2011-03-15 20:41:00 | 002,396,960 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\ComboFix.exe
[2011-03-15 20:32:50 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~16113460r
[2011-03-15 20:32:50 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~16113460
[2011-03-15 20:32:36 | 000,000,807 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Windows Diagnostic.lnk
[2011-03-15 20:32:32 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\16113460
[2011-03-15 20:32:30 | 000,524,800 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\16113460.exe
[2011-03-15 19:40:31 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~13492020
[2011-03-15 19:40:16 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\13492020
[2011-03-15 19:40:15 | 000,524,800 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\13492020.exe
[2011-03-14 06:51:05 | 004,832,193 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Led Zeppelin - Stairway To Heaven - Earls Court - 1975 - HQ.mp3
[2011-03-13 21:56:24 | 000,000,152 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Nowy Dokument sformatowany (2).rtf
[2011-03-13 20:23:21 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll
[2011-03-13 20:23:21 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-03-13 20:23:21 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-03-13 20:23:21 | 000,000,691 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Freez FLV to AVI MPEG WMV Converter.lnk
[2011-03-13 20:13:38 | 010,980,832 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\FCTBSetup.exe
[2011-03-13 13:52:03 | 002,224,079 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\The Beatles - Help.mp3
[2011-03-13 13:46:46 | 001,229,095 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\The Beatles - Twist n Shout .mp3
[2011-03-13 11:28:00 | 008,273,459 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\for some fun.mp3
[2011-03-13 10:30:46 | 000,069,714 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\200068_190066684363950_100000818586203_422679_7839411_n.jpg
[2011-03-12 15:58:24 | 000,030,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\wcscd.sys
[2011-03-12 15:58:02 | 000,032,256 | -H-- | C] () -- C:\Documents and Settings\start\wuaucldt.exe
[2011-03-12 15:58:02 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\wuaucldt.exe
[2011-03-12 14:57:35 | 000,172,032 | -H-- | C] () -- C:\Documents and Settings\start\Dane aplikacji\dwm.exe
[2011-03-12 14:57:07 | 000,010,698 | -H-- | C] () -- C:\Documents and Settings\start\Dane aplikacji\3AA2.398
[2011-03-11 18:42:30 | 000,098,201 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\31879_124901487544718_100000746024542_169127_7635718_n.jpg
[2011-03-10 18:13:12 | 000,048,166 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\185694_1838581054885_1551282075_31946113_8377303_n.jpg
[2011-03-07 18:59:29 | 019,230,558 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\MOV08115.MPG
[2011-03-07 17:50:13 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\GamersFirst LIVE!.lnk
[2011-03-06 18:04:12 | 028,865,883 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Bez tytułu_0002.wmv
[2011-03-06 17:51:03 | 000,065,794 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Hard Rock Backing Track in G or C 80 s Style .aup
[2011-03-06 17:50:55 | 174,795,761 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\MOV08112.MPG
[2011-03-03 09:20:20 | 000,003,968 | RHS- | C] () -- C:\WINDOWS\wibrf.jpg
[2011-03-03 09:20:20 | 000,003,416 | RHS- | C] () -- C:\WINDOWS\wiybr.png
[2011-03-03 09:20:20 | 000,002,384 | ---- | C] () -- C:\WINDOWS\ndl.dl
[2011-02-28 20:53:19 | 000,070,358 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\gretsch_countryclassicSPg_007.jpg
[2011-02-26 01:50:57 | 002,972,193 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Johny.mp3
[2011-02-26 00:58:57 | 061,666,604 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\waw2.wav
[2011-02-25 21:51:12 | 005,282,168 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\rock n roll blues.mp3
[2011-02-24 21:46:36 | 000,001,801 | -H-- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk
[2011-02-24 21:46:32 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\YouTube Downloader.lnk
[2011-02-24 21:44:46 | 004,698,191 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\YouTubeDownloaderSetup27_[www.programosy.pl].exe
[2011-02-21 22:49:02 | 074,502,956 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\an.wav
[2011-02-21 22:20:26 | 004,112,020 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\angie.mp3
[2011-02-20 18:36:04 | 020,596,321 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Bez tytułu_0001.wmv
[2011-02-20 18:26:51 | 005,112,520 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\AC DC - Shoot to Thrill2.mp3
[2011-02-20 17:48:19 | 096,454,700 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\shot.wav
[2011-02-20 17:29:08 | 121,186,073 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\MOV08096.MPG
[2011-02-20 12:25:46 | 004,657,869 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\sin city2.mp3
[2011-02-20 12:19:26 | 084,186,284 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\sin.wav
[2011-02-20 12:03:11 | 004,661,124 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\sin city.mp3
[2011-02-20 00:47:25 | 000,000,961 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\ZeallSoft Products.lnk
[2011-02-20 00:47:25 | 000,000,893 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Magic Mirror.lnk
[2011-02-19 16:49:52 | 000,984,003 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\wwwwwa11.mp3
[2011-02-18 21:10:26 | 000,988,499 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\podklad123.mp3
[2011-02-18 19:32:23 | 000,156,910 | ---- | C] () -- C:\WINDOWS\WMSysPr8.prx
[2011-02-18 19:32:21 | 000,000,576 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Cool Edit Pro 2.0.lnk
[2011-02-18 18:55:48 | 002,320,812 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\podklad.mp3
[2011-02-16 22:51:55 | 000,002,281 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\2152.rtf
[2011-02-15 00:27:30 | 005,795,550 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\smoke on the water (2)12.mp3
[2011-01-17 21:12:27 | 000,000,753 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Skrót do teeworlds.lnk
[2011-01-16 01:39:40 | 000,000,672 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Rappelz.lnk
[2011-01-15 23:24:45 | 000,128,880 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\DSC00001.jpg
[2011-01-09 15:48:34 | 000,074,240 | RHS- | C] () -- C:\WINDOWS\nvsvc32.exe
[2010-12-04 20:19:43 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll
[2010-12-03 12:04:21 | 000,115,712 | RHS- | C] () -- C:\WINDOWS\System32\wship6C.dll
[2010-11-18 21:39:53 | 000,626,688 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2010-11-18 21:05:11 | 000,000,193 | ---- | C] () -- C:\WINDOWS\dvdtoaviconverter.ini
[2010-11-18 20:58:59 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\SysDVDtoavi.dat
[2010-11-18 20:58:56 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010-11-18 20:58:56 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\advd.dll
[2010-11-18 20:58:56 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\auth.dll
[2010-11-18 20:52:09 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys
[2010-11-18 20:52:09 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\2ABE404A5B.sys
[2010-09-21 14:42:55 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-08-26 23:36:01 | 000,000,236 | ---- | C] () -- C:\Program Files\Common Files\dx.reg
[2010-08-26 23:36:00 | 000,874,502 | ---- | C] () -- C:\WINDOWS\System32\kernel32new.dll
[2010-08-26 23:36:00 | 000,681,478 | ---- | C] () -- C:\WINDOWS\System32\msvcrtnew.dll
[2010-08-26 23:36:00 | 000,187,398 | ---- | C] () -- C:\WINDOWS\System32\d3d10core.dll
[2010-08-26 23:35:59 | 001,029,126 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll
[2010-08-26 23:35:59 | 000,716,153 | ---- | C] () -- C:\WINDOWS\System32\unins000.exe
[2010-08-26 23:35:59 | 000,002,917 | ---- | C] () -- C:\WINDOWS\System32\unins000.dat
[2010-08-26 22:31:02 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010-08-25 17:48:07 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-08-25 17:48:07 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010-08-25 17:48:07 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010-08-25 17:48:07 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-08-25 17:48:07 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010-08-12 20:41:34 | 000,492,688 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-08-02 13:03:03 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010-07-31 10:29:02 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-07-26 10:34:34 | 000,175,616 | ---- | C] () -- C:\WINDOWS\Kneqoa.exe
[2010-05-18 14:23:24 | 000,004,940 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\mtbjfghn.xbe
[2010-05-17 20:22:33 | 000,339,968 | ---- | C] () -- C:\WINDOWS\vsnpstd.exe
[2010-05-17 20:22:33 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2010-05-17 20:22:31 | 000,390,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2010-05-17 20:22:30 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnpstd.exe
[2010-05-17 19:41:51 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2010-05-17 19:41:50 | 000,498,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd3.sys
[2010-05-17 19:41:50 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnpstd3.exe
[2009-12-20 22:01:34 | 000,000,080 | ---- | C] () -- C:\WINDOWS\msocreg32.dat
[2009-12-02 18:35:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2009-11-17 10:39:30 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009-09-27 16:50:38 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-08-10 17:28:22 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\Sx5363.ini
[2009-07-26 22:14:16 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009-06-18 18:43:43 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2009-06-18 18:43:43 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2009-05-24 15:30:46 | 000,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009-04-08 12:15:38 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-04-08 12:15:29 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009-04-08 12:15:24 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009-04-05 19:44:22 | 000,001,824 | ---- | C] () -- C:\WINDOWS\TSearch.INI
[2009-04-05 15:12:48 | 000,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc(2).exe
[2009-03-27 16:10:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt
[2009-03-27 16:08:42 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009-03-06 14:13:25 | 000,000,032 | ---- | C] () -- C:\WINDOWS\system87sG.dat
[2009-02-11 01:13:00 | 000,042,320 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009-02-02 20:59:56 | 000,000,030 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2009-01-27 20:49:21 | 000,006,852 | ---- | C] () -- C:\WINDOWS\System32\drivers\Vcs.sys
[2009-01-18 19:55:14 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008-12-02 20:24:22 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\rtl4.dat
[2008-11-29 22:26:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008-11-29 22:26:15 | 000,015,468 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008-11-10 23:06:41 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2008-11-10 20:41:12 | 000,000,130 | -H-- | C] () -- C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2008-11-08 11:03:24 | 000,669,184 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2008-11-08 10:44:31 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008-11-08 10:44:30 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008-10-16 11:08:31 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-09-30 15:28:32 | 000,140,288 | -H-- | C] () -- C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-09-29 19:44:57 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdecoin.dll
[2008-09-29 19:44:57 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdevs.dll
[2008-09-29 19:44:26 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxdedrs.dll
[2008-09-29 19:44:26 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxdecaps.dll
[2008-09-29 19:44:25 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdecnv4.dll
[2008-09-29 19:44:05 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMON.DLL
[2008-09-29 19:44:05 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxf3oem.dll
[2008-09-29 19:44:05 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXF3FXPU.DLL
[2008-09-29 19:44:05 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMRC.DLL
[2008-09-29 19:42:36 | 000,000,060 | -H-- | C] () -- C:\WINDOWS\System32\lxderwrd.ini
[2008-09-29 19:42:24 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdeinst.dll
[2008-09-29 19:42:21 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdegrd.dll
[2008-09-29 08:04:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008-09-29 07:59:09 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2008-09-29 07:59:04 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008-09-29 07:59:03 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008-09-29 07:59:02 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008-09-29 07:59:02 | 000,184,394 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008-09-27 14:29:03 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008-09-27 14:26:27 | 000,204,120 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008-09-27 12:54:29 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008-09-27 12:41:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008-09-27 12:38:16 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007-08-21 22:51:16 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2007-08-21 20:36:12 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2005-02-24 11:29:14 | 000,162,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PFC027.sys
[2005-01-25 14:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL
[2004-11-22 12:48:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\98Setup.exe
[2004-08-03 23:56:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004-08-02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-07-17 10:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004-03-17 18:15:00 | 000,000,118 | ---- | C] () -- C:\WINDOWS\smp32.dll
[2002-09-17 23:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
[2001-10-26 15:15:16 | 000,581,058 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 15:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 15:15:16 | 000,118,932 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 15:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-10-26 14:45:34 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\NSREG.DLL
[2001-08-23 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-17 20:30:24 | 000,516,814 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-17 20:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-17 20:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-17 20:30:22 | 000,094,524 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-17 20:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-21 21:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-21 21:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-21 21:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[color=#E56717]========== LOP Check ==========[/color]

