x-kom hosting

Log RSIT

Daniel W.
utworzono
utworzono
 Logfile of random's system information tool 1.06 (written by random/random)Run by Paulina at 2009-04-26 17:37:10Microsoft® Windows Vista™ Home Premium  Service Pack 1System drive C: has 163 GB (72%) free of 227 GBTotal RAM: 4058 MB (56% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 17:37:40, on 2009-04-26Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18226)Boot mode: NormalRunning processes:C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exeC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files (x86)\Gadu-Gadu\gg.exeC:\Program Files (x86)\HP\QuickPlay\QPService.exec:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exeC:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exeC:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exeC:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC:\Program Files (x86)\Java\jre6\bin\jusched.exeC:\Program Files (x86)\AVG\AVG8\avgtray.exeC:\Program Files (x86)\Skype\Plugin Manager\skypePM.exeC:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXEC:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Winamp\winamp.exeC:\Users\Paulina\Downloads\RSIT.exeC:\Program Files (x86)\trend micro\Paulina.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_pl&c=83&bd=Pavilion&pf=cnnbR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_pl&c=83&bd=Pavilion&pf=cnnbR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_pl&c=83&bd=Pavilion&pf=cnnbR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 149.156.67.233:8080R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exeO1 - Hosts: ::1 localhostO2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dllO2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dllO2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllO2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLLO2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllO2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllO3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dllO3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLLO4 - HKLM\..\Run: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"O4 - HKLM\..\Run: [ccApp] "c:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /StartO4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exeO4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exeO4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exeO4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenO4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimizedO4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exeO4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files (x86)\Gadu-Gadu\gg.exe" /trayO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dllO13 - Gopher Prefix: O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{FB189FC4-76F4-4063-AE6D-0251392EFD0D}: NameServer = 149.156.67.233,149.156.89.30O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLLO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_3c6572ef\AESTSr64.exe (file missing)O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exeO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exeO23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exeO23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exeO23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exeO23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeO23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeO23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exeO23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exeO23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exeO23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exeO23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exeO23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_3c6572ef\STacSV64.exe (file missing)O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)--End of file - 13459 bytes======Scheduled tasks folder======C:\Windows\tasks\HPCeeScheduleForPaulina.jobC:\Windows\tasks\Norton Internet Security - Run Full System Scan - Paulina.jobC:\Windows\tasks\User_Feed_Synchronization-{4569D24F-8F7D-47FF-90BC-70C650C654AD}.job======Registry dump======[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]Adobe PDF Reader Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]Skype add-on (mastermind) - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-07 1088296][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]AVG Safe Search - C:\Program Files (x86)\AVG\AVG8\avgssie.dll [2009-04-15 1078552][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll [2008-06-30 349552][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]Symantec Intrusion Prevention - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll [2008-08-04 116088][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2009-01-14 320920][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]AVG