Problem z sshnas21.dll

18 maja 2010

Witam.
Przy uruchamianiu Windows 7 64bit wyskakiwał komunikat o pliku sshnas21.dll.
Przeskanowałem komputer Malwerebytes' Anti-Malwere i komunikat zniknął, jednak chciałbym żeby ktoś rzucił okiem na logi z OTL czy wszystko jest już ok.
Oto logi:
OTL.txt [log]OTL logfile created on: 2010-05-18 17:12:03 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\user\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,66 Gb Total Space | 203,62 Gb Free Space | 44,88% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 74,52 Gb Total Space | 58,98 Gb Free Space | 79,14% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-KOMPUTER
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-05-18 17:11:08 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
PRC - [2010-05-06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-05-04 21:56:02 | 000,219,128 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010-05-04 16:05:48 | 011,981,408 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe
PRC - [2010-04-28 15:06:30 | 000,142,120 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2010-04-16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-04-08 13:20:00 | 000,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
PRC - [2010-04-03 13:52:13 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010-03-06 12:47:52 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2009-12-22 10:21:00 | 000,600,688 | ---- | M] (Chicony) -- C:\Program Files (x86)\Video Web Camera\traybar.exe
PRC - [2009-12-16 08:16:04 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009-11-06 01:05:42 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009-10-29 13:31:20 | 000,262,912 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
PRC - [2009-10-29 13:31:00 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
PRC - [2009-10-13 21:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009-10-13 21:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009-09-30 14:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009-09-30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009-09-20 13:36:12 | 000,270,336 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2009-09-20 13:15:26 | 000,116,280 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
PRC - [2009-09-20 13:07:24 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2009-09-20 13:07:24 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
PRC - [2009-09-17 08:50:14 | 001,157,640 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009-08-28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [psvc]
PRC - [2009-07-04 04:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
PRC - [2009-05-21 19:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
PRC - [2009-04-16 00:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2009-03-15 12:15:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2007-05-08 17:24:20 | 000,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
PRC - [2001-11-29 01:50:00 | 001,769,472 | ---- | M] (Borland Software Corporation) -- C:\Program Files (x86)\Borland\InterBase\bin\ibserver.exe
PRC - [2001-11-29 01:50:00 | 000,032,768 | ---- | M] (Borland Software Corporation) -- C:\Program Files (x86)\Borland\InterBase\bin\ibguard.exe

[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-05-18 17:11:08 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
MOD - [2010-02-18 09:34:01 | 012,867,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2009-12-11 09:39:06 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2009-12-11 09:36:33 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2009-07-14 03:17:51 | 001,289,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2009-07-14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009-07-14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009-07-14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009-07-14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2009-07-14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2009-07-14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009-07-14 03:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2009-07-14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009-07-14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2009-07-14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2009-07-14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009-07-14 03:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009-07-14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:[b]64bit:[/b] - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:[b]64bit:[/b] - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2010-04-07 04:12:18 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009-11-02 13:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:[b]64bit:[/b] - [2009-10-29 12:10:02 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:[b]64bit:[/b] - [2009-10-02 19:39:44 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:[b]64bit:[/b] - [2009-07-22 18:59:40 | 003,935,232 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files\Firebird\Firebird_2_1\bin\fb_inet_server.exe -- (FirebirdServerDefaultInstance)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:[b]64bit:[/b] - [2009-07-04 04:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010-05-04 21:56:02 | 000,219,128 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010-04-16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-03-06 12:47:52 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010-01-06 20:32:34 | 000,960,000 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertTransactionMonitor\hkTRMon.exe -- (IBExpertTransactionMonitor)
SRV - [2010-01-06 20:32:30 | 000,677,888 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertJobScheduler\hkJS.exe -- (IBExpertJobScheduler)
SRV - [2010-01-06 20:32:26 | 000,765,952 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertInstanceManager\hkIM.exe -- (IBExpertInstanceManager)
SRV - [2010-01-06 20:32:22 | 001,027,584 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertBackupRestore\hkIBRS.exe -- (IBExpertBackupRestore)
SRV - [2010-01-06 20:32:18 | 000,638,464 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertSQLMonitor\StatToHtml.exe -- (IBExpertSQLMonitorHtmlMaker)
SRV - [2010-01-06 20:32:16 | 001,306,624 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertSQLMonitor\StatToDB.exe -- (IBExpertSQLMonitorDB)
SRV - [2010-01-06 20:32:12 | 001,489,920 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertSQLMonitor\hkProxy.exe -- (IBExpertSQLMonitor)
SRV - [2009-10-29 13:31:00 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009-10-13 21:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2009-09-30 14:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009-09-30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009-09-20 12:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009-08-28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009-07-28 22:25:34 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-07-14 05:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)
SRV - [2009-07-14 05:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009-07-14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009-07-14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009-07-13 22:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009-06-10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008-10-25 12:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2007-05-31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2001-11-29 01:50:00 | 001,769,472 | ---- | M] (Borland Software Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Borland\InterBase\bin\ibserver.exe -- (InterBaseServer)
SRV - [2001-11-29 01:50:00 | 000,032,768 | ---- | M] (Borland Software Corporation) [Auto | Running] -- C:\Program Files (x86)\Borland\InterBase\bin\ibguard.exe -- (InterBaseGuardian)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2010-05-06 22:39:27 | 000,051,280 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2010-05-06 22:39:06 | 000,121,936 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2010-05-06 22:34:30 | 000,028,752 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2010-05-06 22:34:14 | 000,063,568 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2010-05-06 22:33:50 | 000,022,096 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2010-04-07 04:44:06 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2010-04-07 04:44:06 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2010-04-07 03:23:30 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2009-12-21 21:39:48 | 000,019,912 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:[b]64bit:[/b] - [2009-12-21 21:39:44 | 000,013,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:[b]64bit:[/b] - [2009-12-11 12:29:27 | 000,153,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:[b]64bit:[/b] - [2009-11-06 06:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009-11-02 13:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:[b]64bit:[/b] - [2009-10-23 07:27:12 | 000,307,760 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2009-10-13 21:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009-10-12 13:00:52 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2009-10-05 09:49:34 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:[b]64bit:[/b] - [2009-10-02 02:47:38 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:[b]64bit:[/b] - [2009-09-26 08:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:[b]64bit:[/b] - [2009-09-17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:[b]64bit:[/b] - [2009-09-02 03:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:[/b] - [2009-08-28 13:15:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:[b]64bit:[/b] - [2009-08-28 13:15:26 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:[b]64bit:[/b] - [2009-08-05 22:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:[b]64bit:[/b] - [2009-07-14 03:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:[b]64bit:[/b] - [2009-07-14 02:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:[b]64bit:[/b] - [2009-07-14 02:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:[b]64bit:[/b] - [2009-07-14 02:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:[b]64bit:[/b] - [2009-07-14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifimp.sys -- (vwifimp)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:00 | 000,184,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:00 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthpan.sys -- (BthPan) Urządzenie Bluetooth (sieć osobista)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:57 | 000,551,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthport.sys -- (BTHPORT)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:56 | 000,158,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rfcomm.sys -- (RFCOMM) Urządzenie Bluetooth (Protokół TDI RFCOMM)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:53 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthenum.sys -- (BthEnum)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:52 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BTHUSB.SYS -- (BTHUSB)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:28 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winusb.sys -- (WinUsb)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:[b]64bit:[/b] - [2009-07-14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:[b]64bit:[/b] - [2009-07-14 02:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:[b]64bit:[/b] - [2009-07-14 01:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:[b]64bit:[/b] - [2009-07-14 01:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:[b]64bit:[/b] - [2009-07-14 01:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:[b]64bit:[/b] - [2009-07-14 01:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:[b]64bit:[/b] - [2009-07-14 01:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:[b]64bit:[/b] - [2009-07-14 01:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:[b]64bit:[/b] - [2009-07-14 01:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:[b]64bit:[/b] - [2009-07-01 06:46:58 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:[b]64bit:[/b] - [2009-06-24 12:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2009-05-06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:[b]64bit:[/b] - [2009-05-06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:[b]64bit:[/b] - [2009-04-07 09:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:[b]64bit:[/b] - [2009-03-15 12:32:56 | 000,085,424 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009-09-02 03:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\winusb.dll -- (WinUsb)
DRV - [2009-07-14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009-06-10 23:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009-06-10 23:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2009-03-26 05:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\DKbFltr.sys -- (DKbFltr) Dritek Keyboard Filter Driver (64-bit)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443
IE - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443
IE - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-02-23 20:11:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-05-01 11:23:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-05-13 20:04:44 | 000,000,000 | ---D | M]

[2010-02-20 17:45:13 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Extensions
[2010-05-17 18:32:40 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\8lfqv2rf.default\extensions
[2010-02-23 18:47:48 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\8lfqv2rf.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010-04-25 12:35:28 | 000,001,728 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\FireFox\Profiles\8lfqv2rf.default\searchplugins\google-pl.xml
[2010-05-17 18:32:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010-05-13 20:04:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010-01-16 03:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2010-01-16 03:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2010-01-16 03:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-16 03:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2010-01-16 03:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-16 03:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll (Google Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Pomocnik rejestracji usługi Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:[b]64bit:[/b] - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files (x86)\Video Web Camera\traybar.exe (Chicony)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.2
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\SETUP.EXE -- File not found
O33 - MountPoints2\F\Shell\configure\command - "" = F:\SETUP.EXE -- File not found
O33 - MountPoints2\F\Shell\install\command - "" = F:\SETUP.EXE -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:[b]64bit:[/b] Ias - C:\Windows\SysNative\ias [2009-07-14 05:20:14 | 000,000,000 | ---D | M]
NetSvcs:[b]64bit:[/b] Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] Themes - C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] BDESVC - C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
NetSvcs: Ias - C:\Windows\SysWOW64\ias.dll (Microsoft Corporation)
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)

SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Power - C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] RpcEptMapper - C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] WudfPf - C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: VDS - C:\Windows\SysWOW64\wbem\vds.mof ()
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] Dhcp - C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] ndiscap - C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Power - C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] RpcEptMapper - C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfPf - C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: Dhcp - C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MPSDrv - C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOS - C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: Tcpip - C:\Windows\SysWOW64\wbem\tcpip.mof ()
SafeBootNet: TDI - Driver Group
SafeBootNet: VDS - C:\Windows\SysWOW64\wbem\vds.mof ()
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-05-18 17:11:03 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2010-05-18 16:55:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Malwarebytes
[2010-05-18 16:55:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010-05-18 16:55:21 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010-05-18 16:55:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010-05-18 16:55:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-05-18 16:48:42 | 000,000,000 | ---D | C] -- C:\_OTM
[2010-05-18 16:32:34 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2010-05-18 16:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010-05-17 22:09:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AudioLabel
[2010-05-17 20:27:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CdCoverCreator
[2010-05-04 20:12:24 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010-05-04 20:10:19 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010-05-04 20:09:47 | 000,000,000 | ---D | C] -- C:\ATI
[2010-05-04 19:44:09 | 000,000,000 | ---D | C] -- C:\AMD
[2010-05-03 14:41:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\psconvert
[2010-05-03 14:41:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\psconv
[2010-05-01 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Folder wymiany interfejsu Bluetooth
[2010-05-01 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Broadcom
[2010-05-01 11:50:26 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Tapety
[2010-05-01 11:25:04 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Apple Computer
[2010-05-01 11:25:04 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apple Computer
[2010-05-01 11:24:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010-05-01 11:24:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010-05-01 11:24:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010-05-01 11:24:09 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010-05-01 11:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010-05-01 11:23:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010-05-01 11:23:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010-05-01 11:23:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apple
[2010-05-01 11:23:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010-05-01 11:23:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010-05-01 11:23:04 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010-05-01 11:23:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010-05-01 11:23:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010-05-01 11:23:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010-04-21 21:09:55 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\boilsoft
[2010-04-15 21:46:06 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile
[2010-04-07 04:13:00 | 000,455,168 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2010-04-07 04:12:18 | 000,202,752 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2010-04-07 04:10:56 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2010-04-07 04:10:40 | 000,421,376 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2010-04-07 04:10:32 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2010-04-07 04:10:18 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2010-04-07 04:10:12 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2010-04-07 04:10:08 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2010-04-07 04:10:00 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2010-04-07 03:46:50 | 000,055,296 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2010-04-06 13:03:17 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-04-06 13:01:19 | 000,000,000 | ---D | C] -- C:\Users\user\.java
[2010-04-06 12:57:10 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010-04-06 12:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-04-06 12:55:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010-04-06 12:53:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010-04-06 12:29:36 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\SecondLife
[2010-04-06 12:29:36 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\SecondLife
[2010-03-28 22:07:56 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\SysWow64\avastSS.scr
[2010-03-28 22:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010-03-28 21:44:31 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\skypePM
[2010-03-28 21:43:57 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Skype
[2010-03-28 21:42:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010-03-28 21:42:27 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010-03-28 21:42:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-05-18 17:13:21 | 002,359,296 | -HS- | M] () -- C:\Users\user\NTUSER.DAT
[2010-05-18 17:11:08 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2010-05-18 17:10:11 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-05-18 17:10:11 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-05-18 17:06:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-05-18 17:04:10 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempyl2416.html
[2010-05-18 17:04:10 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempwP2416.html
[2010-05-18 17:03:05 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-05-18 17:03:04 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-05-18 17:02:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-05-18 17:02:45 | 3113,304,064 | -HS- | M] () -- C:\hiberfil.sys
[2010-05-18 17:02:08 | 008,008,303 | -H-- | M] () -- C:\Users\user\AppData\Local\IconCache.db
[2010-05-18 16:55:24 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-05-18 16:52:40 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010-05-18 16:51:20 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempYi3108.html
[2010-05-18 16:51:20 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempcu3108.html
[2010-05-18 16:48:43 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempaE1996.html
[2010-05-18 16:48:43 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempny1996.html
[2010-05-18 16:34:21 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempAH2152.html
[2010-05-18 16:34:21 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempqX2152.html
[2010-05-18 16:32:34 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2010-05-18 16:04:36 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempWi2908.html
[2010-05-18 16:04:36 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempQU2908.html
[2010-05-18 15:53:13 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempkz2232.html
[2010-05-18 15:38:37 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempms3760.html
[2010-05-18 15:38:37 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempcy3760.html
[2010-05-18 15:08:06 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempBU4088.html
[2010-05-18 15:08:06 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempbE4088.html
[2010-05-17 22:09:17 | 000,001,047 | ---- | M] () -- C:\Users\user\Desktop\AudioLabel.lnk
[2010-05-16 19:39:32 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempCS2732.html
[2010-05-16 19:39:32 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempFV2732.html
[2010-05-16 16:43:01 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempGl3312.html
[2010-05-16 16:43:01 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempge3312.html
[2010-05-15 14:07:48 | 000,024,930 | ---- | M] () -- C:\Users\user\Documents\Kwalifikacje nauczycieli wynikające z rozporządzenia MEN z dnia 12 marca 2009 r.docx
[2010-05-14 17:52:59 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempNs4012.html
[2010-05-14 17:52:59 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempco4012.html
[2010-05-13 08:23:38 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempaK3984.html
[2010-05-13 08:23:38 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempOL3984.html
[2010-05-13 03:17:35 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempYz3848.html
[2010-05-13 03:17:35 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempLG3848.html
[2010-05-07 23:48:15 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempjR3804.html
[2010-05-07 23:48:15 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempuP3804.html
[2010-05-07 23:09:57 | 001,532,096 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-05-07 23:09:57 | 000,691,176 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2010-05-07 23:09:57 | 000,610,094 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-05-07 23:09:57 | 000,132,638 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2010-05-07 23:09:57 | 000,104,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-05-07 21:34:42 | 000,000,286 | ---- | M] () -- C:\Windows\game.ini
[2010-05-07 21:20:41 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempue3452.html
[2010-05-07 21:20:41 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempsW3452.html
[2010-05-07 21:20:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010-05-07 20:49:43 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempOr4240.html
[2010-05-07 20:49:43 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempCS4240.html
[2010-05-07 18:24:46 | 000,041,939 | ---- | M] () -- C:\Users\user\Desktop\na okładke.jpg
[2010-05-06 22:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010-05-06 22:39:27 | 000,051,280 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010-05-06 22:39:06 | 000,121,936 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010-05-06 22:34:30 | 000,028,752 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010-05-06 22:34:14 | 000,063,568 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010-05-06 22:33:50 | 000,022,096 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010-05-05 20:06:52 | 005,262,901 | ---- | M] () -- C:\Users\user\Desktop\Kuba.JPG
[2010-05-05 20:04:18 | 003,831,410 | ---- | M] () -- C:\Users\user\Desktop\Tymon1.jpg
[2010-05-05 20:01:54 | 006,820,838 | ---- | M] () -- C:\Users\user\Desktop\chłopcy1.jpg
[2010-05-04 21:56:02 | 000,219,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010-05-04 21:56:02 | 000,219,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010-05-04 08:20:24 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempar3792.html
[2010-05-03 15:31:36 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempOC3224.html
[2010-05-03 15:31:36 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempoY3224.html
[2010-05-03 14:41:16 | 000,000,164 | ---- | M] () -- C:\Windows\SysWow64\psconv.ini
[2010-05-02 13:17:07 | 000,229,863 | ---- | M] () -- C:\Windows\hpoins19.dat
[2010-05-02 13:16:03 | 000,000,513 | ---- | M] () -- C:\Windows\win.ini
[2010-05-01 15:18:12 | 000,001,553 | ---- | M] () -- C:\Users\user\Desktop\IBExpert.lnk
[2010-04-30 21:06:03 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempoN3228.html
[2010-04-29 22:24:51 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempXs4048.html
[2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010-04-29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010-04-28 22:12:10 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempFk4044.html
[2010-04-28 22:12:10 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TemptB4044.html
[2010-04-28 19:03:49 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TemplU4040.html
[2010-04-28 19:03:49 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TemphZ4040.html
[2010-04-26 22:48:33 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempVN4028.html
[2010-04-25 16:26:16 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempTX4016.html
[2010-04-25 13:19:23 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempQN3356.html
[2010-04-24 19:36:31 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempDO1036.html
[2010-04-24 19:24:49 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Templc4384.html
[2010-04-24 19:22:38 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempnG6092.html
[2010-04-24 19:22:38 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempHK6092.html
[2010-04-23 21:56:28 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempyX3896.html
[2010-04-23 21:56:28 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempfm3896.html
[2010-04-22 19:35:05 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempaX4076.html
[2010-04-22 19:35:05 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempyC4076.html
[2010-04-20 22:59:10 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempUd4016.html
[2010-04-20 22:59:10 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempJi4016.html
[2010-04-20 16:48:28 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempQr3872.html
[2010-04-20 16:48:28 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempKL3872.html
[2010-04-17 14:52:21 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempze4068.html
[2010-04-17 14:52:21 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempLu4068.html
[2010-04-16 23:14:48 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempKp3824.html
[2010-04-16 23:14:48 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempzY3824.html
[2010-04-16 19:13:50 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempGi3692.html
[2010-04-16 19:13:50 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempgY3692.html
[2010-04-15 21:46:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2010-04-15 21:29:58 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempiS3684.html
[2010-04-15 21:29:58 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempYS3684.html
[2010-04-15 16:54:52 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempUS3908.html
[2010-04-15 16:54:52 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempLm3908.html
[2010-04-15 14:59:30 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempEv3596.html
[2010-04-15 14:59:30 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempYl3596.html
[2010-04-14 22:01:12 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempzm2420.html
[2010-04-14 22:01:12 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempfr2420.html
[2010-04-14 18:47:23 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\SysWow64\avastSS.scr
[2010-04-14 18:31:36 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempss3744.html
[2010-04-14 18:31:36 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempLw3744.html
[2010-04-13 22:13:55 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempnu4280.html
[2010-04-13 22:13:55 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Temphl4280.html
[2010-04-10 21:30:36 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempVH3052.html
[2010-04-10 21:30:36 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempGj3052.html
[2010-04-09 21:31:41 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TemphW4336.html
[2010-04-09 21:31:41 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempwh4336.html
[2010-04-09 16:44:29 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempyr3852.html
[2010-04-09 16:44:29 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempPz3852.html
[2010-04-08 19:51:58 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempee2720.html
[2010-04-08 19:51:58 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempcu2720.html
[2010-04-07 04:16:34 | 000,038,400 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2010-04-07 04:13:00 | 000,455,168 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2010-04-07 04:12:18 | 000,202,752 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2010-04-07 04:10:56 | 000,120,320 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2010-04-07 04:10:40 | 000,421,376 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2010-04-07 04:10:32 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2010-04-07 04:10:18 | 000,278,528 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2010-04-07 04:10:12 | 000,012,288 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2010-04-07 04:10:08 | 000,059,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2010-04-07 04:10:00 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2010-04-07 03:46:50 | 000,055,296 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst.dll
[2010-04-07 03:25:00 | 000,515,424 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2010-04-07 03:20:44 | 000,515,424 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2010-04-05 16:23:21 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempHO5608.html
[2010-04-05 16:23:21 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempue5608.html
[2010-04-05 11:20:07 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempdq4716.html
[2010-04-05 11:20:07 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempoG4716.html
[2010-04-04 16:08:37 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempQn3612.html
[2010-04-04 16:08:37 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempPf3612.html
[2010-04-04 16:05:06 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempzc2992.html
[2010-04-04 16:05:06 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempoN2992.html
[2010-04-03 16:12:57 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempgF2632.html
[2010-04-03 16:12:57 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempcV2632.html
[2010-04-02 18:09:08 | 000,002,023 | ---- | M] () -- C:\Windows\SysWow64\atipblag.dat
[2010-04-02 18:09:08 | 000,002,023 | ---- | M] () -- C:\Windows\SysNative\atipblag.dat
[2010-04-02 16:36:41 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempbm2644.html
[2010-04-02 16:36:41 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempOW2644.html
[2010-04-02 13:05:09 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempTb3416.html
[2010-04-02 13:05:09 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempPU3416.html
[2010-04-01 19:41:20 | 001,549,394 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010-04-01 11:34:28 | 000,020,862 | ---- | M] () -- C:\Windows\atiogl.xml
[2010-03-31 16:59:37 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempDy2172.html
[2010-03-31 16:59:37 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempcO2172.html
[2010-03-30 22:04:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010-03-30 14:07:26 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempTP2608.html
[2010-03-30 14:07:26 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempmv2608.html
[2010-03-30 10:06:02 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempvJ3260.html
[2010-03-30 10:06:02 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempae3260.html
[2010-03-29 20:24:49 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempWg2636.html
[2010-03-29 20:24:49 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempKH2636.html
[2010-03-29 18:51:40 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempTx2852.html
[2010-03-29 18:51:40 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempgv2852.html
[2010-03-28 23:07:18 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempIV2836.html
[2010-03-28 23:07:18 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempEQ2836.html
[2010-03-28 22:08:41 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempxD2868.html
[2010-03-28 22:08:41 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempkm2868.html
[2010-03-28 21:44:32 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010-03-28 16:39:31 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempCb2520.html
[2010-03-28 16:39:31 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempBe2520.html
[2010-03-27 22:06:33 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempqS2808.html
[2010-03-27 22:06:33 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempmi2808.html
[2010-03-27 17:48:32 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempxj2952.html
[2010-03-27 17:48:32 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempIP2952.html
[2010-03-26 12:11:05 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempWj2720.html
[2010-03-26 12:11:05 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempAu2720.html
[2010-03-24 17:21:15 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempbR1816.html
[2010-03-24 17:21:15 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempCC1816.html
[2010-03-23 09:28:34 | 000,031,744 | ---- | M] () -- C:\Users\user\Documents\Urodziłem się wtedy mniej więcej.doc
[2010-03-21 23:40:33 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TemppL2256.html
[2010-03-21 23:40:33 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempow2256.html
[2010-03-21 17:56:39 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempWV2996.html
[2010-03-21 17:56:39 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempxq2996.html
[2010-03-20 20:01:35 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempOh2992.html
[2010-03-20 20:01:35 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Temptf2992.html

