moxia utworzono 16 czerwca 2010 utworzono 16 czerwca 2010 (edytowane) witam,wczoraj wieczorem wlaczylem laptopa i zauwazylem ze pasek biosa najpierw laduje sie do polowy,pozniej pare sekund stoi bez ruchu i zaczyna ladowac sie caly,wczesniej ladowanie tego paska to byla kwestia 1 sekundy,nie wiem czy moze miec to jakies powiazanie ze soba ale kilka dni temu postanowilem przeczyscic laptopa,uznalem ze ma za duza temperature,jednak jak pamietam to po tym calym czyszczeniu zaraz uruchomilem sprzet i czegos takiego nie bylo,oczywiscie nie wykluczam tego,ale podejrzewam tez wirusa,prosze wiec o zerkniecie na logi,dziekuje ps;podczas czyszczenia nic z podzespolow nie wykrecalem,nie wyciagalem,przeczyscilem patyczkiem do uszu tylko wiatraczek i jego okolice,czyscilem tez taka czarna swiecaca sie tasme naklejona na jeden z podzespolow,nie moge okreslic na czym znajdoweala sie ta tasma gdyz nie znam sie na tym,czy moglem ja porysowac i to moze byc przyczyna? [log]OTL logfile created on: 2010-06-16 10:20:10 - Run 1 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\mhj\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 142,65 Gb Total Space | 85,10 Gb Free Space | 59,65% Space Free | Partition Type: NTFS Drive D: | 142,67 Gb Total Space | 135,18 Gb Free Space | 94,75% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MHJ-PC Current User Name: mhj Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-06-16 10:16:47 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\mhj\Desktop\OTL.exe PRC - [2010-01-19 19:29:02 | 000,713,544 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe PRC - [2010-01-19 19:27:18 | 001,043,784 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe PRC - [2009-12-13 00:18:32 | 000,181,312 | ---- | M] () -- C:\Program Files\Photodex\ProShowProducer\scsiaccess.exe PRC - [2009-11-05 12:19:17 | 000,107,832 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe PRC - [2009-11-05 12:19:12 | 000,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2009-09-11 08:24:32 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2009-09-11 08:23:46 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2009-06-15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-04-10 23:28:16 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2009-04-10 23:28:16 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE PRC - [2009-04-10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-04-10 23:28:10 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe PRC - [2009-04-10 23:28:08 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2009-04-10 23:28:08 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe PRC - [2009-04-10 23:28:06 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2009-04-10 23:28:06 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-04-10 23:28:00 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-04-10 23:28:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-04-10 23:28:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe PRC - [2009-04-10 23:28:00 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe PRC - [2009-04-10 23:27:50 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2009-04-10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-10 23:27:34 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2008-10-16 17:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe PRC - [2008-10-16 16:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2008-04-06 22:42:24 | 000,050,424 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe PRC - [2008-04-04 03:03:14 | 000,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe PRC - [2008-03-21 13:22:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe PRC - [2008-03-18 21:27:12 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2008-03-03 13:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe PRC - [2008-02-22 21:50:54 | 000,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe PRC - [2008-02-22 21:50:44 | 001,037,608 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2008-01-21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008-01-21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 04:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-21 04:23:29 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe PRC - [2008-01-21 04:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe PRC - [2008-01-10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe PRC - [2007-12-06 16:15:28 | 000,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe PRC - [2007-01-17 11:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-06-16 10:16:47 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\mhj\Desktop\OTL.exe MOD - [2010-05-04 21:10:47 | 006,080,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll MOD - [2009-09-25 00:54:55 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2009-07-17 15:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-06-15 16:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-06-15 16:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-04-23 14:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-04-10 23:28:26 | 011,584,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2009-04-10 23:28:26 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-04-10 23:28:26 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-04-10 23:28:26 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2009-04-10 23:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-04-10 23:28:26 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-04-10 23:28:26 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2009-04-10 23:28:26 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-04-10 23:28:26 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-04-10 23:28:26 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-04-10 23:28:26 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-04-10 23:28:26 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-04-10 23:28:24 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2009-04-10 23:28:24 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-04-10 23:28:24 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-04-10 23:28:24 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009-04-10 23:28:24 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2009-04-10 23:28:24 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-04-10 23:28:24 