Security Toolbar - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLL [2009-04-15 1968920][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-01-14 34816][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-14 501056][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Show Norton Toolbar - c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll [2008-06-30 349552]{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLL [2009-04-15 1968920][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"QPService"=C:\Program Files (x86)\HP\QuickPlay\QPService.exe [2008-04-24 468264]"ccApp"=c:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [2008-10-17 51048]"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-06-02 80896]"HP Health Check Scheduler"=c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2007-05-09 54840]"hpWirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-01-14 136600]"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]"AVG8_TRAY"=C:\PROGRA~2\AVG\AVG8\avgtray.exe [2009-04-15 1601304][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1555968]"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664]"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2008-11-07 21633320]"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]"Gadu-Gadu"=C:\Program Files (x86)\Gadu-Gadu\gg.exe [2008-03-20 2127296][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]"dontdisplaylastusername"=0"legalnoticecaption"="legalnoticetext"="shutdownwithoutlogon"=1"undockwithoutlogon"=1"EnableUIADesktopToggle"=0[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoActiveDesktop"="NoActiveDesktopChanges"="ForceActiveDesktopOn"=[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list][HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]======List of files/folders created in the last 1 months======2009-04-26 17:37:11 ----D---- C:\Program Files (x86)\trend micro2009-04-26 17:37:10 ----D---- C:\rsit2009-04-25 18:06:16 ----D---- C:\Program Files (x86)\AML Products2009-04-25 18:06:16 ----A---- C:\Windows\system32\msvcr70.dll2009-04-25 18:06:16 ----A---- C:\Windows\system32\msvcp70.dll2009-04-25 18:06:16 ----A---- C:\Windows\system32\mfc70.dll2009-04-25 17:46:50 ----D---- C:\Program Files (x86)\TweakNow RegCleaner2009-04-25 17:28:47 ----D---- C:\Users\Paulina\AppData\Roaming\CleanMyPC Software2009-04-25 15:11:51 ----A---- C:\Windows\system32\icardres.dll2009-04-25 15:11:50 ----A---- C:\Windows\system32\PresentationNative_v0300.dll2009-04-25 15:11:50 ----A---- C:\Windows\system32\PresentationHostProxy.dll2009-04-25 15:11:50 ----A---- C:\Windows\system32\infocardapi.dll2009-04-25 15:11:50 ----A---- C:\Windows\system32\icardagt.exe2009-04-25 15:11:44 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll2009-04-25 15:11:41 ----A---- C:\Windows\system32\PresentationHost.exe2009-04-25 15:03:18 ----A---- C:\Windows\system32\netfxperf.dll2009-04-25 15:03:00 ----A---- C:\Windows\system32\dfshim.dll2009-04-25 15:02:49 ----A---- C:\Windows\system32\mscoree.dll2009-04-25 15:02:33 ----A---- C:\Windows\system32\mscorier.dll2009-04-25 15:02:25 ----A---- C:\Windows\system32\mscories.dll2009-04-21 11:44:32 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine2009-04-16 21:29:06 ----HD---- C:\$AVG8.VAULT$2009-04-15 20:13:45 ----D---- C:\Program Files (x86)\Gadu-Gadu2009-04-15 18:45:22 ----D---- C:\ProgramData\avg82009-04-15 18:45:22 ----D---- C:\Program Files (x86)\AVG2009-04-14 19:35:54 ----A---- C:\Windows\system32\winhttp.dll2009-04-14 19:35:50 ----A---- C:\Windows\system32\secur32.dll2009-04-14 19:35:50 ----A---- C:\Windows\system32\kernel32.dll2009-04-14 19:35:49 ----A---- C:\Windows\system32\apilogen.dll2009-04-14 19:35:49 ----A---- C:\Windows\system32\amxread.dll2009-04-14 19:33:39 ----A---- C:\Windows\system32\mshtml.dll2009-04-14 19:33:38 ----A---- C:\Windows\system32\ieframe.dll2009-04-14 19:33:37 ----A---- C:\Windows\system32\urlmon.dll2009-04-14 19:33:37 ----A---- C:\Windows\system32\msfeeds.dll2009-04-14 19:33:37 ----A---- C:\Windows\system32\iertutil.dll2009-04-14 19:33:37 ----A---- C:\Windows\system32\iedkcs32.dll2009-04-14 19:33:36 ----A---- C:\Windows\system32\wininet.dll2009-04-14 19:33:36 ----A---- C:\Windows\system32\occache.dll2009-04-14 19:33:36 ----A---- C:\Windows\system32\mstime.dll2009-04-14 19:33:36 ----A---- C:\Windows\system32\ieUnatt.exe2009-04-14 19:33:36 ----A---- C:\Windows\system32\ieencode.dll2009-04-14 19:33:36 ----A---- C:\Windows\system32\ieaksie.dll2009-04-14 19:33:35 ----A---- C:\Windows\system32\jsproxy.dll2009-04-14 19:27:00 ----A---- C:\Windows\system32\sdohlp.dll2009-04-14 19:27:00 ----A---- C:\Windows\system32\iasrecst.dll2009-04-14 19:27:00 ----A---- C:\Windows\system32\iashost.exe2009-04-14 19:27:00 ----A---- C:\Windows\system32\iasdatastore.dll2009-04-14 19:27:00 ----A---- C:\Windows\system32\iasads.dll2009-04-14 19:22:37 ----A---- C:\Windows\system32\xolehlp.dll2009-04-14 