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-05-18 17:04:10 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempyl2416.html
[2010-05-18 17:04:10 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempwP2416.html
[2010-05-18 16:55:24 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-05-18 16:50:44 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempYi3108.html
[2010-05-18 16:50:44 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempcu3108.html
[2010-05-18 16:38:32 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010-05-18 16:36:51 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempaE1996.html
[2010-05-18 16:36:51 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempny1996.html
[2010-05-18 16:06:34 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempAH2152.html
[2010-05-18 16:06:34 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempqX2152.html
[2010-05-18 15:55:53 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempWi2908.html
[2010-05-18 15:55:53 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempQU2908.html
[2010-05-18 15:40:42 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempkz2232.html
[2010-05-18 15:31:41 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempms3760.html
[2010-05-18 15:31:41 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempcy3760.html
[2010-05-17 22:09:17 | 000,001,047 | ---- | C] () -- C:\Users\user\Desktop\AudioLabel.lnk
[2010-05-17 08:18:40 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempBU4088.html
[2010-05-17 08:18:40 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempbE4088.html
[2010-05-16 19:39:32 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempCS2732.html
[2010-05-16 19:39:32 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempFV2732.html
[2010-05-15 14:07:48 | 000,024,930 | ---- | C] () -- C:\Users\user\Documents\Kwalifikacje nauczycieli wynikające z rozporządzenia MEN z dnia 12 marca 2009 r.docx
[2010-05-14 20:05:02 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempGl3312.html
[2010-05-14 20:05:02 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempge3312.html
[2010-05-13 08:24:05 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempNs4012.html
[2010-05-13 08:24:05 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempco4012.html
[2010-05-13 03:19:29 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempaK3984.html
[2010-05-13 03:19:29 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempOL3984.html
[2010-05-08 04:13:11 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempYz3848.html
[2010-05-08 04:13:11 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempLG3848.html
[2010-05-07 21:22:41 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempjR3804.html
[2010-05-07 21:22:41 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempuP3804.html
[2010-05-07 21:15:21 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempue3452.html
[2010-05-07 21:15:21 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempsW3452.html
[2010-05-07 18:24:45 | 000,041,939 | ---- | C] () -- C:\Users\user\Desktop\na okładke.jpg
[2010-05-06 18:02:58 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempOr4240.html
[2010-05-06 18:02:58 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempCS4240.html
[2010-05-05 20:04:14 | 003,831,410 | ---- | C] () -- C:\Users\user\Desktop\Tymon1.jpg
[2010-05-05 20:01:51 | 006,820,838 | ---- | C] () -- C:\Users\user\Desktop\chłopcy1.jpg
[2010-05-04 21:04:24 | 005,262,901 | ---- | C] () -- C:\Users\user\Desktop\Kuba.JPG
[2010-05-03 17:29:49 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempar3792.html
[2010-05-03 14:41:16 | 000,000,164 | ---- | C] () -- C:\Windows\SysWow64\psconv.ini
[2010-05-03 14:40:40 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfmonnt.dll
[2010-05-02 17:06:24 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempOC3224.html
[2010-05-02 17:06:24 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempoY3224.html
[2010-04-30 20:47:27 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempoN3228.html
[2010-04-29 20:02:54 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempXs4048.html
[2010-04-28 19:19:17 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempFk4044.html
[2010-04-28 19:19:17 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TemptB4044.html
[2010-04-28 03:17:59 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TemplU4040.html
[2010-04-28 03:17:59 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TemphZ4040.html
[2010-04-25 19:48:47 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempVN4028.html
[2010-04-25 16:26:08 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempTX4016.html
[2010-04-25 12:16:47 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempQN3356.html
[2010-04-24 19:36:25 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempDO1036.html
[2010-04-24 19:24:35 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Templc4384.html
[2010-04-23 21:56:58 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempnG6092.html
[2010-04-23 21:56:58 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempHK6092.html
[2010-04-23 21:55:25 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempyX3896.html
[2010-04-23 21:55:25 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempfm3896.html
[2010-04-22 19:36:29 | 000,001,553 | ---- | C] () -- C:\Users\user\Desktop\IBExpert.lnk
[2010-04-22 19:33:43 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempaX4076.html
[2010-04-22 19:33:43 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempyC4076.html
[2010-04-20 18:26:43 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempUd4016.html
[2010-04-20 18:26:43 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempJi4016.html
[2010-04-20 14:25:12 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempQr3872.html
[2010-04-20 14:25:12 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempKL3872.html
[2010-04-17 14:51:28 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempze4068.html
[2010-04-17 14:51:28 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempLu4068.html
[2010-04-16 19:43:00 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempKp3824.html
[2010-04-16 19:43:00 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempzY3824.html
[2010-04-15 21:46:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2010-04-15 21:31:24 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempGi3692.html
[2010-04-15 21:31:24 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempgY3692.html
[2010-04-15 21:23:19 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempiS3684.html
[2010-04-15 21:23:19 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempYS3684.html
[2010-04-15 15:25:09 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempUS3908.html
[2010-04-15 15:25:09 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempLm3908.html
[2010-04-15 08:29:28 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempEv3596.html
[2010-04-15 08:29:28 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempYl3596.html
[2010-04-14 18:49:14 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempzm2420.html
[2010-04-14 18:49:14 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempfr2420.html
[2010-04-14 03:17:52 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempss3744.html
[2010-04-14 03:17:52 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempLw3744.html
[2010-04-13 17:55:01 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempnu4280.html
[2010-04-13 17:55:01 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Temphl4280.html
[2010-04-10 20:34:53 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempVH3052.html
[2010-04-10 20:34:53 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempGj3052.html
[2010-04-09 20:34:36 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TemphW4336.html
[2010-04-09 20:34:36 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempwh4336.html
[2010-04-09 14:52:52 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempyr3852.html
[2010-04-09 14:52:52 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempPz3852.html
[2010-04-07 04:16:34 | 000,038,400 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2010-04-07 03:25:00 | 000,515,424 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2010-04-07 03:20:44 | 000,515,424 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2010-04-05 19:50:40 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempee2720.html
[2010-04-05 19:50:40 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempcu2720.html
[2010-04-05 14:52:32 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempHO5608.html
[2010-04-05 14:52:32 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempue5608.html
[2010-04-04 18:12:24 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempdq4716.html
[2010-04-04 18:12:24 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempoG4716.html
[2010-04-04 16:06:48 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempQn3612.html
[2010-04-04 16:06:48 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempPf3612.html
[2010-04-04 16:04:57 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempzc2992.html
[2010-04-04 16:04:57 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempoN2992.html
[2010-04-02 23:27:21 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempgF2632.html
[2010-04-02 23:27:21 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempcV2632.html
[2010-04-02 18:09:08 | 000,002,023 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010-04-02 18:09:08 | 000,002,023 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2010-04-02 13:38:43 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempbm2644.html
[2010-04-02 13:38:43 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempOW2644.html
[2010-04-01 19:41:20 | 001,549,394 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010-04-01 12:59:49 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempTb3416.html
[2010-04-01 12:59:49 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempPU3416.html
[2010-04-01 11:34:28 | 000,020,862 | ---- | C] () -- C:\Windows\atiogl.xml
[2010-03-31 12:49:46 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempDy2172.html
[2010-03-31 12:49:46 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempcO2172.html
[2010-03-30 22:04:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010-03-30 12:14:54 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempTP2608.html
[2010-03-30 12:14:54 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempmv2608.html
[2010-03-30 09:37:36 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempvJ3260.html
[2010-03-30 09:37:36 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempae3260.html
[2010-03-29 18:53:31 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempWg2636.html
[2010-03-29 18:53:31 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempKH2636.html
[2010-03-29 09:37:23 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempTx2852.html
[2010-03-29 09:37:23 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempgv2852.html
[2010-03-28 22:10:46 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempIV2836.html
[2010-03-28 22:10:46 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempEQ2836.html
[2010-03-28 21:44:32 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010-03-28 21:30:04 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempxD2868.html
[2010-03-28 21:30:04 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempkm2868.html
[2010-03-27 23:05:13 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempCb2520.html
[2010-03-27 23:05:13 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempBe2520.html
[2010-03-27 18:06:17 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempqS2808.html
[2010-03-27 18:06:17 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempmi2808.html
[2010-03-26 12:13:22 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempxj2952.html
[2010-03-26 12:13:22 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempIP2952.html
[2010-03-24 17:23:41 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempWj2720.html
[2010-03-24 17:23:41 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempAu2720.html
[2010-03-22 21:34:04 | 000,031,744 | ---- | C] () -- C:\Users\user\Documents\Urodziłem się wtedy mniej więcej.doc
[2010-03-22 08:57:13 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempbR1816.html
[2010-03-22 08:57:13 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempCC1816.html
[2010-03-21 22:04:35 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TemppL2256.html
[2010-03-21 22:04:35 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempow2256.html
[2010-03-21 17:56:19 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempWV2996.html
[2010-03-21 17:56:19 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempxq2996.html
[2010-03-20 19:22:58 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempOh2992.html
[2010-03-20 19:22:58 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Temptf2992.html
[2010-03-01 22:17:36 | 000,000,286 | ---- | C] () -- C:\Windows\game.ini
[2010-02-20 18:43:29 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-02-20 17:53:02 | 000,055,808 | ---- | C] () -- C:\Windows\SysWow64\ActPanel.dll
[2009-12-26 18:12:17 | 000,000,169 | ---- | C] () -- C:\Windows\PidList.ini
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007-06-19 09:59:36 | 000,070,400 | ---- | C] () -- C:\Windows\SysWow64\PhysXLoader.dll
[2007-04-20 08:57:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2002-08-09 16:00:00 | 000,375,296 | ---- | C] () -- C:\Windows\SysWow64\WSIHK32.DLL
[2002-08-09 16:00:00 | 000,131,584 | ---- | C] () -- C:\Windows\SysWow64\WSIWIN32.DLL

[color=#E56717]========== LOP Check ==========[/color]

[2010-02-20 16:59:26 | 000,000,000 | -HSD | M] -- C:\Users\user\AppData\Roaming\.#
[2010-05-16 21:44:54 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\BESTplayer
[2010-04-21 21:09:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\boilsoft
[2010-02-21 20:05:08 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Gadu-Gadu 10
[2010-02-24 22:38:51 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\HK-Software
[2010-02-20 14:16:14 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Packard Bell
[2010-04-06 12:30:07 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SecondLife
[2010-05-18 17:05:31 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\uTorrent
[2010-05-18 16:52:40 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2009-07-14 07:08:49 | 000,028,852 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-11-06 00:35:43 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010-05-18 17:02:45 | 3113,304,064 | -HS- | M] () -- C:\hiberfil.sys
[2010-05-18 17:02:51 | 4151,074,816 | -HS- | M] () -- C:\pagefile.sys
[2009-11-06 00:45:33 | 000,003,274 | -H-- | M] () -- C:\RHDSetup.log