[2009-09-13 16:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AA3DeployClient
[2010-06-02 17:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2009-12-24 22:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BioWare
[2010-05-06 18:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Celemony Software GmbH
[2010-05-06 12:08:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EarMaster
[2008-11-10 21:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-09-01 13:21:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2009-12-20 21:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IK Multimedia
[2009-10-20 21:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2010-09-21 14:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-07-30 09:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LxThumbs
[2010-07-26 10:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Native Instruments
[2010-05-27 06:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NCH Swift Sound
[2009-08-23 07:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2009-01-20 20:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks
[2009-10-20 22:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2011-03-07 17:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2010-12-12 21:38:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Psicraft
[2010-02-18 20:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony
[2009-07-26 23:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2008-11-30 10:55:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Wru
[2010-12-02 23:35:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{20EFD19B-675C-417B-A498-B0161D72FF88}
[2010-12-03 17:50:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{4F32CAF7-963B-404D-BF13-C48BA3F5F6A7}
[2009-05-24 15:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{83C91755-2546-441D-AC40-9A6B4B860800}
[2010-12-03 17:49:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{AC46DC4F-66BD-4733-A8B4-0B69418C12D0}
[2010-12-02 23:33:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{B5F0C192-874D-49A8-88D7-8431E3714756}
[2010-12-03 17:52:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D69A48BF-7653-4AA8-94BC-5847522A4573}
[2010-12-03 17:48:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{EC98E512-708C-4C3B-9F07-B58768C1DD8A}
[2011-03-15 20:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\GameTracker
[2010-12-30 15:01:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\AnvSoft
[2010-11-30 21:03:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\avidemux
[2011-03-13 21:41:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\BitComet
[2008-11-30 20:59:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\BitTorrent
[2010-10-13 17:45:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\DMCache
[2010-10-17 11:16:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\DNA
[2008-11-12 21:04:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Gadu-Gadu
[2010-09-01 13:21:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Gadu-Gadu 10
[2009-11-17 04:04:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\GetRightToGo
[2009-12-12 22:58:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\gtk-2.0
[2010-06-20 12:51:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\kikin
[2008-11-20 19:21:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Lexmark Productivity Studio
[2010-01-05 20:38:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Line 6
[2009-10-31 14:54:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Nokia
[2009-09-04 19:38:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Nowe Gadu-Gadu
[2010-12-14 18:10:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\OpenCandy
[2009-10-20 22:03:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\PC Suite
[2011-01-22 00:37:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\PriceGong
[2009-07-26 23:19:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Publish Providers
[2009-10-04 18:02:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\REAPER
[2009-04-11 09:35:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Red Kawa
[2009-03-27 16:12:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Samsung
[2009-07-26 23:18:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Sony
[2009-07-26 22:50:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Sony Setup
[2011-01-17 21:12:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Teeworlds
[2011-03-14 16:25:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010-06-15 20:03:56 | 000,000,298 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnDowngrade.job
[2010-06-01 20:07:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnSevenDaysInit.job
[2010-06-15 20:03:56 | 000,000,298 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnShakeIcon.job
[2010-05-30 07:34:00 | 000,000,294 | ---- | M] () -- C:\WINDOWS\Tasks\expressripShakeIcon.job
[2011-03-15 20:22:56 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
[2011-03-15 20:22:54 | 000,000,310 | -HS- | M] () -- C:\WINDOWS\Tasks\yyki.job
[2011-03-15 20:22:56 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011-03-15 20:40:00 | 000,000,246 | -H-- | M] () -- C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2011-03-15 20:22:55 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
[2011-03-15 20:22:54 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-03-15 20:52:20 | 000,000,220 | ---- | M] () -- C:\aaw7boot.log
[2008-09-27 12:40:24 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-10-17 11:19:51 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2001-07-21 21:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2008-09-27 12:40:24 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008-09-27 12:40:24 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008-09-27 12:40:24 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004-08-03 21:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr
[2011-03-15 20:52:26 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\agp440.sys
[2004-08-03 22:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004-08-03 22:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\cdrom.sys
[2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\ndis.sys
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\winlogon.exe

