qbikk89 utworzono 17 listopada 2010 utworzono 17 listopada 2010 po zeskanowaniu przez program, wyskoczyła mi informacja o trojanie, program usunął pliki, ale po restarcie kompa nie mam internetu w przeglądarce - chrome, opera, ie9 =/ windows pokazuje, że połączenie jest i nie ma żadnych problemów i niby gadu, utorrent śmigają, radia internetowe w aimpie też, skype... tylko te przeglądarki, bardzo proszę o pomoc. Dodam, że posiadam Win 7e 64-bitową, czyli nie mam możliwości korzystania z Combofixa. Tutaj wklejam loga z programu po zeskanowaniu: [log]Logfile created: 2010-11-09 17:13:08 Ad-Aware version: 8.3.5 Extended engine: 3 Extended engine version: 3.1.2770 User performing scan: Michał *********************** Definitions database information *********************** Lavasoft definition file: 150.152 Genotype definition file version: 2010/11/05 07:09:09 Extended engine definition file: 7261.0 ******************************** Scan results: ********************************* Scan profile name: Smart Scan (ID: smart) Objects scanned: 22396 Objects detected: 3 Type Detected ========================== Processes.......: 3 Registry entries: 0 Hostfile entries: 0 Files...........: 0 Folders.........: 0 LSPs............: 0 Cookies.........: 0 Browser hijacks.: 0 MRU objects.....: 0 Quarantined items: Description: c:\users\michał\appdata\roaming\microsoft\windows\shell.exe Family Name: Win32.Trojan.FakeAV/B Engine: 1 Clean status: Success Item ID: 0 Family ID: 0 Description: c:\users\michał\appdata\roaming\microsoft\svchost.exe Family Name: Win32.Trojan.FakeAV/B Engine: 1 Clean status: Success Item ID: 0 Family ID: 0 Description: c:\users\micha~1\appdata\local\temp\dwm.exe Family Name: Win32.Trojan.FakeAV/B Engine: 1 Clean status: Success Item ID: 0 Family ID: 0 Scan and cleaning complete: Finished correctly after 148 seconds *********************************** Settings *********************************** Scan profile: ID: smart, enabled:1, value: Smart Scan ID: folderstoscan, enabled:1, value: ID: useantivirus, enabled:1, value: true ID: sections, enabled:1 ID: scancriticalareas, enabled:1, value: true ID: scanrunningapps, enabled:1, value: true ID: scanregistry, enabled:1, value: true ID: scanlsp, enabled:1, value: true ID: scanads, enabled:1, value: false ID: scanhostsfile, enabled:1, value: false ID: scanmru, enabled:1, value: false ID: scanbrowserhijacks, enabled:1, value: true ID: scantrackingcookies, enabled:1, value: true ID: closebrowsers, enabled:1, value: false ID: filescanningoptions, enabled:1 ID: archives, enabled:1, value: false ID: onlyexecutables, enabled:1, value: true ID: skiplargerthan, enabled:1, value: 20480 ID: scanrootkits, enabled:1, value: true ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict ID: usespywareheuristics, enabled:1, value: true Scan global: ID: global, enabled:1 ID: addtocontextmenu, enabled:1, value: true ID: playsoundoninfection, enabled:1, value: false ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav Scheduled scan settings: <Empty> Update settings: ID: updates, enabled:1 ID: launchthreatworksafterscan, enabled:1, value: silently, domain: normal,off,silently ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall ID: schedules, enabled:1, value: true ID: updatedaily1, enabled:1, value: Daily 1 ID: time, enabled:1, value: Thu Feb 18 13:14:00 2010 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily2, enabled:1, value: Daily 2 ID: time, enabled:1, value: Thu Feb 18 19:14:00 2010 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily3, enabled:1, value: Daily 3 ID: time, enabled:1, value: Thu Feb 18 01:14:00 2010 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily4, enabled:1, value: Daily 4 ID: time, enabled:1, value: Thu Feb 18 07:14:00 2010 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updateweekly1, enabled:1, value: Weekly ID: time, enabled:1, value: Thu Feb 18 13:14:00 2010 ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: true ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: true ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false Appearance settings: ID: appearance, enabled:1 ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource ID: showtrayicon, enabled:1, value: true ID: autoentertainmentmode, enabled:1, value: true ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple ID: language, enabled:1, value: en, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language Realtime protection settings: ID: realtime, enabled:1 ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant ID: layers, enabled:1 ID: useantivirus, enabled:1, value: true ID: usespywareheuristics, enabled:1, value: true ID: modules, enabled:1 ID: processprotection, enabled:1, value: true ID: onaccessprotection, enabled:1, value: false ID: registryprotection, enabled:1, value: true ID: networkprotection, enabled:1, value: true ****************************** System information ****************************** Computer name: SCORPION Processor name: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz Processor identifier: Intel64 Family 6 Model 26 Stepping 5 Processor speed: ~3210MHZ Raw info: processorarchitecture 9, processortype 8664, processorlevel 6, processor revision 6661, number of processors 8, processor features: [MMX,SSE,SSE2,SSE3] Physical memory available: 9786253312 bytes Physical memory total: 11801841664 bytes Virtual memory available: 1797763072 bytes Virtual memory total: 2147352576 bytes Memory load: 17% Microsoft (build 7600) Windows startup mode: Running processes: PID: 464 name: C:\Windows\System32\smss.