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009-10-28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009-10-28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< End of report >
[/log]
extras.txt -[log]OTL Extras logfile created on: 2010-05-18 17:12:03 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\user\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,66 Gb Total Space | 203,62 Gb Free Space | 44,88% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 74,52 Gb Total Space | 58,98 Gb Free Space | 79,14% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-KOMPUTER
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1661724614-3112423942-4075231741-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{1A300085-6A46-2B37-60E0-2C151E24DD66}" = ccc-utility64
"{26A24AE4-039D-4CA4-87B4-2F86416019FF}" = Java(TM) 6 Update 19 (64-bit)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{404BB1FF-A84F-432F-B77B-301E88E8D1C7}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum obsługi urządzeń z systemem Windows Mobile
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88363A53-C537-77C9-863D-C20147EF4AC0}" = ATI Catalyst Install Manager
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96D5EB02-DE18-4DCD-A713-929B4461CA8D}" = iTunes
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{C19D4D8F-4433-4F6D-9F0C-79589FD0B973}" = Bonjour
"3932CA781A7894D20116FDF60F878301800EA8AB" = Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"FBDBServer_2_1_x64_is1" = Firebird 2.1.3.18185 (x64)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02c6547c-700b-486e-821e-065148c9915a}" = Nero 9 Essentials
"{03C754B5-243B-41AC-93B1-932952F1CAB7}_is1" = Partition Wizard Business Edition 4.2.2
"{052DE950-9FE3-577E-996A-90C870A59A01}" = Catalyst Control Center Graphics Full New
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{12A1B519-5934-4508-ADBD-335347B0DC87}" = Video Web Camera
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22DD005D-0EF1-4E3E-92F8-49D89E31479A}" = 1400
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2339BEE4-F74A-CCF1-5249-C38BD28CA5FB}" = Catalyst Control Center Localization All
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{25F28E39-FDBB-11DB-8314-0800200C9A66}" = Medal of Honor Airborne
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 20
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{288CF37D-3FE0-E572-D200-52113E47D679}" = ccc-core-static
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A02BB99-C34C-7167-8B78-CBBE3F2B266D}" = Catalyst Control Center Graphics Full Existing
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4}" = Windows Live Sync
"{2E87F4AB-99BF-421C-AF7B-365A9C08549A}" = F300
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{36694AD6-1E86-A376-4FCD-9F547581B4B9}" = CCC Help English
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}" = Microsoft Works
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51958BA7-21E4-4A8B-9098-CD8375BD17B2}" = Asystent rejestracji usługi Windows Live
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help
"{6053FE9B-5473-41D6-AEBF-AD6F98138191}" = Windows Live Movie Maker
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3C2391-BCE2-4D28-A336-73B953B4502F}" = 1400Trb
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6FBE200D-1F00-40B7-BF48-FEB265AADE94}" = 1400_Help
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{72263053-50D1-4598-9502-51ED64E54C51}" = Borland Delphi 7
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{820D9939-FEC1-D65C-599D-232DBA015A87}" = Catalyst Control Center Graphics Light
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{950DCEAA-545D-B98C-69F2-4136D9D616AF}" = Catalyst Control Center InstallProxy
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9862473C-E063-4C68-A161-2CDE0E8048A5}" = Podstawowe programy Windows Live
"{9AB614A6-719C-4A6E-A63E-831E0A35F62A}" = Windows Live Writer
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9CDEAEC9-2F14-4D39-8541-C1EEC4B5D1CB}" = Galeria fotografii usługi Windows Live
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3.2 MUI
"{AE3F657E-14CD-70A4-9CD8-E534E9114C66}" = Catalyst Control Center Core Implementation
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C35FE07E-24B5-410F-85B7-122087A0C7DD}" = Poczta usługi Windows Live
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CBD30E1C-4B85-FC57-9E8D-98664E7AB805}" = Catalyst Control Center InstallProxy
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1803CD4-0CE7-4484-98E3-88D7A2D629A4}" = Windows Live Messenger
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E440017F-64DE-6E98-E513-31FA3D6D9DBE}" = Catalyst Control Center Graphics Previews Vista
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EBFC96E5-4409-426E-88B7-650ADB342E78}" = MSI to redistribute MS VS2005 CRT libraries
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AudioLabel" = AudioLabel
"avast5" = avast! Free Antivirus
"Dziobas Rar Player_is1" = Dziobas Rar Player 0.007PL
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free PS Convert driver_is1" = Free PS Convert driver 8.15
"Gadu-Gadu 10" = Gadu-Gadu 10
"HK-Software IBExpert Developer Studio Trial Version_is1" = HK-Software IBExpert Developer Studio Trial Version
"Identity Card" = Identity Card
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Packard Bell MyBackup
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InterBase" = InterBase 6.5
"JRE 1.2" = Java 2 Runtime Environment Standard Edition v1.2.2
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.4 (Basic)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NapiProjekt_is1" = NapiProjekt 1.0.6.7
"OpenAL" = OpenAL
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"PowerISO" = PowerISO
"uTorrent" = µTorrent
"vbcpp40" = VisiBroker for Cpp 4.5
"Winamp" = Winamp (remove only)
"WinLiveSuite_Wave3" = Podstawowe programy Windows Live
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1661724614-3112423942-4075231741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2d254e6bce4fc09a" = Klapouszek

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-04-26 18:30:48 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\wksss.exe".
Nie
można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-04-26 18:30:48 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\wksdb.exe".
Nie
można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-04-26 18:30:48 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\WksWP.exe".
Nie
można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-04-26 18:30:48 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\WksCal.exe".
Nie
można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-04-27 18:30:25 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842815
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku
zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll"
w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa.

Error - 2010-04-27 18:30:37 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842787
Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe". Błąd w pliku manifestu lub w pliku zasad "c:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" w wierszu 8. Tożsamość składnika
znaleziona w manifeście nie odpowiada tożsamości składnika żądanego. Odwołanie to
WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definicja to
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Użyj narzędzia
sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-04-27 18:30:49 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\wksss.exe".
Nie
można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-04-27 18:30:49 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\wksdb.exe".
Nie
można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-04-27 18:30:49 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\WksWP.exe".
Nie
można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-04-27 18:30:49 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\WksCal.exe".
Nie
można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

[ Media Center Events ]
Error - 2010-03-14 06:21:05 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 11:21:05 - Błąd podczas nawiązywania połączenia z Internetem. 11:21:05
- Nie można skontaktować się z serwerem..

Error - 2010-03-14 06:21:14 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 11:21:11 - Błąd podczas nawiązywania połączenia z Internetem. 11:21:11
- Nie można skontaktować się z serwerem..

Error - 2010-04-09 09:00:45 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 15:00:41 - Nie można pobrać pakietu Broadband (Błąd: Nie można połączyć
się z serwerem zdalnym)

Error - 2010-04-15 09:28:55 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 15:28:52 - Nie można pobrać pakietu Broadband (Błąd: Nie można połączyć
się z serwerem zdalnym)

[ System Events ]
Error - 2010-03-29 15:59:53 | Computer Name = user-Komputer | Source = DCOM | ID = 10010
Description =

Error - 2010-04-02 07:40:32 | Computer Name = user-Komputer | Source = DCOM | ID = 10010
Description =

Error - 2010-04-09 14:40:29 | Computer Name = user-Komputer | Source = Service Control Manager | ID = 7022
Description = Usługa Windows Update zawiesiła się podczas uruchamiania.

Error - 2010-04-19 12:05:26 | Computer Name = user-Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR4.

Error - 2010-04-19 12:05:27 | Computer Name = user-Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR4.

Error - 2010-04-19 12:05:28 | Computer Name = user-Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR4.

Error - 2010-04-19 12:05:28 | Computer Name = user-Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR4.

Error - 2010-05-03 07:31:18 | Computer Name = user-Komputer | Source = BTHUSB | ID = 327696
Description = Uwierzytelnianie wzajemne między lokalnym adapterem Bluetooth a urządzeniem
o adresie adaptera Bluetooth (00:23:4d:ef:06:b4) nie powiodło się.

Error - 2010-05-04 14:11:08 | Computer Name = user-Komputer | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą AMD External Events Utility.

Error - 2010-05-04 14:11:08 | Computer Name = user-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi AMD External Events Utility z powodu następującego
błędu: %%1053

< End of report >
[/log]

Z góry dzięki za odpowiedz

18 maja 2010

twój wątek jest prowadzony na pcformat.pl więc tam obserwuj postępy ja się nim nie bede 2 raz tutaj zajmował

19 maja 2010

na pcformat.pl nie ma moich logów a tu przeciez chodzi o ich sprawdzenie... nie wiem czego nie rozumiem:)

19 maja 2010

[code]:Processes
Explorer.exe

:OTL
[2010-03-21 23:40:33 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TemppL2256.html
[2010-03-21 23:40:33 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempow2256.html
[2010-03-21 17:56:39 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempWV2996.html
[2010-03-21 17:56:39 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempxq2996.html
[2010-03-20 20:01:35 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempOh2992.html
[2010-03-20 20:01:35 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Temptf2992.html
[2010-03-28 16:39:31 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempCb2520.html
[2010-03-28 16:39:31 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempBe2520.html
[2010-03-27 22:06:33 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempqS2808.html
[2010-03-27 22:06:33 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempmi2808.html
[2010-03-27 17:48:32 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempxj2952.html
[2010-03-27 17:48:32 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempIP2952.html
[2010-03-26 12:11:05 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempWj2720.html
[2010-03-26 12:11:05 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempAu2720.html
[2010-03-24 17:21:15 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempbR1816.html
[2010-03-24 17:21:15 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempCC1816.html
[2010-03-30 14:07:26 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempTP2608.html
[2010-03-30 14:07:26 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempmv2608.html
[2010-03-30 10:06:02 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempvJ3260.html
[2010-03-30 10:06:02 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempae3260.html
[2010-03-29 20:24:49 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempWg2636.html
[2010-03-29 20:24:49 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempKH2636.html
[2010-03-29 18:51:40 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempTx2852.html
[2010-03-29 18:51:40 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempgv2852.html
[2010-03-28 23:07:18 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempIV2836.html
[2010-03-31 16:59:37 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempDy2172.html
[2010-03-31 16:59:37 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempcO2172.html
[2010-04-02 16:36:41 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempbm2644.html
[2010-04-02 16:36:41 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempOW2644.html
[2010-04-02 13:05:09 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempTb3416.html
[2010-04-02 13:05:09 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempPU3416.html
[2010-04-05 16:23:21 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempHO5608.html
[2010-04-05 16:23:21 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempue5608.html
[2010-04-05 11:20:07 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempdq4716.html
[2010-04-05 11:20:07 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempoG4716.html
[2010-04-04 16:08:37 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempQn3612.html
[2010-04-04 16:08:37 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempPf3612.html
[2010-04-04 16:05:06 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempzc2992.html
[2010-04-04 16:05:06 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempoN2992.html
[2010-04-03 16:12:57 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempgF2632.html
[2010-04-03 16:12:57 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempcV2632.html
[2010-04-14 18:31:36 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempss3744.html
[2010-04-14 18:31:36 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempLw3744.html
[2010-04-13 22:13:55 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempnu4280.html
[2010-04-13 22:13:55 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Temphl4280.html
[2010-04-10 21:30:36 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempVH3052.html
[2010-04-10 21:30:36 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempGj3052.html
[2010-04-09 21:31:41 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TemphW4336.html
[2010-04-09 21:31:41 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempwh4336.html
[2010-04-09 16:44:29 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempyr3852.html
[2010-04-09 16:44:29 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempPz3852.html
[2010-04-08 19:51:58 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempee2720.html
[2010-04-08 19:51:58 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempcu2720.html
[2010-04-15 21:29:58 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempiS3684.html
[2010-04-15 21:29:58 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempYS3684.html
[2010-04-15 16:54:52 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempUS3908.html
[2010-04-15 16:54:52 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempLm3908.html
[2010-04-15 14:59:30 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempEv3596.html
[2010-04-15 14:59:30 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempYl3596.html
[2010-04-14 22:01:12 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempzm2420.html
[2010-04-14 22:01:12 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempfr2420.html
[2010-04-28 22:12:10 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempFk4044.html
[2010-04-28 22:12:10 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TemptB4044.html
[2010-04-28 19:03:49 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TemplU4040.html
[2010-04-28 19:03:49 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TemphZ4040.html
[2010-04-26 22:48:33 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempVN4028.html
[2010-04-25 16:26:16 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempTX4016.html
[2010-04-25 13:19:23 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempQN3356.html
[2010-04-24 19:36:31 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempDO1036.html
[2010-04-24 19:24:49 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Templc4384.html
[2010-04-24 19:22:38 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempnG6092.html
[2010-04-24 19:22:38 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempHK6092.html
[2010-04-23 21:56:28 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempyX3896.html
[2010-04-23 21:56:28 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempfm3896.html
[2010-04-22 19:35:05 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempaX4076.html
[2010-04-22 19:35:05 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempyC4076.html
[2010-04-20 22:59:10 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempUd4016.html
[2010-04-20 22:59:10 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempJi4016.html
[2010-04-20 16:48:28 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempQr3872.html
[2010-04-20 16:48:28 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempKL3872.html
[2010-04-17 14:52:21 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempze4068.html
[2010-04-17 14:52:21 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempLu4068.html
[2010-04-16 23:14:48 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempKp3824.html
[2010-04-16 23:14:48 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempzY3824.html
[2010-04-16 19:13:50 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempGi3692.html
[2010-04-16 19:13:50 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempgY3692.html
[2010-04-30 21:06:03 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempoN3228.html
[2010-04-29 22:24:51 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempXs4048.html
[2010-05-02 13:17:07 | 000,229,863 | ---- | M] () -- C:\Windows\hpoins19.dat
[2010-05-04 08:20:24 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempar3792.html
[2010-05-03 15:31:36 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempOC3224.html
[2010-05-03 15:31:36 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempoY3224.html
[2010-05-14 17:52:59 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempNs4012.html
[2010-05-14 17:52:59 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempco4012.html
[2010-05-13 08:23:38 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempaK3984.html
[2010-05-13 08:23:38 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempOL3984.html
[2010-05-13 03:17:35 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempYz3848.html
[2010-05-13 03:17:35 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempLG3848.html
[2010-05-07 23:48:15 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempjR3804.html
[2010-05-07 23:48:15 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempuP3804.html
[2010-03-28 23:07:18 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempEQ2836.html
[2010-03-28 22:08:41 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempxD2868.html
[2010-03-28 22:08:41 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempkm2868.html
[2010-03-30 14:07:26 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempTP2608.html
[2010-03-30 14:07:26 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempmv2608.html
[2010-03-30 10:06:02 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempvJ3260.html
[2010-03-30 10:06:02 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempae3260.html
[2010-03-29 20:24:49 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempWg2636.html
[2010-03-29 20:24:49 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempKH2636.html
[2010-03-29 18:51:40 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempTx2852.html
[2010-03-29 18:51:40 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempgv2852.html
[2010-03-28 23:07:18 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempIV2836.html
[2010-03-28 23:07:18 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempEQ2836.html
[2010-03-28 22:08:41 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempxD2868.html
[2010-03-28 22:08:41 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempkm2868.html
[2010-05-16 19:39:32 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempCS2732.html
[2010-05-16 19:39:32 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempFV2732.html
[2010-05-16 16:43:01 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempGl3312.html
[2010-05-16 16:43:01 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempge3312.html
[2010-05-18 16:04:36 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempWi2908.html
[2010-05-18 16:04:36 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempQU2908.html
[2010-05-18 15:53:13 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempkz2232.html
[2010-05-18 15:38:37 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempms3760.html
[2010-05-18 15:38:37 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempcy3760.html
[2010-05-18 15:08:06 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempBU4088.html
[2010-05-18 15:08:06 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempbE4088.html
[2010-05-18 16:51:20 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempYi3108.html
[2010-05-18 16:51:20 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempcu3108.html
[2010-05-18 16:48:43 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempaE1996.html
[2010-05-18 16:48:43 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempny1996.html
[2010-05-18 16:34:21 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempAH2152.html
[2010-05-18 16:34:21 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempqX2152.html
[2010-05-18 17:04:10 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempyl2416.html
[2010-05-18 17:04:10 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempwP2416.html
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\SETUP.EXE -- File not found
O33 - MountPoints2\F\Shell\configure\command - "" = F:\SETUP.EXE -- File not found
O33 - MountPoints2\F\Shell\install\command - "" = F:\SETUP.EXE -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