< End of report >
[/log]

I jeszcze Extras ;
[log]OTL Extras logfile created on: 2011-03-15 21:31:42 - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\start\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 75,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 1,44 Gb Free Space | 2,95% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 19,75 Gb Free Space | 20,23% Space Free | Partition Type: NTFS
Drive E: | 86,39 Gb Total Space | 29,35 Gb Free Space | 33,97% Space Free | Partition Type: NTFS
Drive F: | 597,94 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SUKINSYNA | User Name: start | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"57987:TCP" = 57987:TCP:*:Enabled:Pando Media Booster
"57987:UDP" = 57987:UDP:*:Enabled:Pando Media Booster
"57683:TCP" = 57683:TCP:*:Enabled:Pando Media Booster
"57683:UDP" = 57683:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"56795:TCP" = 56795:TCP:*:Enabled:Pando Media Booster
"56795:UDP" = 56795:UDP:*:Enabled:Pando Media Booster
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"20490:TCP" = 20490:TCP:*:Enabled:BitComet 20490 TCP
"20490:UDP" = 20490:UDP:*:Enabled:BitComet 20490 UDP
"25828:TCP" = 25828:TCP:*:Enabled:BitComet 25828 TCP
"25828:UDP" = 25828:UDP:*:Enabled:BitComet 25828 UDP
"57987:TCP" = 57987:TCP:*:Enabled:Pando Media Booster
"57987:UDP" = 57987:UDP:*:Enabled:Pando Media Booster
"7517:TCP" = 7517:TCP:*:Enabled:BitComet 7517 TCP
"7517:UDP" = 7517:UDP:*:Enabled:BitComet 7517 UDP
"27416:TCP" = 27416:TCP:*:Enabled:BitComet 27416 TCP
"27416:UDP" = 27416:UDP:*:Enabled:BitComet 27416 UDP
"57683:TCP" = 57683:TCP:*:Enabled:Pando Media Booster
"57683:UDP" = 57683:UDP:*:Enabled:Pando Media Booster
"7473:TCP" = 7473:TCP:*:Enabled:BitComet 7473 TCP
"7473:UDP" = 7473:UDP:*:Enabled:BitComet 7473 UDP