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 612 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 696 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 704 name: C:\Windows\System32\wininit.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 752 name: C:\Windows\System32\winlogon.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 804 name: C:\Windows\System32\services.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 812 name: C:\Windows\System32\lsass.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 820 name: C:\Windows\System32\lsm.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 912 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 1008 name: C:\Windows\System32\nvvsvc.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 132 name: C:\Windows\System32\svchost.exe owner: USŁUGA SIECIOWA domain: ZARZĄDZANIE NT PID: 584 name: C:\Windows\System32\svchost.exe owner: USŁUGA LOKALNA domain: ZARZĄDZANIE NT PID: 616 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 880 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 1112 name: C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 1192 name: C:\Windows\System32\svchost.exe owner: USŁUGA LOKALNA domain: ZARZĄDZANIE NT PID: 1332 name: C:\Windows\System32\nvvsvc.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 1340 name: C:\Windows\System32\svchost.exe owner: USŁUGA SIECIOWA domain: ZARZĄDZANIE NT PID: 1368 name: C:\Windows\System32\wisptis.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 1616 name: C:\Windows\System32\wisptis.exe owner: Michał domain: scorpion PID: 1632 name: C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe owner: Michał domain: scorpion PID: 1704 name: C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe owner: Michał domain: scorpion PID: 1764 name: C:\Windows\System32\spoolsv.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 1864 name: C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 1872 name: C:\Windows\System32\taskhost.exe owner: Michał domain: scorpion PID: 2012 name: C:\Windows\System32\dwm.exe owner: Michał domain: scorpion PID: 2032 name: C:\Windows\explorer.exe owner: Michał domain: scorpion PID: 2040 name: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\shell.exe owner: Michał domain: scorpion PID: 1560 name: C:\Users\Michał\AppData\Roaming\Microsoft\svchost.exe owner: Michał domain: scorpion PID: 2168 name: C:\Program Files (x86)\ASUS\Speeding HDD\SteelVine.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 2184 name: C:\Users\MICHA~1\AppData\Local\Temp\dwm.exe owner: Michał domain: scorpion PID: 2200 name: C:\Windows\System32\taskeng.exe owner: Michał domain: scorpion PID: 2248 name: C:\Windows\System32\taskeng.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 2488 name: C:\Windows\System32\AEADISRV.EXE owner: SYSTEM domain: ZARZĄDZANIE NT PID: 2516 name: C:\Windows\SysWOW64\svchost.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 2556 name: C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 2588 name: C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 2624 name: C:\Program Files (x86)\Bonjour\mDNSResponder.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 2648 name: C:\Windows\System32\svchost.exe owner: USŁUGA LOKALNA domain: ZARZĄDZANIE NT PID: 2676 name: C:\Windows\System32\svchost.exe owner: USŁUGA LOKALNA domain: ZARZĄDZANIE NT PID: 2736 name: C:\Windows\System32\hasplms.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 2752 name: C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 2768 name: C:\Windows\System32\conhost.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 2884 name: C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 2916 name: C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 2984 name: C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 3016 name: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 2124 name: C:\Windows\System32\svchost.exe owner: USŁUGA LOKALNA domain: ZARZĄDZANIE NT PID: 1036 name: C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 3232 name: C:\Windows\System32\wbengine.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 3488 name: C:\Windows\System32\rstrui.exe owner: Michał domain: scorpion PID: 3692 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 3900 name: C:\Windows\System32\rundll32.exe owner: Michał domain: scorpion PID: 3976 name: C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe owner: Michał domain: scorpion PID: 4004 name: C:\Windows\PixArt\Pac207\Monitor.exe owner: Michał domain: scorpion PID: 3484 name: C:\Program Files (x86)\Windows Sidebar\sidebar.exe owner: Michał domain: scorpion PID: 2776 name: C:\Program Files (x86)\uTorrent\uTorrent.exe owner: Michał domain: scorpion PID: 2448 name: C:\Windows\System32\SearchIndexer.