:files
C:\Windows\SysWow64\mctadmin.exe

:services
SSHNAS

:Commands
[Start Explorer]
[reboot][/code]

No to wklejasz to do OTL i klikasz run fix. Jest tu cała masa złych plików; )
Potem nowy log z OTL

20 maja 2010

Nowe logi:
OTL.txt [log]OTL logfile created on: 2010-05-20 08:21:36 - Run 2
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\user\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 71,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,66 Gb Total Space | 200,06 Gb Free Space | 44,10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 74,52 Gb Total Space | 58,98 Gb Free Space | 79,14% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-KOMPUTER
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-05-18 17:11:08 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
PRC - [2010-05-06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-05-04 21:56:02 | 000,219,128 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010-04-28 15:06:30 | 000,142,120 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2010-04-16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-04-08 13:20:00 | 000,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
PRC - [2010-04-04 07:42:51 | 000,036,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
PRC - [2010-03-06 12:47:52 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2009-12-22 10:21:00 | 000,600,688 | ---- | M] (Chicony) -- C:\Program Files (x86)\Video Web Camera\traybar.exe
PRC - [2009-12-16 08:16:04 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009-11-06 01:05:42 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009-10-29 13:31:20 | 000,262,912 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
PRC - [2009-10-29 13:31:00 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
PRC - [2009-10-13 21:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009-10-13 21:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009-09-30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009-09-20 13:36:12 | 000,270,336 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2009-09-20 13:07:24 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2009-09-20 13:07:24 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
PRC - [2009-09-17 08:50:14 | 001,157,640 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009-08-28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [psvc]
PRC - [2009-07-04 04:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
PRC - [2009-05-21 19:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
PRC - [2009-04-16 00:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2009-03-15 12:15:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2007-05-08 17:24:20 | 000,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
PRC - [2001-11-29 01:50:00 | 001,769,472 | ---- | M] (Borland Software Corporation) -- C:\Program Files (x86)\Borland\InterBase\bin\ibserver.exe
PRC - [2001-11-29 01:50:00 | 000,032,768 | ---- | M] (Borland Software Corporation) -- C:\Program Files (x86)\Borland\InterBase\bin\ibguard.exe

[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-05-18 17:11:08 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
MOD - [2010-02-18 09:34:01 | 012,867,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2009-12-11 09:39:06 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2009-12-11 09:36:33 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2009-07-14 03:17:51 | 001,289,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2009-07-14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009-07-14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009-07-14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009-07-14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2009-07-14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2009-07-14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009-07-14 03:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2009-07-14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009-07-14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2009-07-14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2009-07-14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009-07-14 03:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009-07-14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:[b]64bit:[/b] - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:[b]64bit:[/b] - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2010-04-07 04:12:18 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009-11-02 13:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:[b]64bit:[/b] - [2009-10-29 12:10:02 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:[b]64bit:[/b] - [2009-10-02 19:39:44 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:[b]64bit:[/b] - [2009-07-22 18:59:40 | 003,935,232 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files\Firebird\Firebird_2_1\bin\fb_inet_server.exe -- (FirebirdServerDefaultInstance)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:[b]64bit:[/b] - [2009-07-04 04:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010-05-04 21:56:02 | 000,219,128 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010-04-16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-03-06 12:47:52 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010-01-06 20:32:34 | 000,960,000 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertTransactionMonitor\hkTRMon.exe -- (IBExpertTransactionMonitor)
SRV - [2010-01-06 20:32:30 | 000,677,888 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertJobScheduler\hkJS.exe -- (IBExpertJobScheduler)
SRV - [2010-01-06 20:32:26 | 000,765,952 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertInstanceManager\hkIM.exe -- (IBExpertInstanceManager)
SRV - [2010-01-06 20:32:22 | 001,027,584 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertBackupRestore\hkIBRS.exe -- (IBExpertBackupRestore)
SRV - [2010-01-06 20:32:18 | 000,638,464 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertSQLMonitor\StatToHtml.exe -- (IBExpertSQLMonitorHtmlMaker)
SRV - [2010-01-06 20:32:16 | 001,306,624 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertSQLMonitor\StatToDB.exe -- (IBExpertSQLMonitorDB)
SRV - [2010-01-06 20:32:12 | 001,489,920 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertSQLMonitor\hkProxy.exe -- (IBExpertSQLMonitor)
SRV - [2009-10-29 13:31:00 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009-10-13 21:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2009-09-30 14:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009-09-30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009-09-20 12:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009-08-28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009-07-28 22:25:34 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-07-14 05:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)
SRV - [2009-07-14 05:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009-07-14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009-07-14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009-07-13 22:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009-06-10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008-10-25 12:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2007-05-31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2001-11-29 01:50:00 | 001,769,472 | ---- | M] (Borland Software Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Borland\InterBase\bin\ibserver.exe -- (InterBaseServer)
SRV - [2001-11-29 01:50:00 | 000,032,768 | ---- | M] (Borland Software Corporation) [Auto | Running] -- C:\Program Files (x86)\Borland\InterBase\bin\ibguard.exe -- (InterBaseGuardian)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2010-05-06 22:39:27 | 000,051,280 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2010-05-06 22:39:06 | 000,121,936 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2010-05-06 22:34:30 | 000,028,752 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2010-05-06 22:34:14 | 000,063,568 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2010-05-06 22:33:50 | 000,022,096 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2010-04-07 04:44:06 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2010-04-07 04:44:06 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2010-04-07 03:23:30 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2009-12-21 21:39:48 | 000,019,912 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:[b]64bit:[/b] - [2009-12-21 21:39:44 | 000,013,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:[b]64bit:[/b] - [2009-12-11 12:29:27 | 000,153,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:[b]64bit:[/b] - [2009-11-06 06:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009-11-02 13:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:[b]64bit:[/b] - [2009-10-23 07:27:12 | 000,307,760 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2009-10-13 21:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009-10-12 13:00:52 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2009-10-05 09:49:34 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:[b]64bit:[/b] - [2009-10-02 02:47:38 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:[b]64bit:[/b] - [2009-09-26 08:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:[b]64bit:[/b] - [2009-09-17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:[b]64bit:[/b] - [2009-09-02 03:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:[/b] - [2009-08-28 13:15:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:[b]64bit:[/b] - [2009-08-28 13:15:26 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:[b]64bit:[/b] - [2009-08-05 22:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:[b]64bit:[/b] - [2009-07-14 03:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:[b]64bit:[/b] - [2009-07-14 02:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:[b]64bit:[/b] - [2009-07-14 02:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:[b]64bit:[/b] - [2009-07-14 02:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:[b]64bit:[/b] - [2009-07-14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifimp.sys -- (vwifimp)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:00 | 000,184,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:00 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthpan.sys -- (BthPan) Urządzenie Bluetooth (sieć osobista)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:57 | 000,551,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthport.sys -- (BTHPORT)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:56 | 000,158,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rfcomm.sys -- (RFCOMM) Urządzenie Bluetooth (Protokół TDI RFCOMM)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:53 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthenum.sys -- (BthEnum)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:52 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BTHUSB.SYS -- (BTHUSB)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:28 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winusb.sys -- (WinUsb)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:[b]64bit:[/b] - [2009-07-14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:[b]64bit:[/b] - [2009-07-14 02:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:[b]64bit:[/b] - [2009-07-14 01:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:[b]64bit:[/b] - [2009-07-14 01:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:[b]64bit:[/b] - [2009-07-14 01:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:[b]64bit:[/b] - [2009-07-14 01:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:[b]64bit:[/b] - [2009-07-14 01:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:[b]64bit:[/b] - [2009-07-14 01:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:[b]64bit:[/b] - [2009-07-14 01:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:[b]64bit:[/b] - [2009-07-01 06:46:58 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:[b]64bit:[/b] - [2009-06-24 12:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2009-05-06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:[b]64bit:[/b] - [2009-05-06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:[b]64bit:[/b] - [2009-04-07 09:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:[b]64bit:[/b] - [2009-03-15 12:32:56 | 000,085,424 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009-09-02 03:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\winusb.dll -- (WinUsb)
DRV - [2009-07-14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009-06-10 23:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009-06-10 23:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2009-03-26 05:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\DKbFltr.sys -- (DKbFltr) Dritek Keyboard Filter Driver (64-bit)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443
IE - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443
IE - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-02-23 20:11:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-05-01 11:23:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-05-13 20:04:44 | 000,000,000 | ---D | M]

[2010-02-20 17:45:13 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Extensions
[2010-05-19 19:25:10 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\8lfqv2rf.default\extensions
[2010-02-23 18:47:48 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\8lfqv2rf.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010-04-25 12:35:28 | 000,001,728 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\FireFox\Profiles\8lfqv2rf.default\searchplugins\google-pl.xml
[2010-05-19 19:25:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010-05-13 20:04:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010-01-16 03:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2010-01-16 03:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2010-01-16 03:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-16 03:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2010-01-16 03:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-16 03:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll (Google Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Pomocnik rejestracji usługi Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:[b]64bit:[/b] - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files (x86)\Video Web Camera\traybar.exe (Chicony)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-05-20 08:18:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-05-19 19:47:35 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\Dla Agi
[2010-05-18 17:11:03 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2010-05-18 16:55:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Malwarebytes
[2010-05-18 16:55:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010-05-18 16:55:21 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010-05-18 16:55:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010-05-18 16:55:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-05-18 16:48:42 | 000,000,000 | ---D | C] -- C:\_OTM
[2010-05-18 16:32:34 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2010-05-18 16:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010-05-17 22:09:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AudioLabel
[2010-05-17 20:27:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CdCoverCreator
[2010-05-04 20:12:24 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010-05-04 20:10:19 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010-05-04 20:09:47 | 000,000,000 | ---D | C] -- C:\ATI
[2010-05-04 19:44:09 | 000,000,000 | ---D | C] -- C:\AMD
[2010-05-03 14:41:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\psconvert
[2010-05-03 14:41:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\psconv
[2010-05-01 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Folder wymiany interfejsu Bluetooth
[2010-05-01 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Broadcom
[2010-05-01 11:50:26 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Tapety
[2010-05-01 11:25:04 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Apple Computer
[2010-05-01 11:25:04 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apple Computer
[2010-05-01 11:24:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010-05-01 11:24:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010-05-01 11:24:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010-05-01 11:24:09 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010-05-01 11:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010-05-01 11:23:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010-05-01 11:23:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010-05-01 11:23:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apple
[2010-05-01 11:23:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010-05-01 11:23:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010-05-01 11:23:04 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010-05-01 11:23:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010-05-01 11:23:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010-05-01 11:23:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010-04-21 21:09:55 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\boilsoft