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"E:\GW Movie Arts\Combat Arms EU\CombatArms.exe" = E:\GW Movie Arts\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"E:\GW Movie Arts\Combat Arms EU\Engine.exe" = E:\GW Movie Arts\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\lxdecoms.exe" = C:\WINDOWS\system32\lxdecoms.exe:*:Enabled:Lexmark Communications System -- ( )
"C:\Program Files\Lexmark 4800 Series\lxdeamon.exe" = C:\Program Files\Lexmark 4800 Series\lxdeamon.exe:*:Enabled:Lexmark Device Monitor -- ()
"C:\Program Files\Lexmark 4800 Series\frun.exe" = C:\Program Files\Lexmark 4800 Series\frun.exe:*:Enabled:Lexmark Productivity Studio -- ()
"C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe" = C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader
"C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe" = C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe:*:Enabled:Fax software -- ()
"C:\Program Files\Lexmark 4800 Series\lxdemon.exe" = C:\Program Files\Lexmark 4800 Series\lxdemon.exe:*:Enabled:Printer Device Monitor -- ()
"C:\Documents and Settings\start\Ustawienia lokalne\Temp\lxde\wireless\POLISH\lxdewpss.exe" = C:\Documents and Settings\start\Ustawienia lokalne\Temp\lxde\wireless\POLISH\lxdewpss.exe:*:Enabled:
"C:\WINDOWS\system32\lxdecfg.exe" = C:\WINDOWS\system32\lxdecfg.exe:*:Enabled:Printer Communication System -- ( )
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe:*:Enabled:Printer Status Window Interface -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe:*:Enabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.)
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe:*:Enabled:Job Status Window Interface -- ()
"C:\Program Files\GameSpy\Comrade\Comrade.exe" = C:\Program Files\GameSpy\Comrade\Comrade.exe:*:Enabled:Comrade -- (IGN Entertainment Inc.)
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe:*:Enabled:Lexmark Web Gateway -- ()
"C:\Program Files\Xfire\xfire.exe" = C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
"D:\Program Files\Gpotato\Flyff\Flyff.exe" = D:\Program Files\Gpotato\Flyff\Flyff.exe:*:Enabled:Flyff -- ()
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- (Orb Networks, Inc.)
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- (Orb Networks)
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- (Orb Networks)
"E:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe" = E:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)
"E:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe" = E:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"E:\Program Files\Cyanide\GameCenter\GameCenter.exe" = E:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter
"E:\Program Files\Cyanide\Loki\Loki.exe" = E:\Program Files\Cyanide\Loki\Loki.exe:*:Enabled:Loki
"E:\Program Files\Cyanide\Loki\Autorun\Autorun.exe" = E:\Program Files\Cyanide\Loki\Autorun\Autorun.exe:*:Enabled:Loki - AutoRun
"C:\Program Files\Gameforge4D\AirRivals_EN\Launcher.atm" = C:\Program Files\Gameforge4D\AirRivals_EN\Launcher.atm:Enabled:GameExe2
"C:\Program Files\Gameforge4D\AirRivals_EN\Res-Voip\SCVoIP.exe" = C:\Program Files\Gameforge4D\AirRivals_EN\Res-Voip\SCVoIP.exe:Enabled:GameVoIP
"C:\Nexon\Combat Arms EU\NMService.exe" = C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core
"E:\GW Movie Arts\Combat Arms EU\CombatArms.exe" = E:\GW Movie Arts\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"E:\GW Movie Arts\Combat Arms EU\Engine.exe" = E:\GW Movie Arts\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"E:\GW Movie Arts\Combat Arms EU\NMService.exe" = E:\GW Movie Arts\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- (www.BitComet.com)
"C:\Program Files\Techland\Call of Juarez - Wiezy Krwi\CoJBiBGame_x86.exe" = C:\Program Files\Techland\Call of Juarez - Wiezy Krwi\CoJBiBGame_x86.exe:*:Enabled:Call of Juarez - Więzy Krwi
"E:\Program Files\Steam\SteamApps\common\dragon age orgins character creator\DAOriginsLauncher.exe" = E:\Program Files\Steam\SteamApps\common\dragon age orgins character creator\DAOriginsLauncher.exe:*:Enabled:Dragon Age: Origins - Character Creator
"C:\Program Files\Nowe Gadu-Gadu\gg.exe" = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu -- (GG Network S.A.)
"D:\Program Files\Dragon Age\bin_ship\daorigins.exe" = D:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Początek Gra -- (BioWare)
"D:\Program Files\Dragon Age\DAOriginsLauncher.exe" = D:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Początek Program startowy -- (BioWare)
"D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe" = D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Początek Aktualizator -- (BioWare)
"C:\Program Files\WarRock\WRLauncher.exe" = C:\Program Files\WarRock\WRLauncher.exe:*:Enabled:War Rock
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"E:\Program Files\Far Cry 2\bin\FarCry2.exe" = E:\Program Files\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2 -- (Ubisoft Entertainment)
"E:\Program Files\Far Cry 2\bin\FC2Launcher.exe" = E:\Program Files\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater -- (Ubisoft)
"E:\Program Files\Far Cry 2\bin\FC2Editor.exe" = E:\Program Files\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor -- (Ubisoft Entertainment)
"E:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe" = E:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer
"E:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe" = E:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2 -- ()
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer -- ()
"E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe" = E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32 -- (Crytek GmbH)
"E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe" = E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32 -- (Crytek GmbH)
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe" = C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm -- ()
"C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe" = C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server -- ()
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Documents and Settings\start\Pulpit\facebook-pic000163927.exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor -- ()
"C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_87772.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_87772.exe:*:C:\WINDOWS\microsoft.exe
"C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_07673.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_07673.exe:*:C:\WINDOWS\microsoft.exe
"C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_46101.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_46101.exe:*:C:\WINDOWS\microsoft.exe
"C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_83488.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_83488.exe:*:C:\WINDOWS\microsoft.exe
"C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_14663.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_14663.exe:*:C:\WINDOWS\microsoft.exe