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-04-10 23:28:22 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009-04-10 23:28:22 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-04-10 23:28:22 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-04-10 23:28:22 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-04-10 23:28:20 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-04-10 23:28:20 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-04-10 23:28:20 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll MOD - [2009-04-10 23:28:20 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-04-10 23:28:18 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-04-10 23:28:18 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-04-10 23:27:50 | 001,202,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2009-04-10 23:21:40 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll MOD - [2008-01-21 04:25:29 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 04:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 04:24:37 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008-01-21 04:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 04:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 04:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (nvsvc) SRV - [2010-01-28 00:58:42 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010-01-19 19:27:18 | 001,043,784 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2010-01-19 19:24:12 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2009-12-13 00:18:32 | 000,181,312 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShowProducer\scsiaccess.exe -- (ScsiAccess) SRV - [2009-10-27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009-09-25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009-09-11 08:33:18 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2009-09-11 08:24:32 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2008-10-16 17:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008-10-16 16:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008-04-06 22:42:24 | 000,050,424 | ---- | M] (NewTech InfoSystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc) SRV - [2008-04-04 03:03:14 | 000,131,072 | ---- | M] () [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc) SRV - [2008-03-21 13:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService) SRV - [2008-03-18 21:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2008-03-03 13:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc) SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008-01-21 04:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008-01-21 04:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2008-01-10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service) SRV - [2007-12-06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-10-14 08:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2009-10-06 11:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009-10-06 11:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009-10-06 11:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009-10-06 11:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009-10-04 01:19:55 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-09-11 08:26:28 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2009-09-11 08:23:50 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009-09-11 08:17:16 | 000,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon) DRV - [2009-08-19 13:35:00 | 009,787,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009-06-30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot) DRV - [2009-04-10 21:42:54 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2008-11-17 07:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-04-25 04:20:44 | 002,126,688 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-04-12 03:55:04 | 000,084,240 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008-04-03 22:56:00 | 000,043,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2008-03-21 10:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15) DRV - [2008-03-01 01:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008-02-22 21:50:48 | 000,198,064 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2008-02-21 11:55:00 | 000,299,008 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) DRV - [2008-02-14 18:17:10 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio) DRV - [2008-01-31 03:52:06 | 000,014,848 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr) DRV - [2008-01-21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008-01-21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008-01-21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008-01-21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008-01-21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008-01-21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008-01-21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008-01-21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008-01-21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008-01-21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008-01-21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008-01-21 04:23:23 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf) DRV - [2008-01-21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008-01-21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008-01-21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008-01-21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008-01-21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008-01-21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008-01-21 04:23:23 | 000,030,720 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nscirda.sys -- (NSCIRDA) DRV - [2008-01-21 04:23:22 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV) DRV - [2008-01-21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008-01-21 04:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2008-01-21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008-01-21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008-01-21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008-01-21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008-01-21 04:23:20 | 000,179,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2008-01-21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008-01-21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008-01-21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007-12-16 