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-05-20 08:20:39 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempGB3280.html
[2010-05-20 08:19:42 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-05-20 08:19:33 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-05-20 08:19:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-05-20 08:19:20 | 3113,304,064 | -HS- | M] () -- C:\hiberfil.sys
[2010-05-20 08:18:33 | 002,359,296 | -HS- | M] () -- C:\Users\user\NTUSER.DAT
[2010-05-20 08:18:31 | 008,013,571 | -H-- | M] () -- C:\Users\user\AppData\Local\IconCache.db
[2010-05-20 08:17:58 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempcH1816.html
[2010-05-20 08:06:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-05-19 22:46:14 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-05-19 22:46:14 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-05-19 22:40:08 | 000,007,597 | ---- | M] () -- C:\Users\user\AppData\Local\Resmon.ResmonCfg
[2010-05-19 17:36:58 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempeh1816.html
[2010-05-18 17:11:08 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2010-05-18 16:55:24 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-05-18 16:52:40 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010-05-18 16:32:34 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2010-05-17 22:09:17 | 000,001,047 | ---- | M] () -- C:\Users\user\Desktop\AudioLabel.lnk
[2010-05-15 14:07:48 | 000,024,930 | ---- | M] () -- C:\Users\user\Documents\Kwalifikacje nauczycieli wynikające z rozporządzenia MEN z dnia 12 marca 2009 r.docx
[2010-05-07 23:09:57 | 001,532,096 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-05-07 23:09:57 | 000,691,176 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2010-05-07 23:09:57 | 000,610,094 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-05-07 23:09:57 | 000,132,638 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2010-05-07 23:09:57 | 000,104,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-05-07 21:34:42 | 000,000,286 | ---- | M] () -- C:\Windows\game.ini
[2010-05-07 21:20:41 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempue3452.html
[2010-05-07 21:20:41 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempsW3452.html
[2010-05-07 21:20:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010-05-07 20:49:43 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempOr4240.html
[2010-05-07 20:49:43 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempCS4240.html
[2010-05-06 22:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010-05-06 22:39:27 | 000,051,280 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010-05-06 22:39:06 | 000,121,936 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010-05-06 22:34:30 | 000,028,752 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010-05-06 22:34:14 | 000,063,568 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010-05-06 22:33:50 | 000,022,096 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010-05-05 20:06:52 | 005,262,901 | ---- | M] () -- C:\Users\user\Desktop\Kuba.JPG
[2010-05-05 20:04:18 | 003,831,410 | ---- | M] () -- C:\Users\user\Desktop\Tymon1.jpg
[2010-05-05 20:01:54 | 006,820,838 | ---- | M] () -- C:\Users\user\Desktop\chłopcy1.jpg
[2010-05-04 21:56:02 | 000,219,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010-05-04 21:56:02 | 000,219,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010-05-03 14:41:16 | 000,000,164 | ---- | M] () -- C:\Windows\SysWow64\psconv.ini
[2010-05-02 13:16:03 | 000,000,513 | ---- | M] () -- C:\Windows\win.ini
[2010-05-01 15:18:12 | 000,001,553 | ---- | M] () -- C:\Users\user\Desktop\IBExpert.lnk
[2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010-04-29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-05-20 08:20:22 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempGB3280.html
[2010-05-19 22:40:08 | 000,007,597 | ---- | C] () -- C:\Users\user\AppData\Local\Resmon.ResmonCfg
[2010-05-19 17:36:42 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempeh1816.html
[2010-05-18 17:50:44 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempcH1816.html
[2010-05-18 16:55:24 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-05-18 16:38:32 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010-05-17 22:09:17 | 000,001,047 | ---- | C] () -- C:\Users\user\Desktop\AudioLabel.lnk
[2010-05-15 14:07:48 | 000,024,930 | ---- | C] () -- C:\Users\user\Documents\Kwalifikacje nauczycieli wynikające z rozporządzenia MEN z dnia 12 marca 2009 r.docx
[2010-05-07 21:15:21 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempue3452.html
[2010-05-07 21:15:21 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempsW3452.html
[2010-05-06 18:02:58 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempOr4240.html
[2010-05-06 18:02:58 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempCS4240.html
[2010-05-05 20:04:14 | 003,831,410 | ---- | C] () -- C:\Users\user\Desktop\Tymon1.jpg
[2010-05-05 20:01:51 | 006,820,838 | ---- | C] () -- C:\Users\user\Desktop\chłopcy1.jpg
[2010-05-04 21:04:24 | 005,262,901 | ---- | C] () -- C:\Users\user\Desktop\Kuba.JPG
[2010-05-03 14:41:16 | 000,000,164 | ---- | C] () -- C:\Windows\SysWow64\psconv.ini
[2010-05-03 14:40:40 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfmonnt.dll
[2010-04-22 19:36:29 | 000,001,553 | ---- | C] () -- C:\Users\user\Desktop\IBExpert.lnk
[2010-04-01 19:41:20 | 001,549,394 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010-03-01 22:17:36 | 000,000,286 | ---- | C] () -- C:\Windows\game.ini
[2010-02-20 18:43:29 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-02-20 17:53:02 | 000,055,808 | ---- | C] () -- C:\Windows\SysWow64\ActPanel.dll
[2009-12-26 18:12:17 | 000,000,169 | ---- | C] () -- C:\Windows\PidList.ini
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007-06-19 09:59:36 | 000,070,400 | ---- | C] () -- C:\Windows\SysWow64\PhysXLoader.dll
[2007-04-20 08:57:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2002-08-09 16:00:00 | 000,375,296 | ---- | C] () -- C:\Windows\SysWow64\WSIHK32.DLL
[2002-08-09 16:00:00 | 000,131,584 | ---- | C] () -- C:\Windows\SysWow64\WSIWIN32.DLL

[color=#E56717]========== LOP Check ==========[/color]

[2010-02-20 16:59:26 | 000,000,000 | -HSD | M] -- C:\Users\user\AppData\Roaming\.#
[2010-05-16 21:44:54 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\BESTplayer
[2010-04-21 21:09:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\boilsoft
[2010-02-21 20:05:08 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Gadu-Gadu 10
[2010-02-24 22:38:51 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\HK-Software
[2010-02-20 14:16:14 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Packard Bell
[2010-04-06 12:30:07 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SecondLife
[2010-05-20 08:20:41 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\uTorrent
[2010-05-18 16:52:40 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2009-07-14 07:08:49 | 000,029,380 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]

< End of report >
[/log]
extras.txt [log]OTL Extras logfile created on: 2010-05-20 08:21:36 - Run 2
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\user\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 71,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,66 Gb Total Space | 200,06 Gb Free Space | 44,10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 74,52 Gb Total Space | 58,98 Gb Free Space | 79,14% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-KOMPUTER
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1661724614-3112423942-4075231741-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{1A300085-6A46-2B37-60E0-2C151E24DD66}" = ccc-utility64
"{26A24AE4-039D-4CA4-87B4-2F86416019FF}" = Java(TM) 6 Update 19 (64-bit)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{404BB1FF-A84F-432F-B77B-301E88E8D1C7}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum obsługi urządzeń z systemem Windows Mobile
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88363A53-C537-77C9-863D-C20147EF4AC0}" = ATI Catalyst Install Manager
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96D5EB02-DE18-4DCD-A713-929B4461CA8D}" = iTunes
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{C19D4D8F-4433-4F6D-9F0C-79589FD0B973}" = Bonjour
"3932CA781A7894D20116FDF60F878301800EA8AB" = Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"FBDBServer_2_1_x64_is1" = Firebird 2.1.3.18185 (x64)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02c6547c-700b-486e-821e-065148c9915a}" = Nero 9 Essentials
"{03C754B5-243B-41AC-93B1-932952F1CAB7}_is1" = Partition Wizard Business Edition 4.2.2
"{052DE950-9FE3-577E-996A-90C870A59A01}" = Catalyst Control Center Graphics Full New
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{12A1B519-5934-4508-ADBD-335347B0DC87}" = Video Web Camera
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22DD005D-0EF1-4E3E-92F8-49D89E31479A}" = 1400
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2339BEE4-F74A-CCF1-5249-C38BD28CA5FB}" = Catalyst Control Center Localization All
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{25F28E39-FDBB-11DB-8314-0800200C9A66}" = Medal of Honor Airborne
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 20
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{288CF37D-3FE0-E572-D200-52113E47D679}" = ccc-core-static
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A02BB99-C34C-7167-8B78-CBBE3F2B266D}" = Catalyst Control Center Graphics Full Existing
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4}" = Windows Live Sync
"{2E87F4AB-99BF-421C-AF7B-365A9C08549A}" = F300
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{36694AD6-1E86-A376-4FCD-9F547581B4B9}" = CCC Help English
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}" = Microsoft Works
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51958BA7-21E4-4A8B-9098-CD8375BD17B2}" = Asystent rejestracji usługi Windows Live
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help
"{6053FE9B-5473-41D6-AEBF-AD6F98138191}" = Windows Live Movie Maker
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3C2391-BCE2-4D28-A336-73B953B4502F}" = 1400Trb
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6FBE200D-1F00-40B7-BF48-FEB265AADE94}" = 1400_Help
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{72263053-50D1-4598-9502-51ED64E54C51}" = Borland Delphi 7
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{820D9939-FEC1-D65C-599D-232DBA015A87}" = Catalyst Control Center Graphics Light
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{950DCEAA-545D-B98C-69F2-4136D9D616AF}" = Catalyst Control Center InstallProxy
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9862473C-E063-4C68-A161-2CDE0E8048A5}" = Podstawowe programy Windows Live
"{9AB614A6-719C-4A6E-A63E-831E0A35F62A}" = Windows Live Writer
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9CDEAEC9-2F14-4D39-8541-C1EEC4B5D1CB}" = Galeria fotografii usługi Windows Live
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3.2 MUI
"{AE3F657E-14CD-70A4-9CD8-E534E9114C66}" = Catalyst Control Center Core Implementation
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C35FE07E-24B5-410F-85B7-122087A0C7DD}" = Poczta usługi Windows Live
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CBD30E1C-4B85-FC57-9E8D-98664E7AB805}" = Catalyst Control Center InstallProxy
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1803CD4-0CE7-4484-98E3-88D7A2D629A4}" = Windows Live Messenger
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E440017F-64DE-6E98-E513-31FA3D6D9DBE}" = Catalyst Control Center Graphics Previews Vista
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EBFC96E5-4409-426E-88B7-650ADB342E78}" = MSI to redistribute MS VS2005 CRT libraries
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AudioLabel" = AudioLabel
"avast5" = avast! Free Antivirus
"Dziobas Rar Player_is1" = Dziobas Rar Player 0.007PL
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free PS Convert driver_is1" = Free PS Convert driver 8.15
"Gadu-Gadu 10" = Gadu-Gadu 10
"HK-Software IBExpert Developer Studio Trial Version_is1" = HK-Software IBExpert Developer Studio Trial Version
"Identity Card" = Identity Card
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Packard Bell MyBackup
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InterBase" = InterBase 6.5
"JRE 1.2" = Java 2 Runtime Environment Standard Edition v1.2.2
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.4 (Basic)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NapiProjekt_is1" = NapiProjekt 1.0.6.7
"OpenAL" = OpenAL
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"PowerISO" = PowerISO
"uTorrent" = µTorrent
"vbcpp40" = VisiBroker for Cpp 4.5
"Winamp" = Winamp (remove only)
"WinLiveSuite_Wave3" = Podstawowe programy Windows Live
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1661724614-3112423942-4075231741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2d254e6bce4fc09a" = Klapouszek

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-04-27 18:30:49 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\wksss.exe".
Nie
można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-04-27 18:30:49 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\wksdb.exe".
Nie
można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-04-27 18:30:49 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\WksWP.exe".
Nie
można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-04-27 18:30:49 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\WksCal.exe".
Nie
można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-04-29 16:43:36 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842815
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku
zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll"
w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa.