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{00D15456-F679-4AD4-8BD2-56450D4C3F72}" = WarRock
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{049d411d-6564-4638-96d2-41a27817a181}" = Nero 9 Essentials
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{0D8E15E1-350B-4DF5-8D76-58E429157458}" = Lineage
"{0E26E09B-6687-4A99-BD08-A9E705373029}_is1" = Vyzex Pocket POD 1.17
"{1246FF64-3035-4A92-8FE6-A968275495EB}" = Sony Vegas Pro 8.0
"{17145977-D875-4B1D-942F-9E5930823E02}_is1" = Gods - Kraina Nieskończoności
"{17D60B8C-927A-06CE-9AC5-B1949964EF15}" = Catalyst Control Center Core Implementation
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.7
"{1A4E47DC-6701-4A85-AA16-C1F99A44598C}" = Spellforce 2 - Czas Mrocznych Wojen
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1DCC7418-2089-4BDD-B321-3771956160FC}" = ijji Auto Installer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{21BB0483-3D43-46A7-A63F-72C702701438}" = GameShadow
"{21E77392-C30A-4AA2-8CA7-5728316939D6}" = AmpliTube X-GEAR
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{285139D9-633F-4674-8FA3-DB94B356FA82}_is1" = Mafia Tycoon
"{2930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments GuitarRig Mobile IO Driver
"{29B3C64A-0F93-47CD-9C54-72C0C5578487}" = Samsung PC Studio
"{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1" = Inpaint 3.0
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{30283233-3BE6-473D-A47C-ED964A2F78B4}_is1" = Inpaint 2.3
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE06D54-72B1-44B2-AB60-E4277EC80EF4}" = Microsoft XML Parser
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{430B1017-1B12-420C-8F27-05D0EC2995E0}" = Lineage II
"{46301B1E-8962-4672-B5A2-0636BA3C48F4}" = Melodyne 3.2 Demo
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4DBF3C3D-5B6D-45B2-A08B-B06490E2666F}_is1" = Wru! 1.0.4
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57383270-6F61-4DC8-A9B8-C1745FC29F38}" = Trust Webcam 14823
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = PlayNC Launcher
"{66BA35B0-1911-47EF-B170-1DCFFDA362F1}" = AmpliTube Jimi Hendrix
"{674FD2DC-B87D-D5B4-AF07-73AE91974301}" = Catalyst Control Center HydraVision Full
"{68ED7C7F-6F0A-4467-81F3-FA5899A15D16}_is1" = Moyea Flash Video MX Pro Version: 5.0.9.0
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Session IO Driver
"{7ADFF9AF-B9D8-FC53-0377-AFDDCBE8929E}" = Catalyst Control Center Graphics Full New
"{7D979C05-1742-1AE1-E61A-25A33449AF44}" = Catalyst Control Center Graphics Previews Common
"{7E4B7FD9-4ECE-4298-A910-3160B7918059}" = CryEngine(R)2 Sandbox(TM)2
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.0520.1
"{828B0E1B-C6B0-42E5-B2A3-C50E7820C077}" = IPSwitcher Basic
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8396DF41-E71D-7170-A03A-A0A2D8633B57}" = Catalyst Control Center Graphics Full Existing
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90877318-0BD0-4BDE-BFC0-C4BB12DAC86A}_is1" = Rappelz
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{93543036-BAD7-4B53-B45E-306B21202727}" = Piraci Nowego Świata 2 - Dwa skarby
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00AF-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Polish)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9811DA63-C6B4-426E-859E-12A2393DDB31}" = LanSpeed2 v3.0.7
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C6F9C01-FE98-90B4-36BD-5CCC4A8A1AA8}" = ccc-core-preinstall
"{9EDEF5B1-B740-4DFF-AC16-E2428E1713E8}" = AmpliTube Metal
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman - Krwawa Forsa
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Początek
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B6685367-A8AD-4414-A2A3-10B40EC5CF30}" = SharpKeys
"{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1" = Eraser 5.8.7
"{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3 Driver
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BF605A48-663D-AA9A-F128-95ED7F2C6413}" = Skins
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C28FC5E5-86EE-B4B5-044A-E484E78F9C7B}" = CCC Help English
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{C6752201-DC16-C30F-478C-36EC595BEFDB}" = ccc-core-static
"{C765D9FF-4A34-4BF1-9F91-E9A3C60C86FC}" = ArcSoft VideoImpression 2
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{C95AACD4-9507-4F5C-9D53-22B1ACCFECD1}" = AmpliTube2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF1D7323-8A0A-49C7-83B0-088DB90721E2}" = AmpegSVX
"{CF58B132-4C67-4E0A-BE3D-8DADB1E32258}" = Vegas Movie Studio 9.0
"{D0A85D80-425F-CBB2-B35A-69EFD283DF39}" = ccc-utility
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D52D5D70-6F8F-4690-8559-18D5EAC8B19F}" = XIII
"{D777D80E-13AE-4E6C-BCB2-9AEE10D9DEF1}" = Driver Updater
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D873FA4B-C374-4F8A-8D9A-130DB56FAB16}" = America's Army
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E144A786-D2DD-428B-9C1A-0EE3FA3515EA}" = Rappelz_USA
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{E397F6F0-AEE4-4236-BB05-1351350F8365}" = War Rock
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (JDownloader Edition) 2.1
"{E5CFDA19-A86E-4276-AB8E-5165E2FC98B8}" = Hero_Online
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EC9A0711-9823-4DD2-83C4-039886A3ECF6}" = Melodyne 3.2 Demo
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = StarCam Sports Football 300K
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Wiedźmin
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6CE1230-A694-4B86-B21C-A11A112689DA}" = Trust WB-1400T Webcam
"{F7D689BA-E7DE-4727-9F8D-936B6C30A53A}" = Rapidshare Auto Downloader 3.6.2
"{F8CF44C8-6295-417B-8B04-AAB39F1BB649}_is1" = Call of Juarez SP Demo
"{FE6FD041-F8D2-1323-178C-7C71C1980C51}" = Catalyst Control Center Graphics Light
"{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Więzy Krwi
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acoustica Beatcraft" = Acoustica Beatcraft
"Acoustica Effects Pack" = Acoustica Effects Pack
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AirRivals_EN_is1" = AirRivals_EN 1.0.0.35
"Aiseesoft DVD to MP4 Converter_is1" = Aiseesoft DVD to MP4 Converter
"All ATI Software" = ATI - Software Uninstall Utility
"Any Video Converter_is1" = Any Video Converter 3.1.7
"AP Guitar Tuner 1.02" = AP Guitar Tuner 1.02
"AP Tuner 3.08" = AP Tuner 3.08
"AQQ" = WapSter AQQ
"Arial Sound Recorder_is1" = Arial Sound Recorder version 1.7.5
"ASIO4ALL" = ASIO4ALL
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"AV Voice Changer Software 3.0" = AV Voice Changer Software 3.0
"AV Voice Changer Software DIAMOND 4.0" = AV Voice Changer Software DIAMOND 4.0
"AV Voice Changer Software DIAMOND 6.0" = AV Voice Changer Software DIAMOND 6.0
"AV Voice Changer Software DIAMOND 7.0" = AV Voice Changer Software DIAMOND 7.0
"Avidemux 2.5" = Avidemux 2.5
"AviSynth" = AviSynth 2.5
"BitComet" = BitComet 1.22
"BrainWave Generator" = BrainWave Generator
"CasinoEuroPoker" = CasinoEuroPoker (remove only)
"CDex" = CDex extraction audio
"cFosSpeed" = cFosSpeed v5.12
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combat Arms EU" = Combat Arms EU
"conduitEngine" = Conduit Engine
"Cool Edit Pro 2.0" = Cool Edit Pro 2.0
"Counter-Strike 1.6 v32" = Counter-Strike 1.6 v32
"Cpukiller3_is1" = Cpukiller3 v1.0.5
"CSS FULL DZ [Oct 15 2007]" = CSS FULL DZ [Oct 15 2007] v18.1
"Direct MIDI to MP3 Converter_is1" = Direct MIDI to MP3 Converter version 6.1.2.43
"DirectX10 for Windows XP - Win2000, 2003,..._is1" = DirectX10 RC2 Pre Fix 3
"Drumtronic" = Drumtronic
"DVD To AVI Converter_is1" = DVD To AVI Converter 1.00
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 4.1)
"EarMaster Essential 5_is1" = EarMaster Essential 5
"Easy Video Splitter_is1" = Easy Video Splitter 1.28
"easyCALL_is1" = easyCALL
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"ESET Online Scanner" = ESET Online Scanner v3
"ET3DEMO" = English Translator 3 Demo
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30
"ExpressBurn" = Express Burn
"ExpressRip" = Express Rip
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.3)
"FlightGear_is1" = FlightGear v0.9.10
"Fraps" = Fraps (remove only)
"FREE Hi-Q Recorder_is1" = FREE Hi-Q Recorder 1.92
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"Gadu-Gadu 10" = Gadu-Gadu 10
"Game Booster_is1" = Game Booster
"GameCenter" = GameCenter
"GamersFirst LIVE!" = GamersFirst LIVE!
"GamersFirst War Rock" = War Rock
"GameTracker Lite" = GameTracker Lite
"Gates of Troy_is1" = Gates of Troy
"Guild Wars" = Guild Wars
"Guitar FX BOX 2.8" = Guitar FX BOX 2.8
"Guitar Pro 5_is1" = Guitar Pro 5.2
"GuitarSpeedTrainer_is1" = GST 2.3.8.4
"Gunz" = ijji - Gunz
"Hamachi" = Hamachi 1.0.2.5
"Hitman: Kontrakty" = Hitman: Kontrakty
"Hydrogen" = Hydrogen
"Icy Tower v1.3.1_is1" = Icy Tower v1.3.1
"Icy Tower v1.4_is1" = Icy Tower v1.4
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{F6CE1230-A694-4B86-B21C-A11A112689DA}" = Trust WB-1400T Webcam
"InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Więzy Krwi
"Internet Download Manager" = Internet Download Manager
"ipla" = ipla 2.2
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"KeyFinder_is1" = Magical Jelly Bean KeyFinder
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic)
"Lexmark 4800 Series" = Lexmark 4800 Series
"Lexmark Fax Solutions" = Oprogramowanie faksowe Lexmark
"Line 6 Uninstaller" = Line 6 Uninstaller
"Lineage 2 Frintezza Full" = Lineage 2 Frintezza Full 1.2
"Loki_is1" = Loki
"Magic Mirror_is1" = Magic Mirror 3.0
"Magic Video Batch Converter_is1" = Magic Video Batch Converter 3.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"MobiMB Mobile Media Browser" = MobiMB Mobile Media Browser
"MojDzwonek.com" = MojDzwonek.com - konwerter dzwonków TrueTone
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"MP3 CD Doctor Lite_is1" = MP3 CD Doctor
"MP3 Encoder" = LS MP3 Encoder
"MPEG4 Direct Maker" = MPEG4 Direct Maker
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyWebSearch bar Uninstall" = My Web Search (Smiley Central)
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Guitar Rig 3" = Native Instruments Guitar Rig 3
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments Guitar Rig Session IO Driver" = Native Instruments Guitar Rig Session IO Driver
"Native Instruments GuitarRig Mobile IO Driver" = Native Instruments GuitarRig Mobile IO Driver
"Native Instruments Rig Kontrol 3 Driver" = Native Instruments Rig Kontrol 3 Driver
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Session IO Driver" = Native Instruments Session IO Driver
"Neffy" = Neffy 1,3,29,0
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Nero7Lite_is1" = Nero 7 Lite 7.10.1.0
"Nokia PC Suite" = Nokia PC Suite
"Nowe Gadu-Gadu" = Nowe Gadu-Gadu
"Orb" = Winamp Remote
"Pacific Warriors" = Pacific Warriors
"PingPlotter Standard" = PingPlotter Standard 3.30.1s
"Pool of Radiance" = Pool of Radiance
"Postal 2 Demo" = Postal 2 Demo
"Postal 2 Share The Pain" = Postal 2 Share The Pain
"Postal 2 STP - Free Multiplayer Edition" = Postal 2 STP - Free Multiplayer Edition
"Przyspiesz Komputer_is1" = Przyspiesz Komputer
"PunkBusterSvc" = PunkBuster Services
"QuickPar" = QuickPar 0.9
"rayman2" = rayman2
"RealPlayer 6.0" = RealPlayer
"REAPER" = REAPER
"ReValver" = ReValver
"ReValver Mk II_is1" = ReValver Mk II
"Rohan_USA" = Rohan_USA
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SeaDogs" = SeaDogs
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"Silkroad" = Silkroad
"SkanerOnline" = Skaner on-line mks_vir
"SMS Pilot_is1" = SMS Pilot 1.06 build 003
"SnadBoy's Revelation v2" = SnadBoy's Revelation v2
"Softonic-Polska Toolbar" = Softonic-Polska Toolbar
"Spartan_is1" = Spartan
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SpeedBit Video Downloader" = SpeedBit Video Downloader
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 630" = Alien Swarm
"Tactical Ops" = Tactical Ops
"TallStick TS-AudioToMIDI 3.30" = TallStick TS-AudioToMIDI 3.30 (remove only)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Tengwar Scribe" = Tengwar Scribe
"The Witcher - Doppler's Essence Mod_is1" = EoD ver 1.0.0.0
"Tibia_is1" = Tibia
"Tomb Raider: Underworld Demo" = Tomb Raider: Underworld Demo 1.0
"Tunatic" = Tunatic
"Ultra MP4 Video Converter_is1" = Ultra MP4 Video Converter 5.2.0603
"Videora iPod Converter" = Videora iPod Converter 4.07
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VS Online_is1" = VS Online 1.54
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WheelMouse" = Smart-X7 7.80
"WIC" = Windows Imaging Component
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.4.1
"WinRAR archiver" = Archiwizator WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"Xfire" = Xfire (remove only)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"YouTube Downloader App" = YouTube Downloader App 1.02