19:22:37 ----A---- C:\Windows\system32\msdtcprx.dll2009-04-14 19:08:08 ----D---- C:\Users\Paulina\AppData\Roaming\Macromedia2009-04-14 19:04:35 ----D---- C:\Users\Paulina\AppData\Roaming\skypePM2009-04-11 14:58:42 ----D---- C:\Users\Paulina\AppData\Roaming\Adobe2009-04-11 14:58:41 ----D---- C:\Users\Paulina\AppData\Roaming\WildTangent2009-04-10 17:25:22 ----D---- C:\ProgramData\Spybot - Search & Destroy2009-04-10 17:25:22 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy2009-04-10 17:20:30 ----D---- C:\Program Files (x86)\CCleaner2009-04-01 00:10:18 ----D---- C:\Windows\temp2009-04-01 00:10:16 ----D---- C:\Windows\Prefetch2009-04-01 00:08:56 ----D---- C:\Windows\Logs2009-04-01 00:08:51 ----D---- C:\Users\Paulina\AppData\Roaming\Gadu-Gadu(56)2009-03-29 22:39:48 ----D---- C:\Program Files (x86)\Spyware Doctor======List of files/folders modified in the last 1 months======2009-04-26 17:37:11 ----RD---- C:\Program Files (x86)2009-04-26 17:36:42 ----D---- C:\Users\Paulina\AppData\Roaming\Skype2009-04-26 11:40:02 ----SHD---- C:\Windows\Installer2009-04-26 11:40:01 ----D---- C:\ProgramData\Microsoft Help2009-04-26 11:17:53 ----D---- C:\Windows\System322009-04-26 11:17:53 ----D---- C:\Windows\inf2009-04-25 20:43:25 ----D---- C:\Windows\Microsoft.NET2009-04-25 20:43:19 ----RSD---- C:\Windows\assembly2009-04-25 18:06:16 ----D---- C:\Windows\SysWOW642009-04-25 15:40:23 ----D---- C:\Windows\rescache2009-04-25 15:22:37 ----D---- C:\Windows\system32\XPSViewer2009-04-25 15:22:37 ----D---- C:\Windows\system32\wbem2009-04-25 15:22:37 ----D---- C:\Windows\system32\en-US2009-04-25 15:21:09 ----SHD---- C:\System Volume Information2009-04-25 15:17:52 ----D---- C:\Windows\Debug2009-04-25 15:16:01 ----D---- C:\Windows\winsxs2009-04-24 08:48:35 ----D---- C:\Program Files (x86)\Mozilla Firefox2009-04-22 17:07:04 ----SD---- C:\Users\Paulina\AppData\Roaming\Microsoft2009-04-22 17:07:04 ----SD---- C:\ProgramData\Microsoft2009-04-21 11:46:38 ----D---- C:\Program Files (x86)\Winamp2009-04-21 11:44:32 ----D---- C:\Program Files (x86)\Common Files2009-04-20 22:06:01 ----D---- C:\Windows2009-04-16 20:34:54 ----D---- C:\Windows\system32\drivers2009-04-15 20:18:58 ----D---- C:\Users\Paulina\AppData\Roaming\Mozilla2009-04-15 18:45:22 ----HD---- C:\ProgramData2009-04-15 18:06:06 ----D---- C:\ProgramData\Symantec2009-04-15 00:05:45 ----A---- C:\Windows\win.ini2009-04-15 00:05:44 ----D---- C:\Program Files (x86)\Microsoft Office2009-04-14 23:46:58 ----D---- C:\Windows\system32\manifeststore2009-04-14 23:46:57 ----D---- C:\Windows\AppPatch2009-04-14 23:46:56 ----D---- C:\Program Files (x86)\Internet Explorer2009-04-14 23:46:54 ----D---- C:\Program Files (x86)\Windows Mail2009-04-14 19:38:45 ----D---- C:\Windows\SoftwareDistribution2009-04-14 19:04:35 ----D---- C:\ProgramData\Skype2009-04-11 15:02:07 ----D---- C:\Program Files (x86)\NiemPol2009-04-11 14:58:38 ----D---- C:\ProgramData\WildTangent2009-04-10 17:10:57 ----D---- C:\Program Files (x86)\Google2009-04-10 17:01:19 ----D---- C:\Program Files (x86)\Yahoo!2009-04-10 16:51:36 ----D---- C:\Windows\system32\HPMDP2009-04-10 16:49:53 ----D---- C:\Windows\system32\ias2009-04-10 16:49:53 ----D---- C:\Windows\ShellNew2009-04-10 16:49:50 ----D---- C:\Windows\ehome2009-04-10 16:49:50 ----D---- C:\Windows\Cursors2009-04-10 16:49:50 ----D---- C:\Program Files (x86)\Common Files\Services2009-04-10 16:49:35 ----D---- C:\Windows\WindowsMobile2009-04-10 16:49:35 ----D---- C:\Windows\Web2009-04-10 16:49:35 ----D---- C:\Windows\Users2009-04-10 16:49:35 ----D---- C:\Windows\Tasks2009-04-10 16:49:35 ----D---- C:\Windows\tapi2009-04-10 16:49:35 ----D---- C:\Windows\system32\x642009-04-10 16:49:35 ----D---- C:\Windows\system32\networklist2009-04-10 16:49:35 ----D---- C:\Windows\system32\Lang2009-04-10 16:49:35 ----D---- C:\Windows\system32\DriverStore2009-04-10 16:49:35 ----D---- C:\Windows\system2009-04-10 16:49:34 ----D---- C:\Windows\SMINST2009-04-10 16:49:34 ----D---- C:\Windows\Setup2009-04-10 16:49:34 ----D---- C:\Windows\security2009-04-10 16:49:34 ----D---- C:\Windows\PLA2009-04-10 16:49:32 ----RSD---- C:\Windows\Media2009-04-10 16:49:32 ----D---- C:\Windows\JMCR_DIR2009-04-10 16:49:28 ----RSD---- C:\Windows\Fonts2009-04-10 16:49:28 ----D---- C:\Windows\Help2009-04-10 16:49:27 ----SD---- C:\Windows\Downloaded Program Files2009-04-10 16:49:27 ----D---- C:\Windows\Downloaded Installations2009-04-10 16:49:20 ----D---- C:\Users\Paulina\AppData\Roaming\iWin2009-04-10 16:49:20 ----D---- C:\Users\Paulina\AppData\Roaming\Gadu-Gadu2009-04-10 16:49:11 ----RD---- C:\Users2009-04-10 16:49:10 ----HD---- C:\System.sav2009-04-10 16:49:10 ----D---- C:\SwSetup2009-04-10 16:48:56 ----D---- C:\ProgramData\SpinTop Games2009-04-10 16:48:56 ----D---- C:\ProgramData\Nero2009-04-10 16:48:56 ----D---- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}2009-04-10 16:48:54 ----D---- C:\ProgramData\HP2009-04-10 16:48:54 ----D---- C:\ProgramData\Hewlett-Packard2009-04-10 16:48:54 ----D---- C:\ProgramData\CyberLink2009-04-10 16:48:50 ----RD---- C:\Program Files2009-04-10 16:48:49 ----D---- C:\Program Files (x86)\WinRAR2009-04-10 16:48:45 ----D---- C:\Program Files (x86)\Windows Photo Gallery2009-04-10 16:48:45 ----D---- C:\Program Files (x86)\Windows Media Player2009-04-10 16:48:44 ----RD---- C:\Program Files (x86)\Online Services2009-04-10 16:48:44 ----D---- C:\Program Files (x86)\Sling Media2009-04-10 16:48:44 ----D---- C:\Program Files (x86)\Skype2009-04-10 16:48:44 ----D---- C:\Program Files (x86)\Realtek2009-04-10 16:48:44 ----D---- C:\Program Files (x86)\Norton Internet Security2009-04-10 16:48:44 ----D---- C:\Program Files (x86)\Netflix2009-04-10 16:48:43 ----D---- C:\Program Files (x86)\Nero2009-04-10 16:48:42 ----D---- C:\Program Files (x86)\muvee Technologies2009-04-10 16:48:42 ----D---- C:\Program Files (x86)\MSBuild2009-04-10 16:48:41 ----D---- C:\Program Files (x86)\Microsoft.NET2009-04-10 16:48:41 ----D---- C:\Program Files (x86)\Microsoft Works2009-04-10 16:48:41 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 82009-04-10 16:48:41 ----D---- C:\Program Files (x86)\Microsoft Visual Studio2009-04-10 16:48:38 ----D---- C:\Program Files (x86)\K-Lite Codec Pack2009-04-10 16:48:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information2009-04-10 16:48:36 ----D---- C:\Program Files (x86)\Java2009-04-10 16:48:34 ----D---- C:\Program Files (x86)\IDT2009-04-10 16:48:31 ----D---- C:\Program Files (x86)\HP2009-04-10 16:48:29 ----D---- C:\Program Files (x86)\HP Games2009-04-10 16:48:20 ----D---- C:\Program Files (x86)\Hewlett-Packard2009-04-10 16:48:05 ----D---- C:\Program Files (x86)\CyberLink2009-04-10 16:47:52 ----D---- C:\Program Files (x86)\Common Files\System2009-04-10 16:47:52 ----D---- C:\Program Files (x86)\Common Files\Symantec Shared2009-04-10 16:47:43 ----D---- C:\Program Files (x86)\Common Files\Skype2009-04-10 16:47:43 ----D---- C:\Program Files (x86)\Common Files\muvee Technologies2009-04-10 16:47:42 ----D---- C:\Program Files (x86)\Common Files\microsoft shared2009-04-10 16:47:39 ----D---- C:\Program Files (x86)\Common Files\LightScribe2009-04-10 16:47:39 ----D---- C:\Program Files (x86)\Common Files\Java2009-04-10 16:47:38 ----D---- C:\Program Files (x86)\Common Files\InstallShield2009-04-10 16:47:38 ----D---- C:\Program Files (x86)\Common Files\HP2009-04-10 16:47:38 ----D---- C:\Program Files (x86)\Common Files\DESIGNER2009-04-10 16:47:38 ----D---- C:\Program Files (x86)\Common Files\Ahead2009-04-10 16:47:37 ----D---- C:\Program Files (x86)\Common Files\Adobe2009-04-10 16:47:36 ----D---- C:\Program Files (x86)\Adobe2009-04-10 16:47:36 ----D---- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites2009-04-10 16:47:34 ----RHD---- C:\MSOCache2009-04-10 16:47:34 ----HD---- C:\HP2009-04-10 16:47:26 ----SHD---- C:\$RECYCLE.BIN2009-04-10 16:47:19 ----D---- C:\Windows\registration2009-04-01 00:04:56 ----D---- C:\Windows\system32\setup2009-04-01 00:04:56 ----D---- C:\Windows\system32\MUI2009-04-01 00:04:56 ----D---- C:\Windows\system32\Msdtc2009-04-01 00:04:55 ----D---- C:\Windows\system32\config2009-04-01 00:04:54 ----D---- C:\Windows\system32\com2009-04-01 00:03:45 ----D---- C:\Program Files (x86)\Windows Sidebar2009-04-01 00:00:05 ----SHD---- C:\boot======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys []R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys []R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys []R1 AvgLdx64;AVG Free AVI Loader Driver x64; C:\Windows\System32\Drivers\avgldx64.sys []R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64; C:\Windows\System32\Drivers\avgmfx64.sys []R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2008-11-20 475696]R1 IDSvia64;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~3\Symantec\DEFINI~1\SymcData\ipsdefs\20090129.001\IDSvia64.sys [2008-12-05 368688]R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS []R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys []R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS []R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys []R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys []R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys []R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys []R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys []R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys []R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys []R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys []R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys []R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []R3 IntcHdmiAddService;Intel® High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys []R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys []R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys []R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS []R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS []R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS []R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS []R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS []R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys []R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys []S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys []S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []S3 COH_Mon;COH_Mon; \??