Error - 2010-04-29 16:44:18 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842787
Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe". Błąd w pliku manifestu lub w pliku zasad "c:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" w wierszu 8. Tożsamość składnika
znaleziona w manifeście nie odpowiada tożsamości składnika żądanego. Odwołanie to
WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definicja to
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Użyj narzędzia
sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-04-29 16:44:49 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\wksss.exe".
Nie
można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-04-29 16:44:50 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\wksdb.exe".
Nie
można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-04-29 16:44:50 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\WksWP.exe".
Nie
można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-04-29 16:44:50 | Computer Name = user-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\WksCal.exe".
Nie
można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

[ Media Center Events ]
Error - 2010-03-14 06:21:05 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 11:21:05 - Błąd podczas nawiązywania połączenia z Internetem. 11:21:05
- Nie można skontaktować się z serwerem..

Error - 2010-03-14 06:21:14 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 11:21:11 - Błąd podczas nawiązywania połączenia z Internetem. 11:21:11
- Nie można skontaktować się z serwerem..

Error - 2010-04-09 09:00:45 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 15:00:41 - Nie można pobrać pakietu Broadband (Błąd: Nie można połączyć
się z serwerem zdalnym)

Error - 2010-04-15 09:28:55 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 15:28:52 - Nie można pobrać pakietu Broadband (Błąd: Nie można połączyć
się z serwerem zdalnym)

[ System Events ]
Error - 2010-04-09 14:40:29 | Computer Name = user-Komputer | Source = Service Control Manager | ID = 7022
Description = Usługa Windows Update zawiesiła się podczas uruchamiania.

Error - 2010-04-19 12:05:26 | Computer Name = user-Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR4.

Error - 2010-04-19 12:05:27 | Computer Name = user-Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR4.

Error - 2010-04-19 12:05:28 | Computer Name = user-Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR4.

Error - 2010-04-19 12:05:28 | Computer Name = user-Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR4.

Error - 2010-05-03 07:31:18 | Computer Name = user-Komputer | Source = BTHUSB | ID = 327696
Description = Uwierzytelnianie wzajemne między lokalnym adapterem Bluetooth a urządzeniem
o adresie adaptera Bluetooth (00:23:4d:ef:06:b4) nie powiodło się.

Error - 2010-05-04 14:11:08 | Computer Name = user-Komputer | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą AMD External Events Utility.

Error - 2010-05-04 14:11:08 | Computer Name = user-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi AMD External Events Utility z powodu następującego
błędu: %%1053

Error - 2010-05-17 02:17:03 | Computer Name = user-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 05:37:30 na ?2010-?05-?17 było
nieoczekiwane.

Error - 2010-05-17 02:23:53 | Computer Name = user-Komputer | Source = Service Control Manager | ID = 7022
Description = Usługa Windows Update zawiesiła się podczas uruchamiania.

< End of report >
[/log]

20 maja 2010

Wykonaj pełny skan [url=http://dobreprogramy.pl/index.php?dz=2&id=1998][b]DR WEB CureIt[/b][/url]
Wykonaj pełny skan[url=http://www.dobreprogramy.pl/Malwarebytes-AntiMalware,Program,Windows,13117.html][b]MBAM[/b][/url]
Co znajda usun po czym daj logi z usuwania + nowy log OTL

20 maja 2010

nic nie znalazły:
to raport skanowania MBAM : [log]Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Wersja bazy: 4112

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

2010-05-20 19:24:27
mbam-log-2010-05-20 (19-24-27).txt

Typ skanowania: Pełne skanowanie (C:\|E:\|)
Przeskanowano obiektów: 278280
Upłynęło: 38 minut(y), 45 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 0
Zainfekowanych wartości rejestru: 0
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 0
Zainfekowanych plików: 0

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
(Nie znaleziono zagrożeń)

Zainfekowanych wartości rejestru:
(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
(Nie znaleziono zagrożeń)

Zainfekowanych plików:
(Nie znaleziono zagrożeń)[/log]

a to nowe log z otl:

otl.txt - [log]OTL logfile created on: 2010-05-20 19:26:22 - Run 3
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\user\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,66 Gb Total Space | 199,84 Gb Free Space | 44,05% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 74,52 Gb Total Space | 58,98 Gb Free Space | 79,14% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-KOMPUTER
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-05-18 17:11:08 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
PRC - [2010-05-06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-05-04 21:56:02 | 000,219,128 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010-04-28 15:06:30 | 000,142,120 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2010-04-16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-04-08 13:20:00 | 000,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
PRC - [2010-04-03 13:52:13 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010-03-06 12:47:52 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2009-12-22 10:21:00 | 000,600,688 | ---- | M] (Chicony) -- C:\Program Files (x86)\Video Web Camera\traybar.exe
PRC - [2009-12-16 08:16:04 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009-11-06 01:05:42 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009-10-29 13:31:20 | 000,262,912 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
PRC - [2009-10-29 13:31:00 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
PRC - [2009-10-13 21:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009-10-13 21:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009-09-30 14:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009-09-30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009-09-20 13:36:12 | 000,270,336 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2009-09-20 13:15:26 | 000,116,280 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
PRC - [2009-09-20 13:07:24 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2009-09-20 13:07:24 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
PRC - [2009-09-17 08:50:14 | 001,157,640 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009-08-28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [psvc]
PRC - [2009-07-04 04:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
PRC - [2009-05-21 19:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
PRC - [2009-04-16 00:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2009-03-15 12:15:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2007-05-08 17:24:20 | 000,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
PRC - [2001-11-29 01:50:00 | 001,769,472 | ---- | M] (Borland Software Corporation) -- C:\Program Files (x86)\Borland\InterBase\bin\ibserver.exe
PRC - [2001-11-29 01:50:00 | 000,032,768 | ---- | M] (Borland Software Corporation) -- C:\Program Files (x86)\Borland\InterBase\bin\ibguard.exe

[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-05-18 17:11:08 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
MOD - [2010-02-18 09:34:01 | 012,867,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2009-12-11 09:39:06 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2009-12-11 09:36:33 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2009-07-14 03:17:51 | 001,289,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2009-07-14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009-07-14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009-07-14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009-07-14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2009-07-14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2009-07-14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009-07-14 03:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2009-07-14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009-07-14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2009-07-14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2009-07-14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009-07-14 03:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009-07-14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:[b]64bit:[/b] - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:[b]64bit:[/b] - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2010-04-07 04:12:18 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009-11-02 13:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:[b]64bit:[/b] - [2009-10-29 12:10:02 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:[b]64bit:[/b] - [2009-10-02 19:39:44 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:[b]64bit:[/b] - [2009-07-22 18:59:40 | 003,935,232 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files\Firebird\Firebird_2_1\bin\fb_inet_server.exe -- (FirebirdServerDefaultInstance)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:[b]64bit:[/b] - [2009-07-04 04:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010-05-04 21:56:02 | 000,219,128 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010-04-16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-03-06 12:47:52 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010-01-06 20:32:34 | 000,960,000 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertTransactionMonitor\hkTRMon.exe -- (IBExpertTransactionMonitor)
SRV - [2010-01-06 20:32:30 | 000,677,888 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertJobScheduler\hkJS.exe -- (IBExpertJobScheduler)
SRV - [2010-01-06 20:32:26 | 000,765,952 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertInstanceManager\hkIM.exe -- (IBExpertInstanceManager)
SRV - [2010-01-06 20:32:22 | 001,027,584 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertBackupRestore\hkIBRS.exe -- (IBExpertBackupRestore)
SRV - [2010-01-06 20:32:18 | 000,638,464 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertSQLMonitor\StatToHtml.exe -- (IBExpertSQLMonitorHtmlMaker)
SRV - [2010-01-06 20:32:16 | 001,306,624 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertSQLMonitor\StatToDB.exe -- (IBExpertSQLMonitorDB)
SRV - [2010-01-06 20:32:12 | 001,489,920 | ---- | M] (HK-Software) [On_Demand | Stopped] -- C:\Program Files (x86)\HK-Software\IBExpertSQLMonitor\hkProxy.exe -- (IBExpertSQLMonitor)
SRV - [2009-10-29 13:31:00 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009-10-13 21:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2009-09-30 14:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009-09-30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009-09-20 12:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009-08-28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009-07-28 22:25:34 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-07-14 05:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)
SRV - [2009-07-14 05:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009-07-14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009-07-14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009-07-13 22:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009-06-10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008-10-25 12:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2007-05-31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2001-11-29 01:50:00 | 001,769,472 | ---- | M] (Borland Software Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Borland\InterBase\bin\ibserver.exe -- (InterBaseServer)
SRV - [2001-11-29 01:50:00 | 000,032,768 | ---- | M] (Borland Software Corporation) [Auto | Running] -- C:\Program Files (x86)\Borland\InterBase\bin\ibguard.exe -- (InterBaseGuardian)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2010-05-06 22:39:27 | 000,051,280 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2010-05-06 22:39:06 | 000,121,936 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2010-05-06 22:34:30 | 000,028,752 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2010-05-06 22:34:14 | 000,063,568 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2010-05-06 22:33:50 | 000,022,096 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2010-04-07 04:44:06 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2010-04-07 04:44:06 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2010-04-07 03:23:30 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2009-12-21 21:39:48 | 000,019,912 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:[b]64bit:[/b] - [2009-12-21 21:39:44 | 000,013,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:[b]64bit:[/b] - [2009-12-11 12:29:27 | 000,153,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:[b]64bit:[/b] - [2009-11-06 06:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009-11-02 13:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:[b]64bit:[/b] - [2009-10-23 07:27:12 | 000,307,760 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2009-10-13 21:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009-10-12 13:00:52 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2009-10-05 09:49:34 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:[b]64bit:[/b] - [2009-10-02 02:47:38 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:[b]64bit:[/b] - [2009-09-26 08:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:[b]64bit:[/b] - [2009-09-17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:[b]64bit:[/b] - [2009-09-02 03:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:[/b] - [2009-08-28 13:15:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:[b]64bit:[/b] - [2009-08-28 13:15:26 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:[b]64bit:[/b] - [2009-08-05 22:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:[b]64bit:[/b] - [2009-07-14 03:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:[b]64bit:[/b] - [2009-07-14 02:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:[b]64bit:[/b] - [2009-07-14 02:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:[b]64bit:[/b] - [2009-07-14 02:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:[b]64bit:[/b] - [2009-07-14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifimp.sys -- (vwifimp)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:00 | 000,184,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:00 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthpan.sys -- (BthPan) Urządzenie Bluetooth (sieć osobista)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:57 | 000,551,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthport.sys -- (BTHPORT)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:56 | 000,158,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rfcomm.sys -- (RFCOMM) Urządzenie Bluetooth (Protokół TDI RFCOMM)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:53 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthenum.sys -- (BthEnum)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:52 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BTHUSB.SYS -- (BTHUSB)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:28 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winusb.sys -- (WinUsb)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:[b]64bit:[/b] - [2009-07-14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:[b]64bit:[/b] - [2009-07-14 02:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:[b]64bit:[/b] - [2009-07-14 01:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:[b]64bit:[/b] - [2009-07-14 01:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:[b]64bit:[/b] - [2009-07-14 01:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:[b]64bit:[/b] - [2009-07-14 01:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:[b]64bit:[/b] - [2009-07-14 01:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:[b]64bit:[/b] - [2009-07-14 01:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:[b]64bit:[/b] - [2009-07-14 01:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:[b]64bit:[/b] - [2009-07-01 06:46:58 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:[b]64bit:[/b] - [2009-06-24 12:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2009-05-06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:[b]64bit:[/b] - [2009-05-06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:[b]64bit:[/b] - [2009-04-07 09:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:[b]64bit:[/b] - [2009-03-15 12:32:56 | 000,085,424 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009-09-02 03:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\winusb.dll -- (WinUsb)
DRV - [2009-07-14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009-06-10 23:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009-06-10 23:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2009-03-26 05:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\DKbFltr.sys -- (DKbFltr) Dritek Keyboard Filter Driver (64-bit)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443
IE - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_lj75&r=273602105355l03c4z1m5f4952x443
IE - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-02-23 20:11:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-05-01 11:23:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-05-13 20:04:44 | 000,000,000 | ---D | M]