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 3612 name: C:\Program Files (x86)\RocketDock\RocketDock.exe owner: Michał domain: scorpion PID: 4076 name: C:\Program Files (x86)\GIGABYTE\Gamer HUD Lite\HUD.exe owner: Michał domain: scorpion PID: 3872 name: C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe owner: Michał domain: scorpion PID: 3092 name: C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe owner: Michał domain: scorpion PID: 4128 name: C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe owner: Michał domain: scorpion PID: 4540 name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe owner: Michał domain: scorpion PID: 4668 name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe owner: Michał domain: scorpion PID: 3060 name: C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe owner: Michał domain: scorpion PID: 1676 name: C:\Windows\System32\sppsvc.exe owner: USŁUGA SIECIOWA domain: ZARZĄDZANIE NT PID: 2324 name: C:\Program Files\Windows Media Player\wmpnetwk.exe owner: USŁUGA SIECIOWA domain: ZARZĄDZANIE NT PID: 148 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 3844 name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe owner: Michał domain: scorpion PID: 3496 name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe owner: Michał domain: scorpion PID: 1276 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: USŁUGA SIECIOWA domain: ZARZĄDZANIE NT PID: 2992 name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe owner: Michał domain: scorpion PID: 5480 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 5536 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 5744 name: C:\Windows\System32\wbem\WMIADAP.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 5908 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: ZARZĄDZANIE NT PID: 6092 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe owner: Michał domain: scorpion PID: 6128 name: C:\Windows\explorer.exe owner: Michał domain: scorpion PID: 3676 name: C:\Windows\System32\dllhost.exe owner: Michał domain: scorpion Startup items: Name: WebCheck imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED} Name: JMB36X IDE Setup imagepath: C:\Windows\RaidTool\xInsIDE.exe Name: EEventManager imagepath: C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe Name: avgnt imagepath: "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min Name: AdobeCS5ServiceManager imagepath: "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin Name: SwitchBoard imagepath: C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe Name: svchost imagepath: C:\Users\Michał\AppData\Roaming\Microsoft\svchost.exe Name: SunJavaUpdateSched imagepath: "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" Name: imagepath: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini Name: location: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OfficeSAS.lnk imagepath: C:\Program Files (x86)\Microsoft Office\Office14\OfficeSAS\officeSASscheduler.exe Name: imagepath: C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini Bootexecute items: Name: imagepath: autocheck autochk * Name: imagepath: lsdelete Running services: Name: 57xx SteelVine Manager displayname: 57xx SteelVine Name: AEADIFilters displayname: Andrea ADI Filters Service Name: AeLookupSvc displayname: Użytkowanie aplikacji Name: Akamai displayname: Akamai NetSession Interface Name: AntiVirSchedulerService displayname: Avira AntiVir Scheduler Name: AntiVirService displayname: Avira AntiVir Guard Name: AsSysCtrlService displayname: ASUS System Control Service Name: AudioEndpointBuilder displayname: Konstruktor punktów końcowych audio systemu Windows Name: AudioSrv displayname: Windows Audio Name: BITS displayname: Usługa inteligentnego transferu w tle Name: Bonjour Service displayname: Usługa Bonjour Name: Browser displayname: Przeglądarka komputera Name: CryptSvc displayname: Usługi kryptograficzne Name: CscService displayname: Pliki trybu offline Name: CTAudSvcService displayname: Creative Audio Service Name: DcomLaunch displayname: Program uruchamiający proces serwera DCOM Name: Dhcp displayname: Klient DHCP Name: Dnscache displayname: Klient DNS Name: DPS displayname: Usługa zasad diagnostyki Name: eventlog displayname: Dziennik zdarzeń systemu Windows Name: EventSystem displayname: System zdarzeń COM+ Name: FDResPub displayname: Publikacja zasobów odnajdowania funkcji Name: FontCache displayname: Usług systemu Windows buforowania czcionek Name: gpsvc displayname: Klient zasad grupy Name: hasplms displayname: HASP License Manager Name: hidserv displayname: Dostęp do urządzeń interfejsu HID Name: IAANTMON displayname: Intel(R) Matrix Storage Event Monitor Name: iphlpsvc displayname: Pomoc IP Name: LanmanServer displayname: Serwer Name: LanmanWorkstation displayname: Stacja robocza Name: Lavasoft Ad-Aware Service displayname: Lavasoft Ad-Aware Service Name: lmhosts displayname: Pomoc TCP/IP NetBIOS Name: mi-raysat_3dsmax2010_32 