\C:\Windows\system32\Drivers\COH_Mon.sys []S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys []S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-11-20 128048]S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys []S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys []S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []S3 NAVENG;NAVENG; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20090202.064\ENG64.SYS []S3 NAVEX15;NAVEX15; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20090202.064\EX64.SYS []S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x64.sys []S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []S3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS []S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS []S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_3c6572ef\AESTSr64.exe []R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agr64svc.exe []R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe [2009-04-15 298264]R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]R2 ccEvtMgr;Symantec Event Manager; c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]R2 ccSetMgr;Symantec Settings Manager; c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]R2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe []R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]R2 LiveUpdate Notice;LiveUpdate Notice; c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-04-24 292232]R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-04-24 112008]R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-04-26 361808]R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_3c6572ef\STacSV64.exe []R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2008-01-09 148832]R3 Symantec Core LC;Symantec Core LC; C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2008-08-04 1245064]S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-27 93184]S3 comHost;COM Host; c:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-08-22 267096]S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe [2009-02-24 242424]S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-08 271920]S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-27 441136]S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]S4 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]S4 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]S4 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-04-26 17:37:42======Uninstall list======-->"C:\Program Files (x86)\HP Games\7 Wonders II\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Amazing Adventures The Lost Tomb\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Belle's Beauty Boutique\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Blackhawk Striker 2\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Blasterball 3\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Boggle\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Build-a-lot\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Crystal Maze\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Diner Dash Hometown Hero\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Family Feud\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\FATE\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Jewel Quest Solitaire 2\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Luxor 3\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Mah Jong Quest\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\My HP Game Console\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Paradise Pet Salon\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Penguins!\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Pirateville\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Plant Tycoon\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Poker Superstars 2\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Polar Golfer\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Supercow\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Tradewinds\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Wedding Dash\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Wheel of Fortune\Uninstall.exe"-->"C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe"-->C:\Program Files (x86)\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL-->C:\Windows\UNNeroBackItUp.exe /UNINSTALLActivation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSEActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exeAdobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exeAdobe Reader 8.