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2a4f70b48f669acd" = AA3Deploy
"BitTorrent" = BitTorrent 6.0
"BitTorrent DNA" = DNA
"Google Chrome" = Google Chrome
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"uTorrent" = µTorrent

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-03-13 07:39:20 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu.

Error - 2011-03-13 07:39:20 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2011-03-13 07:39:57 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu.

Error - 2011-03-13 07:39:57 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2011-03-13 17:50:02 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu.

Error - 2011-03-13 17:50:02 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2011-03-13 17:50:03 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2011-03-13 17:50:03 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2011-03-13 17:50:03 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2011-03-13 17:50:03 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

[ System Events ]
Error - 2011-03-13 17:07:22 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7034
Description = Usługa Usługa COM nagrywania dysków CD IMAPI niespodziewanie zakończyła
pracę. Wystąpiło to razy: 1.

Error - 2011-03-13 17:17:30 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7034
Description = Usługa cFosSpeed System Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2011-03-13 17:42:37 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7023
Description = Usługa HID Input Service zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2011-03-13 17:47:20 | Computer Name = SUKINSYNA | Source = Dhcp | ID = 1002
Description = Adres IP połączenia 10.10.0.2 dla karty sieciowej o adresie 001FD0890F66
został zabroniony przez serwer DHCP 10.10.0.1 (Serwer DHCP wysłał komunikat DHCPNACK).

Error - 2011-03-13 17:51:42 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7034
Description = Usługa McAfee Security Scan Component Host Service niespodziewanie
zakończyła pracę. Wystąpiło to razy: 1.