displayname: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit Name: mi-raysat_3dsmax2010_64 displayname: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit Name: MMCSS displayname: Harmonogram klas multimediów Name: Netman displayname: Połączenia sieciowe Name: netprofm displayname: Usługa listy sieci Name: NlaSvc displayname: Rozpoznawanie lokalizacji w sieci Name: nsi displayname: Usługa interfejsu magazynu sieciowego Name: nvsvc displayname: NVIDIA Display Driver Service Name: PcaSvc displayname: Usługa Asystent zgodności programów Name: PlugPlay displayname: Plug and Play Name: Power displayname: Zasilanie Name: ProfSvc displayname: Usługa profilów użytkowników Name: RichVideo displayname: Cyberlink RichVideo Service(CRVS) Name: RpcEptMapper displayname: Program mapowania punktów końcowych wywołań RPC Name: RpcSs displayname: Zdalne wywoływanie procedur (RPC) Name: SamSs displayname: Menedżer kont zabezpieczeń Name: Schedule displayname: Harmonogram zadań Name: SDRSVC displayname: Kopia zapasowa systemu Windows Name: SENS displayname: Usługa powiadamiania o zdarzeniach systemowych Name: ShellHWDetection displayname: Wykrywanie sprzętu powłoki Name: Spooler displayname: Bufor wydruku Name: sppsvc displayname: Ochrona oprogramowania Name: SSDPSRV displayname: Odnajdywanie SSDP Name: Stereo Service displayname: NVIDIA Stereoscopic 3D Driver Service Name: stisvc displayname: Windows Image Acquisition (WIA) Name: swprv displayname: Dostawca kopiowania w tle oprogramowania firmy Microsoft Name: SysMain displayname: Wstępne ładowanie do pamięci Name: TabletInputService displayname: Usługa wprowadzania na komputerze typu Tablet Name: Themes displayname: Kompozycje Name: TrkWks displayname: Klient śledzenia łączy rozproszonych Name: upnphost displayname: Host urządzenia UPnP Name: UxSms displayname: Menedżer sesji Menedżera okien pulpitu Name: wbengine displayname: Usługa Aparat kopii zapasowej na poziomie bloku Name: WdiServiceHost displayname: Host usługi diagnostyki Name: WdiSystemHost displayname: Host systemu diagnostyki Name: WinHttpAutoProxySvc displayname: Usługa autowykrywania serwera proxy w sieci Web WinHTTP Name: Winmgmt displayname: Instrumentacja zarządzania Windows Name: WMPNetworkSvc displayname: Usługa udostępniania w sieci programu Windows Media Player Name: wscsvc displayname: Centrum zabezpieczeń Name: WSearch displayname: Windows Search Name: wuauserv displayname: Windows Update Name: wudfsvc displayname: Windows Driver Foundation — User-mode Driver Framework [/log]
qbikk89 komentarz 23 listopada 2010 Autor komentarz 23 listopada 2010 (edytowane) dzięki, wrzucam tutaj logi z tych programów: OTL: [log] OTL logfile created on: 2010-11-18 00:50:32 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Michał\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.7930.16406) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 11,00 Gb Total Physical Memory | 9,00 Gb Available Physical Memory | 83,00% Memory free 22,00 Gb Paging File | 20,00 Gb Available in Paging File | 91,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 88,82 Gb Total Space | 15,49 Gb Free Space | 17,44% Space Free | Partition Type: NTFS Drive D: | 11,17 Gb Total Space | 6,45 Gb Free Space | 57,68% Space Free | Partition Type: NTFS Drive E: | 250,00 Gb Total Space | 221,67 Gb Free Space | 88,67% Space Free | Partition Type: NTFS Drive F: | 250,00 Gb Total Space | 147,73 Gb Free Space | 59,09% Space Free | Partition Type: NTFS Drive G: | 331,52 Gb Total Space | 81,19 Gb Free Space | 24,49% Space Free | Partition Type: NTFS Drive M: | 484,98 Mb Total Space | 484,10 Mb Free Space | 99,82% Space Free | Partition Type: FAT32 Computer Name: SCORPION | User Name: Michał | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - File not found -- C:\Windows\SysWow64\hasplms.exe PRC - [2010-11-17 21:42:56 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Michał\Desktop\OTL.exe PRC - [2010-11-17 20:57:30 | 000,928,496 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2010-11-17 20:57:29 | 001,375,992 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe PRC - [2010-11-06 12:33:12 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010-11-06 12:33:12 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2010-11-06 12:33:12 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2010-11-02 17:50:11 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe PRC - [2010-07-27 17:44:08 | 000,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe PRC - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010-02-22 13:04:13 | 000,488,968 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe PRC - [2010-02-22 13:04:07 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe PRC - [2010-02-18 20:47:48 | 000,319,280 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe PRC - [2009-08-19 19:56:38 | 000,090,112 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe PRC - [2009-07-14 02:14:42 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe PRC - [2009-06-04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009-06-04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2009-03-12 