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}AML Free Registry Cleaner 4.16-->"C:\Program Files (x86)\AML Products\Registry Cleaner\unins000.exe"AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}Archiwizator WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exeavast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetupAVG Free 8.0-->C:\Program Files (x86)\AVG\AVG8\setup.exe /UNINSTALLccCommon-->MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118}CCleaner (remove only)-->"C:\Program Files (x86)\CCleaner\uninst.exe"Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}Component Framework-->MsiExec.exe /I{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}CyberLink DVD Suite-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe"  -uninstallCyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstallCyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstallESU for Microsoft Vista-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}Gadu-Gadu 7.7-->C:\Program Files (x86)\Gadu-Gadu\Setup.exeHijackThis 2.0.2-->"C:\Program Files (x86)\trend micro\HijackThis.exe" /uninstallHP Active Support Library-->C:\Program Files (x86)\InstallShield Installation Information\{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}\setup.exe -runfromtemp -l0x0409HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}\setup.exe" -l0x9  -removeonlyHP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}HP Help and Support-->MsiExec.exe /X{8DF92D68-F8EE-4F9C-89A2-26254C1C4B6B}HP MULTIPLE MODEM INSTALLER for VISTA-->MsiExec.exe /I{45A136EC-88BF-4B95-99F5-C45D3930E1CC}HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}HP Quick Launch Buttons 6.40 D3-->C:\Program Files (x86)\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 uninstHP QuickPlay 3.7-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe"  -uninstallHP Smart Web Printing-->msiexec /i{380357CA-29F4-4B3C-B401-32C057E6B59B}HP Total Care Advisor-->MsiExec.exe /X{f32502b5-5b64-4882-bf61-77f23edcac4f}HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}HP User Guides 0101-->MsiExec.exe /I{22712FAD-DE04-4D50-82A6-3C7AC5D55AA2}HP Wireless Assistant-->MsiExec.exe /I{340F521E-3576-4E1A-B75C-EB0ACF751379}HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}HPTCSSetup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FA3B34BE-4246-4062-90A3-34CBBEA12B72}\setup.exe" -l0x9  -removeonlyIDT Audio-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -l0x9 -remove -removeonlyJava 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}JMicron JMB38X Flash Media Controller-->"C:\Program Files (x86)\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" delpkgK-Lite Codec Pack 4.1.7 (Full)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"Komputerowy Słownik Niemiecko-Polski 0.7.8-->"C:\Program Files (x86)\NiemPol\unins001.exe"LabelPrint-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe"  -uninstallLightScribe System Software  1.12.33.2-->MsiExec.exe /X{582287DA-0806-4AC0-BF19-C15E3A466034}Microsoft Office Access MUI (Polish) 2007-->MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE}Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLLMicrosoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE}Microsoft Office Groove MUI (Polish) 2007-->MsiExec.exe /X{90120000-00BA-0415-0000-0000000FF1CE}Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLLMicrosoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}Microsoft Office InfoPath MUI (Polish) 2007-->MsiExec.exe /X{90120000-0044-0415-0000-0000000FF1CE}Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE}Microsoft Office Outlook MUI (Polish) 2007-->MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE}Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE}Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE}Microsoft Office Publisher MUI (Polish) 2007-->MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE}Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE}Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE}Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}Mozilla Firefox (3.0.9)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exeMSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}muvee autoProducer 6.1-->C:\Program Files (x86)\InstallShield Installation Information\{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}\muveesetup.exe -removeonly -runfromtempMy HP Games-->"C:\Program Files (x86)\HP Games\Uninstall.exe"Nero 7 Essentials-->MsiExec.exe /X{A2104078-AAA5-449E-95DD-55C9443A1045}neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}Netflix Movie Viewer-->MsiExec.exe /X{BCE72AED-3332-4863-9567-C5DCB9052CA2}Norton AntiVirus Help-->MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}Norton AntiVirus-->MsiExec.exe /X{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}Norton Confidential Core-->MsiExec.exe /I{55A6283C-638A-4EE0-B491-51118554BDA2}Norton Internet Security-->MsiExec.exe /I{C1C185CA-C531-49F5-A6FA-B838405A049D}Norton Protection Center-->MsiExec.exe /I{62120008-8E1E-4807-860D-A8B48F8552DB}Power2Go-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe"  -uninstallPowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstallQuickPlay SlingPlayer 0.4.6-->"C:\Program Files (x86)\HP\QuickPlay\unins000.exe"Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0009 -removeonlySkype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}Slingbox Flash Tour-->MsiExec.exe /I{38EAC694-0D90-445F-8C17-8B50ADFE3162}SlingPlayer-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{004B0DCB-4C60-465B-8F01-44B0A4111187} /l1033 Update for Office 2007 (KB934528)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B939677-2FFD-48F6-9075-7BF48CB87C80}Visual C++ 8.0 Runtime Setup Package (x64)-->MsiExec.exe /I{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}======Security center information======AV: AVG Anti-Virus FreeAV: Norton Internet Security (outdated)FW: Norton Internet SecurityAS: AVG Anti-Virus Free (disabled)AS: Spybot - Search and Destroy (outdated)AS: Windows DefenderAS: Norton Internet Security (outdated)======System event log======Computer Name: Paulina-PCEvent Code: 10002Message: WLAN Extensibility Module has stopped.Module Path: C:\Windows\System32\bcmihvsrv64.dllRecord Number: 50708Source Name: Microsoft-Windows-WLAN-AutoConfigTime Written: 20090426100053.930000-000Event Type: WarningUser: NT AUTHORITY\SYSTEMComputer Name: Paulina-PCEvent Code: 4001Message: WLAN AutoConfig service has successfully stopped.Record Number: 50709Source Name: Microsoft-Windows-WLAN-AutoConfigTime Written: 20090426100053.957000-000Event Type: WarningUser: NT AUTHORITY\SYSTEMComputer Name: Paulina-PCEvent Code: 15016Message: Unable to initialize the security package Kerberos for server side authentication.  The data field contains the error number.Record Number: 50727Source Name: Microsoft-Windows-HttpEventTime Written: 20090426140219.931594-000Event Type: ErrorUser: Computer Name: Paulina-PCEvent Code: 7022Message: The QuickPlay Background Capture Service (QBCS) service hung on starting.Record Number: 50803Source Name: Service Control ManagerTime Written: 20090426140404.000000-000Event Type: ErrorUser: Computer Name: Paulina-PCEvent Code: 7022Message: The QuickPlay Task Scheduler (QTS) service hung on starting.Record Number: 50804Source Name: Service Control ManagerTime Written: 20090426140404.000000-000Event Type: ErrorUser: =====Application event log=====Computer Name: Paulina-PCEvent Code: 10Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.Record Number: 13469Source Name: Microsoft-Windows-WMITime Written: 20090426091236.000000-000Event Type: ErrorUser: Computer Name: Paulina-PCEvent Code: 1000Message: Faulting application SymCUW.exe, version 8.1.0.28, time stamp 0x47c0ba4f, faulting module CUWUtils.dll, version 8.1.0.28, time stamp 0x47c0bc55, exception code 0xc0000005, fault offset 0x000083de, process id 0xa94, application start time 0x01c9c64fd7129420.Record Number: 13479Source Name: Application ErrorTime Written: 20090426091737.000000-000Event Type: ErrorUser: Computer Name: Paulina-PCEvent Code: 1530Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.   DETAIL -  1 user registry handles leaked from \Registry\User\S-1-5-21-2106922036-1505832077-1089443925-1000:Process 1012 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2106922036-1505832077-1089443925-1000Record Number: 13492Source Name: Microsoft-Windows-User Profiles ServiceTime Written: 20090426100051.000000-000Event Type: WarningUser: NT AUTHORITY\SYSTEMComputer Name: Paulina-PCEvent Code: 1530Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.   DETAIL -  1 user registry handles leaked from \Registry\User\S-1-5-21-2106922036-1505832077-1089443925-1000_Classes:Process 1012 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2106922036-1505832077-1089443925-1000_CLASSESRecord Number: 13493Source Name: Microsoft-Windows-User Profiles ServiceTime Written: 20090426100052.000000-000Event Type: WarningUser: NT AUTHORITY\SYSTEMComputer Name: Paulina-PCEvent Code: 10Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.Record Number: 13527Source Name: Microsoft-Windows-WMITime Written: 20090426140241.000000-000Event Type: ErrorUser: =====Security event log=====Computer Name: Paulina-PCEvent Code: 4634Message: An account was logged off.Subject:	Security ID:		S-1-5-7	Account Name:		ANONYMOUS LOGON	Account Domain:		NT AUTHORITY	Logon ID:		0x1ec0d3Logon Type:			3This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.Record Number: 15548Source Name: Microsoft-Windows-Security-AuditingTime Written: 20090426141333.259894-000Event Type: Audit SuccessUser: Computer Name: Paulina-PCEvent Code: 4624Message: An account was successfully logged on.Subject:	Security ID:		S-1-0-0	Account Name:		-	Account Domain:		-	Logon ID:		0x0Logon Type:			3New Logon:	Security ID:		S-1-5-7	Account Name:		ANONYMOUS LOGON	Account Domain:		NT AUTHORITY	Logon ID:		0x3db3c8	Logon GUID:		{00000000-0000-0000-0000-000000000000}Process Information:	Process ID:		0x0	Process Name:		-Network Information:	Workstation Name:	MUSTANG	Source Network Address:	192.168.142.157	Source Port:		4704Detailed Authentication Information:	Logon Process:		NtLmSsp 	Authentication Package:	NTLM	Transited Services:	-	Package Name (NTLM only):	NTLM V1	Key Length:		0This event is generated when a logon session is created. It is generated on the computer that was accessed.The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.The authentication information fields provide detailed information about this specific logon request.	- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.	- Transited services indicate which intermediate services have participated in this logon request.	- Package name indicates which sub-protocol was used among the NTLM protocols.	- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.Record Number: 15549Source Name: Microsoft-Windows-Security-AuditingTime Written: 20090426144535.472894-000Event Type: Audit SuccessUser: Computer Name: Paulina-PCEvent Code: 4634Message: An account was logged off.Subject:	Security ID:		S-1-5-7	Account Name:		ANONYMOUS LOGON	Account Domain:		NT AUTHORITY	Logon ID:		0x3db3c8Logon Type:			3This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.Record Number: 15550Source Name: Microsoft-Windows-Security-AuditingTime Written: 20090426144535.476894-000Event Type: Audit SuccessUser: Computer Name: Paulina-PCEvent Code: 4624Message: An account was successfully logged on.Subject:	Security ID:		S-1-0-0	Account Name:		-	Account Domain:		-	Logon ID:		0x0Logon Type:			3New Logon:	Security ID:		S-1-5-7	Account Name:		ANONYMOUS LOGON	Account Domain:		NT AUTHORITY	Logon ID:		0x5e3398	Logon GUID:		{00000000-0000-0000-0000-000000000000}Process Information:	Process ID:		0x0	Process Name:		-Network Information:	Workstation Name:	MUSTANG	Source Network Address:	192.168.142.157	Source Port:		1263Detailed Authentication Information:	Logon Process:		NtLmSsp 	Authentication Package:	NTLM	Transited Services:	-	Package Name (NTLM only):	NTLM V1	Key Length:		0This event is generated when a logon session is created. It is generated on the computer that was accessed.The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.The authentication information fields provide detailed information about this specific logon request.	- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.	- Transited services indicate which intermediate services have participated in this logon request.	- Package name indicates which sub-protocol was used among the NTLM protocols.	- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.Record Number: 15551Source Name: Microsoft-Windows-Security-AuditingTime Written: 20090426151735.438894-000Event Type: Audit SuccessUser: Computer Name: Paulina-PCEvent Code: 4634Message: An account was logged off.Subject:	Security ID:		S-1-5-7	Account Name:		ANONYMOUS LOGON	Account Domain:		NT AUTHORITY	Logon ID:		0x5e3398Logon Type:			3This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.Record Number: 15552Source Name: Microsoft-Windows-Security-AuditingTime Written: 20090426151735.445894-000Event Type: Audit SuccessUser: ======Environment variables======"ComSpec"=%SystemRoot%\system32\cmd.exe"FP_NO_HOST_CHECK"=NO"OS"=Windows_NT"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\CyberLink\Power2Go"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC"PROCESSOR_ARCHITECTURE"=AMD64"TEMP"=%SystemRoot%\TEMP"TMP"=%SystemRoot%\TEMP"USERNAME"=SYSTEM"windir"=%SystemRoot%"PROCESSOR_LEVEL"=6"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 15 Stepping 13, GenuineIntel"PROCESSOR_REVISION"=0f0d"NUMBER_OF_PROCESSORS"=2"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat"DFSTRACINGON"=FALSE"OnlineServices"=Online Services"Platform"=MCD"PCBRAND"=Pavilion-----------------EOF-----------------

Gość
komentarz
komentarz

W logach nic nie widzę. Mała kosmetyka. ;)

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)O4 - HKLM\..\Run: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"O4 - HKLM\..\Run: [ccApp] "c:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /StartO4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exeO4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exeO4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenO4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

Te w/w wpisy sfiksuj w Hijacku:

>>Hijack>>scan(Do a system scan only)>>zaznacz je >>Fix checked.

Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum.

.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.