Error - 2011-03-15 15:23:18 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7023
Description = Usługa HID Input Service zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2011-03-15 15:23:18 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi My Web Search Service z powodu następującego
błędu: %%2

Error - 2011-03-15 15:23:24 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7034
Description = Usługa cFosSpeed System Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2011-03-15 15:53:02 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: Fips intelppm StarOpen

Error - 2011-03-15 15:53:08 | Computer Name = SUKINSYNA | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi
EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}


< End of report >
[/log]

Tomek01
komentarz
komentarz

Przechodzisz do trybu awaryjnego, uruchamiasz OTL, w oknie Custom scan/fixes wklej:

[code]:OTL
PRC - [2011-03-15 17:53:13 | 000,159,744 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe
PRC - [2011-03-14 20:13:32 | 000,172,032 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\dwm.exe
PRC - [2011-03-12 14:58:02 | 000,177,664 | -H-- | M] () -- C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe
SRV - File not found [Auto | Stopped] -- -- (MyWebSearchService)
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.)
[2009-09-25 18:26:19 | 000,000,000 | -H-D | M] (Winamp Toolbar) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010-05-06 19:55:10 | 000,000,000 | -H-D | M] (RadioBar Toolbar) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\radiobar@toolbar
[2010-10-19 20:29:36 | 000,000,933 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\searchplugins\conduit.xml
[2010-05-06 20:14:20 | 000,001,589 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\searchplugins\web-search.xml
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - File not found
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - File not found
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\ShellBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - File not found
O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\ShellBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - Reg Error: Value error. File not found
O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - File not found
O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - Reg Error: Value error. File not found
O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [conhost] C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe ()O4 - HKLM..\Run: [Microsoft Driver Setup] C:\WINDOWS\microsoft.exe (Kxcesobjn Software)
O4 - HKLM..\Run: [My Web Search Bar] File not found
O4 - HKLM..\Run: [NVIDIA driver monitor] c:\WINDOWS\nvsvc32.exe ()
O4 - HKLM..\Run: [Regedit32] File not found
O4 - HKLM..\Run: [wuaucldt] C:\WINDOWS\system32\wuaucldt.exe ()
O4 - HKU\.DEFAULT..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe (NetInternals)
O4 - HKU\S-1-5-18..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe (NetInternals)
O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [JP595IR86O] File not found
O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [NVIDIA driver monitor] c:\WINDOWS\nvsvc32.exe ()
O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe (NetInternals)O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [wuaucldt] c:\Documents and Settings\start\wuaucldt.exe ()
F3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003 WinNT: Load - (C:\DOCUME~1\start\USTAWI~1\Temp\csrss.exe) - C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe ()
O20 - HKU\S-1-5-21-854245398-2077806209-725345543-1003 Winlogon: Shell - (C:\Documents and Settings\start\Dane aplikacji\dwm.exe) - C:\Documents and Settings\start\Dane aplikacji\dwm.exe ()
MsConfig - StartUpReg: MyWebSearch Email Plugin - hkey= - key= - File not found
MsConfig - StartUpReg: cdoosoft - hkey= - key= - File not found

:Files
C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe
C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe
C:\WINDOWS\System32\adobearp.exe
C:\Documents and Settings\All Users\Dane aplikacji\~16113460r
C:\Documents and Settings\All Users\Dane aplikacji\~16113460
C:\Documents and Settings\All Users\Dane aplikacji\16113460
C:\Documents and Settings\All Users\Dane aplikacji\16113460.exe
C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe
C:\WINDOWS\wibrf.jpg
C:\WINDOWS\wiybr.png
C:\WINDOWS\tasks\yyki.job
C:\Documents and Settings\All Users\Dane aplikacji\~13492020
C:\Documents and Settings\All Users\Dane aplikacji\13492020
C:\Documents and Settings\All Users\Dane aplikacji\13492020.exe
C:\Documents and Settings\start\Dane aplikacji\3AA2.398
C:\WINDOWS\microsoft.exe
C:\Documents and Settings\start\wuaucldt.exe
C:\WINDOWS\System32\wuaucldt.exe
C:\Documents and Settings\start\Pulpit\Windows Diagnostic.lnk
C:\WINDOWS\System32\drivers\wcscd.sys
C:\Documents and Settings\start\Dane aplikacji\dwm.exe
C:\WINDOWS\ndl.dl
C:\WINDOWS\nvsvc32.exe
C:\WINDOWS\System32\wship6C.dll
C:\WINDOWS\Kneqoa.exe
C:\Documents and Settings\All Users\Dane aplikacji\mtbjfghn.xbe
C:\Documents and Settings\start\Menu Start\Programy\Autostart\smgr34.exe
c:\documents and settings\start\Dane aplikacji\PriceGong
C:\Qoobox
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\WGASetup.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003Core.job
C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job


:Commands
[emptytemp][/code]

Klikasz run fix, komputer uruchamia się ponownie.
Wrzuć log z usuwania oraz nowe logi: OTL i RSIT



Do [url=http://images.malwareremoval.com/jpshortstuff/SystemLook.exe][b]System Look[/b][/url] wklej:
[code]:File
C:\WINDOWS\System32\ativvaxx.cap[/code]
Wciśnij look, pokaż co wyskoczyło.

AveX
komentarz
komentarz

Niestety po wklejeniu tego kodu do OTL i Run Script, wywala mnie z awaryjnego do niebieskiego ekranu z napisami o błędzie systemu, i żeby uruchomić ponownie kompa,

SystemLook 04.09.10 by jpshortstuff
Log created at 23:53 on 16/03/2011 by start
Administrator - Elevation successful

========== File ==========

C:\WINDOWS\System32\ativvaxx.cap - File found and opened.
MD5: 4A7E424F7A9586EC6E77D63F8CE7D880
Created at 19:53 on 16/03/2009
Modified at 22:48 on 16/03/2011
Size: 173776 bytes
Attributes: --a----
No version information available.

-= EOF =-

To mam po zrobieniu tego SystemLook.

Tomek01
komentarz
komentarz

W trybie awaryjnym wykonaj poniższe czynności.

Pobierz [b][url=http://www.instalki.pl/programy/download/antyspyware/get.php?file=avenger]Avenger[/url][/b]
W polu ‘’ input script here’’ wklej taki tekst :

[code]Files to delete:
C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe
C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe
C:\WINDOWS\System32\adobearp.exe
C:\Documents and Settings\All Users\Dane aplikacji\16113460.exe
C:\Documents and Settings\All Users\Dane aplikacji\13492020.exe
C:\WINDOWS\tasks\yyki.job
C:\Documents and Settings\start\Dane aplikacji\dwm.exe
C:\WINDOWS\microsoft.exe
C:\WINDOWS\System32\drivers\wcscd.sys
C:\WINDOWS\System32\wuaucldt.exe
C:\Documents and Settings\start\Pulpit\Windows Diagnostic.lnk
C:\Documents and Settings\start\Dane aplikacji\dwm.exe
C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe
C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe
C:\WINDOWS\wibrf.jpg
C:\WINDOWS\wiybr.png
C:\WINDOWS\ndl.dl
C:\WINDOWS\nvsvc32.exe
C:\WINDOWS\System32\wship6C.dll
C:\WINDOWS\Kneqoa.exe
C:\Documents and Settings\All Users\Dane aplikacji\mtbjfghn.xbe
C:\Documents and Settings\start\Menu Start\Programy\Autostart\smgr34.exe
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\WGASetup.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003Core.job
C:\WINDOWS\Tasks\yyki.job
C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job


Folders to delete:
C:\Documents and Settings\All Users\Dane aplikacji\~16113460r
C:\Documents and Settings\All Users\Dane aplikacji\~16113460
C:\Documents and Settings\All Users\Dane aplikacji\16113460
C:\Documents and Settings\All Users\Dane aplikacji\~13492020
C:\Documents and Settings\All Users\Dane aplikacji\13492020
C:\Documents and Settings\start\Dane aplikacji\3AA2.398
C:\Qoobox

Registry keys to delete:
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:\Documents and Settings\start\Menu Start\Programy\Autostart\smgr34.exe

Registry values to delete:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | wuaucldt
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | wuaucldt

Drivers to delete:
MyWebSearchService
wuaucldt
wjfrjCrTGl
Flwgw
JP595IR86O[/code]

Klikasz execute, komputer uruchamia się ponownie i generuje raport, który pokaż na forum. Do tego nowe logi OTL i RIT>

AveX
komentarz
komentarz

[log]//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Dodatek Service Pack 2)
Fri Mar 18 18:31:36 2011

18:31:33: Error: Invalid registry syntax in command:
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run|wuaucldt"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry value deletion mode)
18:31:36: Error: Execution aborted by user!