17:57:20 | 000,075,776 | ---- | M] (Wasay) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD) DRV - [2007-07-16 17:20:26 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid) DRV - [2007-07-16 17:20:24 | 000,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt) DRV - [2006-11-03 07:29:38 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr) DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pl.intl.acer.yahoo.com IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-841358846-551305231-668691147-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-841358846-551305231-668691147-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-841358846-551305231-668691147-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=" FF - prefs.js..network.proxy.backup.ftp: "201.12.27.180:8080" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.gopher: "201.12.27.180:8080" FF - prefs.js..network.proxy.backup.gopher_port: 8080 FF - prefs.js..network.proxy.backup.socks: "201.12.27.180:8080" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "201.12.27.180:8080" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - prefs.js..network.proxy.ftp: "201.12.27.180:8080" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.gopher: "201.12.27.180:8080" FF - prefs.js..network.proxy.gopher_port: 8080 FF - prefs.js..network.proxy.http: "201.12.27.180:8080" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.ssl: "201.12.27.180:8080" FF - prefs.js..network.proxy.ssl_port: 8080 FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-04-22 10:47:36 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-02 20:47:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-05-28 23:22:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-02-26 00:23:36 | 000,000,000 | ---D | M] [2009-10-04 00:56:55 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\mozilla\Extensions [2010-06-16 08:46:27 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\mozilla\Firefox\Profiles\3k8486e1.default\extensions [2010-05-01 00:05:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\mhj\AppData\Roaming\mozilla\Firefox\Profiles\3k8486e1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-06-12 23:01:14 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\mhj\AppData\Roaming\mozilla\Firefox\Profiles\3k8486e1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-01-19 20:46:18 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\mozilla\Firefox\Profiles\3k8486e1.default\extensions\SignPlugin@bph.pl [2010-03-25 00:13:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-05-28 23:22:16 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll [2010-03-16 21:50:20 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-03-16 21:50:20 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-03-16 21:50:20 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-03-16 21:50:20 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-03-16 21:50:20 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-03-16 21:50:20 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKU\S-1-5-21-841358846-551305231-668691147-1000\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found. O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-841358846-551305231-668691147-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-841358846-551305231-668691147-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} https://www.bph.pl/pi/components/bph/SignActivX.cab (SignActivX Control) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\mhj\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\mhj\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias [2008-01-21 04:34:27 | 000,000,000 | ---D | M] NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe - (Acer Incorporated) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Firefox Preloader.lnk - C:\PROGRA~1\FIREFO~1\FIREFO~1.EXE - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.) MsConfig - StartUpFolder: C:^Users^mhj^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation) MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - c:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]AutoConnect[/b] - hkey= - key= - C:\Program Files\AutoConnect\AutoConnect.exe File not found MsConfig - StartUpReg: [b]BkupTray[/b] - hkey= - key= - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe () MsConfig - StartUpReg: [b]eDataSecurity Loader[/b] - hkey= - key= - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe File not found MsConfig - StartUpReg: [b]ePower_DMC[/b] - hkey= - key= - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.) MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) MsConfig - StartUpReg: [b]IPLA![/b] - hkey= - key= - C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) MsConfig - StartUpReg: [b]LManager[/b] - hkey= - key= - C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.) MsConfig - StartUpReg: [b]Malwarebytes Anti-Malware (reboot)[/b] - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) MsConfig - StartUpReg: [b]OODefragTray[/b] - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: [b]PC Suite Tray[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) MsConfig - StartUpReg: [b]PLFSetI[/b] - hkey= - key= - C:\Windows\PLFSetI.exe () MsConfig - StartUpReg: [b]RegClean Expert Scheduler[/b] - hkey= - key= - C:\Program Files\Registry Clean Expert\RCHelper.exe (iExpert Software) MsConfig - StartUpReg: [b]RtHDVCpl[/b] - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: [b]Skytel[/b] - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: [b]WarReg_PopUp[/b] - hkey= - key= - C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated) MsConfig - StartUpReg: [b]Windows Defender[/b] - hkey= - key= - File not found MsConfig - State: "startup" - 2 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-06-16 10:16:23 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\mhj\Desktop\OTL.exe [2010-06-05 10:40:24 | 000,000,000 | ---D | C] -- C:\Users\mhj\DoctorWeb [2010-06-03 20:59:36 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010-05-28 23:22:37 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software [2010-05-25 20:22:00 | 000,000,000 | ---D | C] -- C:\Windows\$regcmp$ [2010-05-23 13:21:39 | 000,000,000 | ---D | C] -- C:\Program Files\Remote