[2010-02-20 17:45:13 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Extensions
[2010-05-19 19:25:10 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\8lfqv2rf.default\extensions
[2010-02-23 18:47:48 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\8lfqv2rf.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010-04-25 12:35:28 | 000,001,728 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\FireFox\Profiles\8lfqv2rf.default\searchplugins\google-pl.xml
[2010-05-19 19:25:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010-05-13 20:04:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010-01-16 03:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2010-01-16 03:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2010-01-16 03:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-16 03:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2010-01-16 03:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-16 03:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll (Google Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Pomocnik rejestracji usługi Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:[b]64bit:[/b] - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files (x86)\Video Web Camera\traybar.exe (Chicony)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1661724614-3112423942-4075231741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-05-20 08:18:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-05-19 19:47:35 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\Dla Agi
[2010-05-18 17:11:03 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2010-05-18 16:55:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Malwarebytes
[2010-05-18 16:55:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010-05-18 16:55:21 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010-05-18 16:55:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010-05-18 16:55:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-05-18 16:32:34 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2010-05-18 16:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010-05-17 22:09:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AudioLabel
[2010-05-17 20:27:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CdCoverCreator
[2010-05-04 20:12:24 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010-05-04 20:10:19 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010-05-04 20:09:47 | 000,000,000 | ---D | C] -- C:\ATI
[2010-05-04 19:44:09 | 000,000,000 | ---D | C] -- C:\AMD
[2010-05-03 14:41:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\psconvert
[2010-05-03 14:41:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\psconv
[2010-05-01 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Folder wymiany interfejsu Bluetooth
[2010-05-01 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Broadcom
[2010-05-01 11:50:26 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Tapety
[2010-05-01 11:25:04 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Apple Computer
[2010-05-01 11:25:04 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apple Computer
[2010-05-01 11:24:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010-05-01 11:24:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010-05-01 11:24:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010-05-01 11:24:09 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010-05-01 11:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010-05-01 11:23:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010-05-01 11:23:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010-05-01 11:23:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apple
[2010-05-01 11:23:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010-05-01 11:23:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010-05-01 11:23:04 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010-05-01 11:23:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010-05-01 11:23:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010-05-01 11:23:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010-04-21 21:09:55 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\boilsoft
[2010-04-15 21:46:06 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile
[2010-04-07 04:13:00 | 000,455,168 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2010-04-07 04:12:18 | 000,202,752 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2010-04-07 04:10:56 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2010-04-07 04:10:40 | 000,421,376 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2010-04-07 04:10:32 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2010-04-07 04:10:18 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2010-04-07 04:10:12 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2010-04-07 04:10:08 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2010-04-07 04:10:00 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2010-04-07 03:46:50 | 000,055,296 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2010-04-06 13:03:17 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-04-06 13:01:19 | 000,000,000 | ---D | C] -- C:\Users\user\.java
[2010-04-06 12:57:10 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010-04-06 12:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-04-06 12:55:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010-04-06 12:53:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010-04-06 12:29:36 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\SecondLife
[2010-04-06 12:29:36 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\SecondLife
[2010-03-28 22:07:56 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\SysWow64\avastSS.scr
[2010-03-28 22:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010-03-28 21:44:31 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\skypePM
[2010-03-28 21:43:57 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Skype
[2010-03-28 21:42:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010-03-28 21:42:27 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010-03-28 21:42:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-05-20 19:28:13 | 002,359,296 | -HS- | M] () -- C:\Users\user\NTUSER.DAT
[2010-05-20 19:06:03 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-05-20 14:06:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-05-20 08:26:46 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-05-20 08:26:46 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-05-20 08:20:39 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempGB3280.html
[2010-05-20 08:19:33 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-05-20 08:19:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-05-20 08:19:20 | 3113,304,064 | -HS- | M] () -- C:\hiberfil.sys
[2010-05-20 08:18:31 | 008,013,571 | -H-- | M] () -- C:\Users\user\AppData\Local\IconCache.db
[2010-05-20 08:17:58 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempcH1816.html
[2010-05-19 22:40:08 | 000,007,597 | ---- | M] () -- C:\Users\user\AppData\Local\Resmon.ResmonCfg
[2010-05-19 17:36:58 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempeh1816.html
[2010-05-18 17:11:08 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2010-05-18 16:55:24 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-05-18 16:52:40 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010-05-18 16:32:34 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2010-05-17 22:09:17 | 000,001,047 | ---- | M] () -- C:\Users\user\Desktop\AudioLabel.lnk
[2010-05-15 14:07:48 | 000,024,930 | ---- | M] () -- C:\Users\user\Documents\Kwalifikacje nauczycieli wynikające z rozporządzenia MEN z dnia 12 marca 2009 r.docx
[2010-05-07 23:09:57 | 001,532,096 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-05-07 23:09:57 | 000,691,176 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2010-05-07 23:09:57 | 000,610,094 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-05-07 23:09:57 | 000,132,638 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2010-05-07 23:09:57 | 000,104,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-05-07 21:34:42 | 000,000,286 | ---- | M] () -- C:\Windows\game.ini
[2010-05-07 21:20:41 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempue3452.html
[2010-05-07 21:20:41 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempsW3452.html
[2010-05-07 21:20:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010-05-07 20:49:43 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempOr4240.html
[2010-05-07 20:49:43 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempCS4240.html
[2010-05-06 22:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010-05-06 22:39:27 | 000,051,280 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010-05-06 22:39:06 | 000,121,936 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010-05-06 22:34:30 | 000,028,752 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010-05-06 22:34:14 | 000,063,568 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010-05-06 22:33:50 | 000,022,096 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010-05-05 20:06:52 | 005,262,901 | ---- | M] () -- C:\Users\user\Desktop\Kuba.JPG
[2010-05-05 20:04:18 | 003,831,410 | ---- | M] () -- C:\Users\user\Desktop\Tymon1.jpg
[2010-05-05 20:01:54 | 006,820,838 | ---- | M] () -- C:\Users\user\Desktop\chłopcy1.jpg
[2010-05-04 21:56:02 | 000,219,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010-05-04 21:56:02 | 000,219,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010-05-03 14:41:16 | 000,000,164 | ---- | M] () -- C:\Windows\SysWow64\psconv.ini
[2010-05-02 13:16:03 | 000,000,513 | ---- | M] () -- C:\Windows\win.ini
[2010-05-01 15:18:12 | 000,001,553 | ---- | M] () -- C:\Users\user\Desktop\IBExpert.lnk
[2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010-04-29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010-04-15 21:46:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2010-04-14 18:47:23 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\SysWow64\avastSS.scr
[2010-04-07 04:16:34 | 000,038,400 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2010-04-07 04:13:00 | 000,455,168 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2010-04-07 04:12:18 | 000,202,752 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2010-04-07 04:10:56 | 000,120,320 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2010-04-07 04:10:40 | 000,421,376 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2010-04-07 04:10:32 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2010-04-07 04:10:18 | 000,278,528 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2010-04-07 04:10:12 | 000,012,288 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2010-04-07 04:10:08 | 000,059,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2010-04-07 04:10:00 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2010-04-07 03:46:50 | 000,055,296 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst.dll
[2010-04-07 03:25:00 | 000,515,424 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2010-04-07 03:20:44 | 000,515,424 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2010-04-02 18:09:08 | 000,002,023 | ---- | M] () -- C:\Windows\SysWow64\atipblag.dat
[2010-04-02 18:09:08 | 000,002,023 | ---- | M] () -- C:\Windows\SysNative\atipblag.dat
[2010-04-01 19:41:20 | 001,549,394 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010-04-01 11:34:28 | 000,020,862 | ---- | M] () -- C:\Windows\atiogl.xml
[2010-03-30 22:04:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010-03-28 21:44:32 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010-03-23 09:28:34 | 000,031,744 | ---- | M] () -- C:\Users\user\Documents\Urodziłem się wtedy mniej więcej.doc

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-05-20 08:20:22 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempGB3280.html
[2010-05-19 22:40:08 | 000,007,597 | ---- | C] () -- C:\Users\user\AppData\Local\Resmon.ResmonCfg
[2010-05-19 17:36:42 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempeh1816.html
[2010-05-18 17:50:44 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempcH1816.html
[2010-05-18 16:55:24 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-05-18 16:38:32 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010-05-17 22:09:17 | 000,001,047 | ---- | C] () -- C:\Users\user\Desktop\AudioLabel.lnk
[2010-05-15 14:07:48 | 000,024,930 | ---- | C] () -- C:\Users\user\Documents\Kwalifikacje nauczycieli wynikające z rozporządzenia MEN z dnia 12 marca 2009 r.docx
[2010-05-07 21:15:21 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempue3452.html
[2010-05-07 21:15:21 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempsW3452.html
[2010-05-06 18:02:58 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempOr4240.html
[2010-05-06 18:02:58 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempCS4240.html
[2010-05-05 20:04:14 | 003,831,410 | ---- | C] () -- C:\Users\user\Desktop\Tymon1.jpg
[2010-05-05 20:01:51 | 006,820,838 | ---- | C] () -- C:\Users\user\Desktop\chłopcy1.jpg
[2010-05-04 21:04:24 | 005,262,901 | ---- | C] () -- C:\Users\user\Desktop\Kuba.JPG
[2010-05-03 14:41:16 | 000,000,164 | ---- | C] () -- C:\Windows\SysWow64\psconv.ini
[2010-05-03 14:40:40 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfmonnt.dll
[2010-04-22 19:36:29 | 000,001,553 | ---- | C] () -- C:\Users\user\Desktop\IBExpert.lnk
[2010-04-15 21:46:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2010-04-07 04:16:34 | 000,038,400 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2010-04-07 03:25:00 | 000,515,424 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2010-04-07 03:20:44 | 000,515,424 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2010-04-02 18:09:08 | 000,002,023 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010-04-02 18:09:08 | 000,002,023 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2010-04-01 19:41:20 | 001,549,394 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010-04-01 11:34:28 | 000,020,862 | ---- | C] () -- C:\Windows\atiogl.xml
[2010-03-30 22:04:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010-03-28 21:44:32 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010-03-22 21:34:04 | 000,031,744 | ---- | C] () -- C:\Users\user\Documents\Urodziłem się wtedy mniej więcej.doc
[2010-03-01 22:17:36 | 000,000,286 | ---- | C] () -- C:\Windows\game.ini
[2010-02-20 18:43:29 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-02-20 17:53:02 | 000,055,808 | ---- | C] () -- C:\Windows\SysWow64\ActPanel.dll
[2009-12-26 18:12:17 | 000,000,169 | ---- | C] () -- C:\Windows\PidList.ini
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007-06-19 09:59:36 | 000,070,400 | ---- | C] () -- C:\Windows\SysWow64\PhysXLoader.dll
[2007-04-20 08:57:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2007-04-20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2002-08-09 16:00:00 | 000,375,296 | ---- | C] () -- C:\Windows\SysWow64\WSIHK32.DLL
[2002-08-09 16:00:00 | 000,131,584 | ---- | C] () -- C:\Windows\SysWow64\WSIWIN32.DLL

[color=#E56717]========== LOP Check ==========[/color]

[2010-02-20 16:59:26 | 000,000,000 | -HSD | M] -- C:\Users\user\AppData\Roaming\.#
[2010-05-16 21:44:54 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\BESTplayer
[2010-04-21 21:09:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\boilsoft
[2010-02-21 20:05:08 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Gadu-Gadu 10
[2010-02-24 22:38:51 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\HK-Software
[2010-02-20 14:16:14 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Packard Bell
[2010-04-06 12:30:07 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SecondLife
[2010-05-20 18:20:29 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\uTorrent
[2010-05-18 16:52:40 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2009-07-14 07:08:49 | 000,029,380 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]

< End of report >
[/log]

20 maja 2010

W OTL clean up
Przeczysc dysk i rejestr ccleaner

21 maja 2010

Wielkie dzięki za pomoc.

Zaloguj się

Problem z sshnas21.dll

marekoza

Sohei

marekoza

Sohei

marekoza

Sohei

marekoza

Sohei

marekoza

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Strona główna

Powiadomienie o plikach cookie