//////////////////////////////////////////


//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Dodatek Service Pack 2)
Fri Mar 18 18:31:52 2011

18:31:45: Error: Invalid registry syntax in command:
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run|wuaucldt"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry value deletion mode)


//////////////////////////////////////////


Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe" deleted successfully.
File "C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe" deleted successfully.
File "C:\WINDOWS\System32\adobearp.exe" deleted successfully.

Error: file "C:\Documents and Settings\All Users\Dane aplikacji\16113460.exe" not found!
Deletion of file "C:\Documents and Settings\All Users\Dane aplikacji\16113460.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\Documents and Settings\All Users\Dane aplikacji\13492020.exe" not found!
Deletion of file "C:\Documents and Settings\All Users\Dane aplikacji\13492020.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\tasks\yyki.job" not found!
Deletion of file "C:\WINDOWS\tasks\yyki.job" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\Documents and Settings\start\Dane aplikacji\dwm.exe" not found!
Deletion of file "C:\Documents and Settings\start\Dane aplikacji\dwm.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\microsoft.exe" not found!
Deletion of file "C:\WINDOWS\microsoft.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "C:\WINDOWS\System32\drivers\wcscd.sys" deleted successfully.
File "C:\WINDOWS\System32\wuaucldt.exe" deleted successfully.
File "C:\Documents and Settings\start\Pulpit\Windows Diagnostic.lnk" deleted successfully.

Error: file "C:\Documents and Settings\start\Dane aplikacji\dwm.exe" not found!
Deletion of file "C:\Documents and Settings\start\Dane aplikacji\dwm.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe" not found!
Deletion of file "C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe" not found!
Deletion of file "C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\wibrf.jpg" not found!
Deletion of file "C:\WINDOWS\wibrf.jpg" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\wiybr.png" not found!
Deletion of file "C:\WINDOWS\wiybr.png" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\ndl.dl" not found!
Deletion of file "C:\WINDOWS\ndl.dl" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\nvsvc32.exe" not found!
Deletion of file "C:\WINDOWS\nvsvc32.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "C:\WINDOWS\System32\wship6C.dll" deleted successfully.
File "C:\WINDOWS\Kneqoa.exe" deleted successfully.
File "C:\Documents and Settings\All Users\Dane aplikacji\mtbjfghn.xbe" deleted successfully.

Error: file "C:\Documents and Settings\start\Menu Start\Programy\Autostart\smgr34.exe" not found!
Deletion of file "C:\Documents and Settings\start\Menu Start\Programy\Autostart\smgr34.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job" deleted successfully.
File "C:\WINDOWS\tasks\WGASetup.job" deleted successfully.
File "C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job" deleted successfully.
File "C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job" deleted successfully.
File "C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job" deleted successfully.
File "C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job" deleted successfully.
File "C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003UA.job" deleted successfully.
File "C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003Core.job" deleted successfully.

Error: file "C:\WINDOWS\Tasks\yyki.job" not found!
Deletion of file "C:\WINDOWS\Tasks\yyki.job" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job" deleted successfully.

Error: "C:\Documents and Settings\All Users\Dane aplikacji\~16113460r" is not a folder! It may instead be a file.
Deletion of folder "C:\Documents and Settings\All Users\Dane aplikacji\~16113460r" failed!
Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY)
--> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file


Error: "C:\Documents and Settings\All Users\Dane aplikacji\~16113460" is not a folder! It may instead be a file.
Deletion of folder "C:\Documents and Settings\All Users\Dane aplikacji\~16113460" failed!
Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY)
--> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file


Error: "C:\Documents and Settings\All Users\Dane aplikacji\16113460" is not a folder! It may instead be a file.
Deletion of folder "C:\Documents and Settings\All Users\Dane aplikacji\16113460" failed!
Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY)
--> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file


Error: "C:\Documents and Settings\All Users\Dane aplikacji\~13492020" is not a folder! It may instead be a file.
Deletion of folder "C:\Documents and Settings\All Users\Dane aplikacji\~13492020" failed!
Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY)
--> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file


Error: "C:\Documents and Settings\All Users\Dane aplikacji\13492020" is not a folder! It may instead be a file.
Deletion of folder "C:\Documents and Settings\All Users\Dane aplikacji\13492020" failed!
Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY)
--> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file


Error: "C:\Documents and Settings\start\Dane aplikacji\3AA2.398" is not a folder! It may instead be a file.
Deletion of folder "C:\Documents and Settings\start\Dane aplikacji\3AA2.398" failed!
Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY)
--> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file

Folder "C:\Qoobox" deleted successfully.

Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\MyWebSearchService" not found!
Deletion of driver "MyWebSearchService" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\wuaucldt" not found!
Deletion of driver "wuaucldt" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\wjfrjCrTGl" not found!
Deletion of driver "wjfrjCrTGl" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\Flwgw" not found!
Deletion of driver "Flwgw" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\JP595IR86O" not found!
Deletion of driver "JP595IR86O" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: registry key "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:\Documents and Settings\start\Menu Start\Programy\Autostart\smgr34.exe" not found!
Deletion of registry key "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:\Documents and Settings\start\Menu Start\Programy\Autostart\smgr34.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Registry value "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run|wuaucldt" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.
[/log]


Nic to nie dało bo dalej się dzieje co się działo :/

Tomek01
komentarz
komentarz

Zapomniałem, że Avenger usuwa wpisy rejestru tylko z HKEY_LOCAL_MACHINE.

Spróbujmy jeszcze tak,
Wyłącz a następnie włącz przywracanie systemu na wszystkich partycjach.
Użyj ATF Cleaner, zaznacz trzy pierwsze fajki i empty selected.

Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i jakby coś wykryły raporty pokaż na forum.


Jeśli tak nie pójdzie będziemy myśleć.
Czy próbowałeś przywrócić system do wcześniejszego stanu ?

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.