Professional [2010-05-23 10:46:00 | 000,000,000 | ---D | C] -- C:\Users\mhj\Desktop\dokumenty [2010-05-01 16:10:01 | 000,000,000 | ---D | C] -- C:\Users\mhj\AppData\Local\SpeedUpMyPC [2010-05-01 16:09:58 | 000,000,000 | ---D | C] -- C:\Users\mhj\AppData\Local\Przyspiesz_Komputer [2010-04-30 12:24:36 | 000,000,000 | ---D | C] -- C:\Users\mhj\AppData\Roaming\PC Suite [2010-04-30 12:24:36 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite [2010-04-30 12:24:36 | 000,000,000 | ---D | C] -- C:\Users\mhj\AppData\Roaming\Nokia [2010-04-30 12:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite [2010-04-30 12:24:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia [2010-04-30 12:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2010-04-30 12:23:58 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys [2010-04-30 12:23:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2010-04-30 12:23:50 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution [2010-04-30 12:23:19 | 000,091,136 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll [2010-04-30 12:23:17 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia [2010-04-30 12:22:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations [2010-04-28 18:03:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010-04-22 19:03:07 | 000,000,000 | ---D | C] -- C:\Users\mhj\Documents\Notesy programu OneNote [2010-04-22 11:13:10 | 000,000,000 | ---D | C] -- C:\Users\mhj\AppData\Local\HP [2010-04-22 11:03:00 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG [2010-04-22 10:49:57 | 000,000,000 | ---D | C] -- C:\Users\mhj\AppData\Roaming\HP [2010-04-22 10:46:44 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant [2010-04-22 10:45:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP [2010-04-22 10:45:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard [2010-04-22 10:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\HP [2010-04-22 10:39:41 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2010-04-18 00:19:09 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-06-16 10:22:17 | 000,662,056 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2010-06-16 10:22:17 | 000,591,872 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010-06-16 10:22:17 | 000,126,908 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2010-06-16 10:22:17 | 000,105,752 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010-06-16 10:22:16 | 001,478,568 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010-06-16 10:17:51 | 002,359,296 | ---- | M] () -- C:\Users\mhj\NTUSER.DAT [2010-06-16 10:16:47 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\mhj\Desktop\OTL.exe [2010-06-16 10:15:30 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml [2010-06-16 10:15:25 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010-06-16 10:15:25 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010-06-16 10:15:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-06-16 10:15:15 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat [2010-06-16 10:14:03 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010-06-16 10:14:02 | 000,524,288 | -HS- | M] () -- C:\Users\mhj\NTUSER.DAT{56824c79-67b6-11df-960d-001d72c11e62}.TMContainer00000000000000000001.regtrans-ms [2010-06-16 10:14:02 | 000,065,536 | -HS- | M] () -- C:\Users\mhj\NTUSER.DAT{56824c79-67b6-11df-960d-001d72c11e62}.TM.blf [2010-06-16 10:13:59 | 003,341,352 | -H-- | M] () -- C:\Users\mhj\AppData\Local\IconCache.db [2010-06-15 21:09:36 | 000,003,854 | ---- | M] () -- C:\Users\mhj\AppData\Roaming\wklnhst.dat [2010-06-13 22:01:18 | 000,001,041 | ---- | M] () -- C:\Users\mhj\AppData\Roaming\vso_ts_preview.xml [2010-06-10 21:25:17 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo [2010-06-09 18:15:02 | 000,072,232 | ---- | M] () -- C:\Users\mhj\AppData\Local\GDIPFONTCACHEV1.DAT [2010-06-09 16:02:38 | 000,307,424 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010-05-25 21:29:25 | 000,524,288 | -HS- | M] () -- C:\Users\mhj\NTUSER.DAT{56824c79-67b6-11df-960d-001d72c11e62}.TMContainer00000000000000000002.regtrans-ms [2010-05-25 21:19:05 | 000,524,288 | -HS- | M] () -- C:\Users\mhj\NTUSER.DAT{44ed12c7-60eb-11df-beae-001d72c11e62}.TMContainer00000000000000000001.regtrans-ms [2010-05-25 21:19:05 | 000,065,536 | -HS- | M] () -- C:\Users\mhj\NTUSER.DAT{44ed12c7-60eb-11df-beae-001d72c11e62}.TM.blf [2010-05-19 09:44:49 | 000,019,456 | ---- | M] () -- C:\Users\mhj\Documents\tytuł.wps [2010-05-17 13:39:52 | 000,015,872 | ---- | M] () -- C:\Users\mhj\Documents\Dokument bez tytułu.wps [2010-05-16 22:39:37 | 000,524,288 | -HS- | M] () -- C:\Users\mhj\NTUSER.DAT{44ed12c7-60eb-11df-beae-001d72c11e62}.TMContainer00000000000000000002.regtrans-ms [2010-05-16 16:21:21 | 000,524,288 | -HS- | M] () -- C:\Users\mhj\NTUSER.DAT{e48be42e-162d-11df-b54b-001d72c11e62}.TMContainer00000000000000000001.regtrans-ms [2010-05-16 16:21:21 | 000,065,536 | -HS- | M] () -- C:\Users\mhj\NTUSER.DAT{e48be42e-162d-11df-b54b-001d72c11e62}.TM.blf [2010-05-16 15:02:42 | 000,634,669 | ---- | M] () -- C:\Windows\System32\oodbs.lor [2010-05-06 15:31:50 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf [2010-05-01 14:57:52 | 000,011,776 | ---- | M] () -- C:\Users\mhj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-04-30 12:25:56 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf [2010-04-30 12:25:30 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf [2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010-04-29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010-04-22 11:10:52 | 000,172,480 | ---- | M] () -- C:\Windows\hpoins44.dat [2010-04-22 10:49:24 | 000,000,179 | ---- | M] () -- C:\Windows\win.ini [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-06-05 00:07:32 | 000,149,675 | ---- | C] () -- C:\Users\mhj\AppData\Local\edsinstaller.txt-20100605.log [2010-05-25 21:20:16 | 000,524,288 | -HS- | C] () -- C:\Users\mhj\NTUSER.DAT{56824c79-67b6-11df-960d-001d72c11e62}.TMContainer00000000000000000002.regtrans-ms [2010-05-25 21:20:16 | 000,524,288 | -HS- | C] () -- C:\Users\mhj\NTUSER.DAT{56824c79-67b6-11df-960d-001d72c11e62}.TMContainer00000000000000000001.regtrans-ms [2010-05-25 21:20:16 | 000,065,536 | -HS- | C] () -- C:\Users\mhj\NTUSER.DAT{56824c79-67b6-11df-960d-001d72c11e62}.TM.blf [2010-05-19 09:44:49 | 000,019,456 | ---- | C] () -- C:\Users\mhj\Documents\tytuł.wps [2010-05-17 13:39:52 | 000,015,872 | ---- | C] () -- C:\Users\mhj\Documents\Dokument bez tytułu.wps [2010-05-16 16:22:23 | 000,524,288 | -HS- | C] () -- C:\Users\mhj\NTUSER.DAT{44ed12c7-60eb-11df-beae-001d72c11e62}.TMContainer00000000000000000002.regtrans-ms [2010-05-16 16:22:23 | 000,524,288 | -HS- | C] () -- C:\Users\mhj\NTUSER.DAT{44ed12c7-60eb-11df-beae-001d72c11e62}.TMContainer00000000000000000001.regtrans-ms [2010-05-16 16:22:23 | 000,065,536 | -HS- | C] () -- C:\Users\mhj\NTUSER.DAT{44ed12c7-60eb-11df-beae-001d72c11e62}.TM.blf [2010-05-06 15:31:50 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf [2010-04-30 12:25:56 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf [2010-04-30 12:25:30 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf [2010-04-22 11:10:51 | 000,000,586 | ---- | C] () -- C:\Windows\hpomdl44.dat.temp [2010-04-22 10:39:55 | 000,172,480 | ---- | C] () -- C:\Windows\hpoins44.dat [2010-04-22 10:39:55 | 000,001,647 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2010-04-02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2009-11-05 12:19:28 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2009-10-24 12:27:19 | 000,059,904 | ---- | C] () -- C:\Windows\System32\zlib.dll [2009-10-21 20:57:14 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini [2009-10-05 16:04:02 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009-10-04 01:19:55 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2008-10-20 17:44:46 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll [2008-10-20 17:41:05 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2008-10-20 17:41:05 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini [2008-10-20 17:35:22 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2008-05-13 00:32:57 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll [2008-05-13 00:30:09 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll [2008-05-13 00:30:09 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll [2008-04-30 10:09:06 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008-04-30 10:09:01 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll [2008-04-30 10:09:01 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll [2008-04-30 10:09:01 | 000,000,041 | ---- | C] () -- C:\Windows\Prelaunch.ini [2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 12:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll [2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2001-12-26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001-11-14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [2001-09-03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001-07-30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001-07-23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll [1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2008-10-20 17:41:46 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\Acer [2008-05-13 00:27:42 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\Acer GameZone Console [2009-12-05 14:30:02 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\AnvSoft [2009-10-04 01:23:15 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\DAEMON Tools [2009-10-04 01:23:15 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\DAEMON Tools Lite [2009-12-05 01:39:30 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\ESET [2009-10-04 01:12:49 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\iExpert Software [2010-05-25 20:01:37 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\ipla [2009-10-14 17:37:03 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\Leadertech [2009-12-01 18:26:49 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\NCH Swift Sound [2009-12-13 00:18:35 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\Netscape [2010-05-01 14:57:36 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\Nokia [2010-04-30 12:25:40 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\PC Suite [2009-12-13 00:48:17 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\Photodex [2010-01-07 19:10:10 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\Template [2010-01-28 00:58:37 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\TuneUp Software [2010-06-13 22:01:19 | 000,000,000 | ---D | M] -- C:\Users\mhj\AppData\Roaming\Vso [2010-06-16 10:14:03 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009-04-10 23:36:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2008-02-06 01:25:41 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006-09-18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2009-12-01 21:26:24 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-04-30 20:23:14 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt [2008-10-20 17:33:32 | 000,000,020 | ---- | M] () -- C:\Medion.ini [2009-12-01 21:26:24 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-06-16 10:15:09 | 3529,646,080 | -HS- | M] () -- C:\pagefile.sys [2008-10-20 17:27:22 | 000,000,058 | ---- | M] () -- C:\Partition.txt [2008-06-24 20:20:46 | 000,002,968 | -HS- | M] () -- C:\Patch.rev [2009-12-13 00:18:44 | 000,001,616 | ---- | M] () -- C:\photodex-presenter-install.log [2008-05-13 11:04:16 | 000,000,147 | RHS- | M] () -- C:\preload.rev [2010-06-09 19:58:25 | 000,024,588 | ---- | M] () -- C:\result.txt [2008-10-20 17:37:20 | 000,000,426 | ---- | M] () -- C:\RHDSetup.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-10-21 09:09:49 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys [2008-10-21 09:09:49 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys [2009-04-10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys [2009-04-10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009-04-10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009-04-10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008-01-21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008-01-21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006-11-02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2008-10-21 09:09:49 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-01-21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\ERDNT\cache\beep.sys [2008-01-21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys [2008-01-21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-01-21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008-01-21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009-04-10 21:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009-04-10 21:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009-04-10 21:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006-11-02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-04-10 23:32:50 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\ERDNT\cache\ndis.sys [2009-04-10 23:32:50 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009-04-10 23:32:50 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-04-10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe [2009-04-10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009-04-10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:C95B63DA < End of report > OTL Extras logfile created on: 2010-06-16 10:20:10 - Run 1 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\mhj\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 142,65 Gb Total Space | 85,10 Gb Free Space | 59,65% Space Free | Partition Type: NTFS Drive D: | 142,67 Gb Total Space | 135,18 Gb Free Space | 94,75% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MHJ-PC Current User Name: mhj Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-841358846-551305231-668691147-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00B45115-AA09-45E6-8A56-BBAFA8A09C41}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{0689F8F5-8DF0-4FC5-999A-A6D66AA68216}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{0D131F2F-2917-412F-83CA-844C0C156062}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1452C118-1F26-43CF-B35F-697570A7E3C4}" = rport=445 | protocol=6 | dir=out | app=system | "{20D8B634-CD1D-43DE-82D4-2B0D69138B6E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{2B223483-AA6F-42C4-AC82-11C3B8EC8178}" = rport=137 | protocol=17 | dir=out | app=system | "{2BE7CE5B-B43C-4653-B831-E52576813AA2}" = rport=139 | protocol=6 | dir=out | app=system | "{37993855-BABF-4058-BC6A-D3D3D6534753}" = lport=138 | protocol=17 | dir=in | app=system | "{3D8753DD-9B84-4737-8D84-18EDA2A8216B}" = rport=10243 | protocol=6 | dir=out | app=system | "{457D3DDC-D77D-4D37-AF40-0CC8A550ABE1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4C0ACD70-17FB-400D-99EB-EA54ADA695BC}" = lport=2869 | protocol=6 | dir=in | app=system | "{4CDEEB2D-9531-4140-910A-EB077A7F93C7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{515D0513-AB86-47C9-89BB-B72FA8BA10E5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{56DA7211-5F28-493B-91E0-E621EEBF6DC8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{576F188B-987F-4078-AB97-05D57A75AFE1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6084A18D-F883-4371-9A56-71473C750ED0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{7F90FB9D-F65A-4230-9BA1-6AAC3F31172D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{80BCF332-671D-4A1F-8B90-925E6E57EED4}" = rport=138 | protocol=17 | dir=out | app=system | "{A0D2B79A-F330-4A1C-9534-6818F2432627}" = lport=10243 | protocol=6 | dir=in | app=system | "{A5A525B0-119E-41C9-855C-03C4819AFD90}" = lport=139 | protocol=6 | dir=in | app=system | "{ADC8E649-61CF-4102-842E-9BBD83BBB264}" = lport=137 | protocol=17 | dir=in | app=system | "{B3C4D47D-A6DB-4448-B1B4-77D2397344D6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C6FA2D2F-D448-4D56-B156-1D6CEF5AACA3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CB361CE5-3483-4715-8E49-9012133D71A1}" = lport=445 | protocol=6 | dir=in | app=system | "{EBA834FF-DDBE-402E-944F-355E8123DE71}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F285C34F-5C0F-4AC6-BA76-3B70196813C5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{FC6E36BC-4F57-4117-AD34-C54D929E3EED}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{088EF17B-542D-40AD-B0E3-8A28C6C32932}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{0CDDFEC4-5492-4057-87E6-D0BBBA02F905}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{13843936-FA99-4DD3-B4A7-7A63787BA8BF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{13BAA624-DE4B-4DB5-B333-9AC10925CE65}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{175DFBF2-B9A2-44F0-B5E2-D659B6EC7713}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe | "{1ECDBA06-9A84-4430-B261-E38EF44D5CD0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | "{21E7FC62-9657-4F6D-BEDD-4B84118EB1BB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | "{21F46B6E-FC2F-449C-B43E-2604000C9531}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{2881433F-FACC-4EE5-A707-29DE23D1830F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{2D240260-EB93-4E97-A9D3-C0FB9A9D120B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{31F806C1-6B81-4344-BA8E-3F3887B0B27A}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{380CB552-3A4B-4A46-8C32-086B647A646C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{381BC554-6BEB-4091-BA34-14AD1A140479}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | "{49E91D78-C8A7-4C2D-BA66-536C05D6FF66}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{5A75798D-089E-4144-BBF2-DF192DDD7527}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{6082C591-2D0B-4E76-8C1A-F75AEE932526}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{6DB54D63-9EC1-4495-B96C-4BF4C2E785B2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | "{7F56C3F5-1F37-4933-81BD-E8493FF84573}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | "{7FC901CE-A6B6-48B4-9413-B2994FD03B65}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{8098B763-5C63-4AF2-92E4-89A6A567184F}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | "{8B2CCD95-5337-4B9F-8097-467A0152C7CE}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | "{8DBC28F5-63E8-4612-BB44-D6079EF3A713}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{94163964-A11F-4E0F-A95F-131084D07822}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{9C049A7E-F150-453E-9C84-1B7E70FDC929}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | "{A72CC041-24EB-452B-84B8-FB348F0F12BF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | "{A743D955-2565-45D6-A58B-3330DEB6DAAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{AD23EEAD-E8D8-4BC0-9F52-5F21074A1B4D}" = protocol=17 | dir=in | app=c:\program files\capcom\streetfighteriv\streetfighteriv.exe | "{AEA80053-EBEC-432F-843A-5B3324E27E53}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{B4651211-5B47-4012-BB61-263C09D1070A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | "{B7B8702C-3A2C-4B6F-BC58-10A5E3C6FB4E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{B99099F2-6AB4-470B-BB34-627F760ACC3D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{B9C395C7-6B63-462C-9231-13218A85346C}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{BF884159-0081-4D98-93FB-8D97FE4E6DCD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | "{C1FB2FDF-C2E2-457A-831C-041401739353}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C3DE6CC8-F9A7-438A-B0C4-1408C77B0912}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{C9DB28A7-F6C4-41B9-B707-75F2C4206D2A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | "{D11F2C47-EA19-4C8C-8BCC-9B678218C4A5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | "{D3876038-A93E-41E5-9828-E903F2258E3D}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | "{D3ECC737-F64D-456B-B5B1-7AFC462DEABC}" = protocol=6 | dir=in | app=c:\program files\capcom\streetfighteriv\streetfighteriv.exe | "{D4305FA3-2AE9-4008-B729-7B418CDB3E06}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe | "{DB4BEF6E-F571-4F83-8234-5227FFF2C4ED}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{DCC0C3FB-2939-4564-8FCD-76132A39B58E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{E0AFF092-7ECD-4707-973E-DDF6E0EC8700}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{E1F28E2F-3ED2-4BE5-AA16-DAC95937FD92}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E8F7139D-2056-47D9-A943-3C9BEE8A6392}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{E99D42EF-F334-4F03-BA60-3EB3BB7AB355}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{EAB766EB-A144-42F8-949A-CE36A0886D7E}" = protocol=6 | dir=out | app=system | "{F4357471-2EBF-4FAE-B739-6C266EBAD986}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{F696CC71-0E70-464B-90BB-472A2F246CF6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{FAED1CDD-F85F-4123-A175-86C4BE1BF62F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FE1F0AE8-733A-43C6-8BE6-295CC0EA3E2F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{FF586773-6DCD-4745-A647-6F21EE2FDFE9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "TCP Query User{1C6FA8E2-91ED-44D4-B175-6C8D81518D7F}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{2A3990CB-4403-4A5F-945F-A1FD6F180B41}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{2F1C7177-E189-4769-A113-F3515CAC1BA6}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{2FBA1043-BF8E-406D-8FD3-021576BE1324}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{334156CA-41C4-41BF-92D5-E34004F3126A}C:\program files\real alternative\media player classic\mplayerc.exe" = protocol=6 | dir=in | app=c:\program files\real alternative\media player classic\mplayerc.exe | "TCP Query User{6485EFB4-BFD3-4FB3-8837-5ECC4FE496A7}C:\program files\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files\tvants\tvants.exe | "TCP Query User{750CBA96-48DA-47B2-B4C5-C25099358174}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{75ACB89F-15E8-428F-89D0-1352B4B7B2EB}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{7D5E2EEA-DE22-4563-8706-7CA187C664E1}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe | "TCP Query User{7DE860A6-24C9-45F9-AEFB-A11AC036EE0A}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{90F8A2E1-A00B-4445-9F48-5C3FC52FEA01}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{A8BEAD75-0550-4E6D-A962-FF7684165CF2}C:\users\mhj\desktop\gry\rocknesx\rocknesx.exe" = protocol=6 | dir=in | app=c:\users\mhj\desktop\gry\rocknesx\rocknesx.exe | "TCP Query User{CAD6DEEB-21CD-4C2F-A0EB-0E08DE242333}C:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\polish\setup.exe" = protocol=6 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\polish\setup.exe | "TCP Query User{FB6B7D0E-2E93-4AC4-8ED2-43E175E5C11B}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{21062400-0483-4522-BE61-309CDCAA23EB}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{432A17BC-0226-417E-92D7-CC72A61F2C31}C:\program files\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files\tvants\tvants.exe | "UDP Query User{53737395-058C-4FC7-B83A-0F7DD098895E}C:\users\mhj\desktop\gry\rocknesx\rocknesx.exe" = protocol=17 | dir=in | app=c:\users\mhj\desktop\gry\rocknesx\rocknesx.exe | "UDP Query User{595F5DC4-2365-4E73-A86E-B82B4923D4C0}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{5ADE1B45-2F9E-447F-9F95-5E7F1D75E4B2}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{5F413CBA-AFF3-43C2-832C-8653DBD1C0A7}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe | "UDP Query User{7BADE870-A5BA-47EA-8AA4-57576F5A97E6}C:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\polish\setup.exe" = protocol=17 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\polish\setup.exe | "UDP Query User{A39D15A4-2C08-4B45-B7C5-09A7B37B4BF5}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{B0506D37-0F55-4FEA-ACF8-9DCC2212AEAD}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{B2659422-2C8C-441B-A673-F32167825AC3}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{B82D53B3-9343-444C-9F33-AC5CC383D251}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{BCD3EE49-75AF-4533-8CDD-FBC6F92E83F2}C:\program files\real alternative\media player classic\mplayerc.exe" = protocol=17 | dir=in | app=c:\program files\real alternative\media player classic\mplayerc.exe | "UDP Query User{CC3EC764-515D-4B3B-9ED0-A601980BDE8D}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{CF8D3B6B-1019-4550-A5A3-85B8A65FA6BA}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300 "{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM "{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In "{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard "{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery "{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller "{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 15 "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Oprogramowanie Intel(R) PROSet/Wireless WiFi "{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{481C4C27-7A05-47D8-BACB-A3FDD3162D1B}" = Acer Crystal Eye Webcam 3.0.3.1 "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management "{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV "{5A7B12EE-49F5-4019-8EA1-4BA4C41132E5}" = ESET NOD32 Antivirus "{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8 "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400 "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{85767617-E6B1-499E-8C1B-C92E2AAFF586}" = TuneUp Utilities Language Pack (pl-PL) "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology "{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_HOMESTUDENTR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_HOMESTUDENTR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 3.0.3.1 "{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0 "{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status "{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver "{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1 "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities "{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.3.304 "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E9AD90C1-6281-45AB-9458-098D2EF770A1}" = Microsoft Works "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner "{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE "{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy "05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2) "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4) "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Agere Systems Soft Modem" = Agere Systems HDA Modem "Any Video Converter_is1" = Any Video Converter 3.0.1 "CCleaner" = CCleaner "Foxit Reader" = Foxit Reader "GOM Player" = GOM Player "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Print Projects" = HP Print Projects 1.0 "HP Smart Web Printing" = HP Smart Web Printing 4.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5 "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "ipla" = ipla 2.1.3 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Marvell Miniport Driver" = Marvell Miniport Driver "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3) "NapiProjekt_is1" = NapiProjekt 1.0.6.5 "Nero7Lite_is1" = Nero 7 Lite 7.7.5.1 "Nokia PC Suite" = Nokia PC Suite "NVIDIA Drivers" = NVIDIA Drivers "Photodex Presenter" = Photodex Presenter "ProShow Producer" = ProShow Producer "PunkBusterSvc" = PunkBuster Services "RealAlt_is1" = Real Alternative 2.0.1 "Registry Clean Expert_is1" = Registry Clean Expert "Remote Professional" = Remote Professional "Shop for HP Supplies" = Shop for HP Supplies "SopCast" = SopCast 3.2.8 "SynTPDeinstKey" = Synaptics Pointing Device Driver "TuneUp Utilities" = TuneUp Utilities "Winamp" = Winamp "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-06-11 12:21:53 | Computer Name = mhj-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2010-06-11 12:21:53 | Computer Name = mhj-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2010-06-11 12:21:53 | Computer Name = mhj-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2010-06-11 12:21:53 | Computer Name = mhj-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2010-06-11 13:39:58 | Computer Name = mhj-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2010-06-11 13:39:58 | Computer Name = mhj-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2010-06-12 03:24:37 | Computer Name = mhj-PC | Source = WinMgmt | ID = 10 Description = Error - 2010-06-12 04:41:50 | Computer Name = mhj-PC | Source = WinMgmt | ID = 10 Description = Error - 2010-06-12 04:43:42 | Computer Name = mhj-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2010-06-12 08:01:41 | Computer Name = mhj-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2010-06-15 17:08:36 | Computer Name = mhj-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2010-06-15 17:08:36 | Computer Name = mhj-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2010-06-16 02:33:54 | Computer Name = mhj-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2010-06-16 02:33:54 | Computer Name = mhj-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2010-06-16 02:33:54 | Computer Name = mhj-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2010-06-16 02:33:54 | Computer Name = mhj-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2010-06-16 04:15:28 | Computer Name = mhj-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2010-06-16 04:15:28 | Computer Name = mhj-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2010-06-16 04:15:28 | Computer Name = mhj-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2010-06-16 04:15:28 | Computer Name = mhj-PC | Source = Service Control Manager | ID = 7001 Description = < End of report > [/log]
Sohei komentarz 16 czerwca 2010 komentarz 16 czerwca 2010 na dobry początek Wykonaj pełny skan [url=http://dobreprogramy.pl/index.php?dz=2&id=1998][b]DR WEB CureIt[/b][/url] Wykonaj pełny skan[url=http://www.dobreprogramy.pl/Malwarebytes-AntiMalware,Program,Windows,13117.html][b]MBAM[/b][/url] Co znajda usun po czym daj logi z usuwania + nowy log OTL
moxia komentarz 16 czerwca 2010 Autor komentarz 16 czerwca 2010 log mbam [log]Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Wersja bazy: 4203 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 2010-06-16 12:41:02 mbam-log-2010-06-16 (12-41-02).txt Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|F:\|) Przeskanowano obiektów: 229908 Upłynęło: 49 minut(y), 6 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 0 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 0 Zainfekowanych folderów: 0 Zainfekowanych plików: 0 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: (Nie znaleziono zagrożeń) Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: (Nie znaleziono zagrożeń) Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: (Nie znaleziono zagrożeń) [/log]
Mateusz J. komentarz 18 czerwca 2010 komentarz 18 czerwca 2010 W logu niczego nie widzę. Wydaje mi się, że to raczej wina sprzętu, sam system nie ma dużo wspólnego z BIOS. Nie wyświetla się czasem błąd? Częstym "przystankiem" ładującego się paska w przypadku laptopów może być słaba bateria(słaba czyt. stara/zużyta, a nie nienaładowana).
moxia komentarz 18 czerwca 2010 Autor komentarz 18 czerwca 2010 laptopa mam 1,5 roku co prawda bateria siadla mi juz po 6 moze 7 miesiacach(laptop acer)i teraz trzyma mi z 5 minut,musze miec caly czas podpietego do pradu,wiec bateria jest juz zuzyta dobry rok ale problem zaczol pojawiac sie dopiero teraz,nie wyskakuje mi zaden blad ani nic podobnego,jak sie przekonac o tym ze to wina sprzetu? ps opisalem problem w odpowiednim dziale bo tez uwzglednilem taka mozliwosc ze to moze byc wina sprzetu ale nikt mi jeszcze nic nie napisal:(
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.