16:39:54 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe PRC - [2009-03-12 16:36:24 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe PRC - [2009-02-23 11:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe PRC - [2008-05-29 15:55:24 | 001,286,144 | ---- | M] () -- C:\Program Files (x86)\ASUS\Speeding HDD\SteelVine.exe PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe PRC - [2007-05-16 09:27:38 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2007-05-16 09:27:28 | 000,271,920 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe PRC - [2007-05-16 09:27:16 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2007-05-14 03:54:36 | 000,272,024 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe PRC - [2006-11-03 10:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe PRC - [2006-10-12 15:57:08 | 000,102,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe PRC - [2005-01-12 03:01:32 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-11-17 21:42:56 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Michał\Desktop\OTL.exe MOD - [2010-02-22 13:04:29 | 000,118,784 | ---- | M] (RealPlayer) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll MOD - [2010-02-22 13:04:12 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr71.dll MOD - [2010-02-22 13:04:11 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp71.dll MOD - [2009-07-14 02:17:51 | 001,289,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2009-07-14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2009-07-14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2009-07-14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 02:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-07-14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2009-07-14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2009-07-14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2009-07-14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 02:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2009-07-14 02:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2009-07-14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2009-07-14 02:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2009-07-14 02:16:12 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2009-07-14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2009-07-14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2009-07-14 02:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2009-07-14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 02:11:24 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2009-07-14 02:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2009-07-14 02:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2009-07-14 02:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 02:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2009-07-14 02:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2009-07-14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll MOD - [2009-07-14 02:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - File not found [Auto | Stopped] -- C:\Windows\SysNative\DirectX\svchost.exe -- (svchost32) SRV:[b]64bit:[/b] - File not found [Disabled | Stopped] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA) SRV:[b]64bit:[/b] - File not found [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV:[b]64bit:[/b] - [2010-04-09 19:30:11 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2009-09-17 14:38:22 | 000,111,616 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2009-04-21 11:59:08 | 002,869,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms) SRV:[b]64bit:[/b] - [2009-03-12 16:39:54 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe -- (mi-raysat_3dsmax2010_64) SRV:[b]64bit:[/b] - [2007-09-07 19:16:16 | 001,909,032 | ---- | M] (Wacom Technology, Corp.) [Disabled | Stopped] -- C:\Windows\SysNative\Pen_Tablet.exe -- (TabletServicePen) SRV - [2010-11-17 20:57:29 | 001,375,992 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2010-11-14 21:34:31 | 000,066,872 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010-11-12 01:03:27 | 000,078,536 | ---- | M] (Macrovision ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe -- (InstallShield Licensing Service) SRV - [2010-11-11 18:06:29 | 003,019,352 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai\netsession_win_4176eef.dll -- (Akamai) SRV - [2010-11-06 12:33:12 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010-11-06 12:33:12 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010-08-13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-02-28 16:25:22 | 000,068,096 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service) SRV - [2010-02-21 12:25:51 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010-02-17 15:50:06 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service) SRV - [2010-02-17 15:49:39 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) SRV - [2010-01-08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2009-08-24 22:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe -- (DfSdkS) SRV - [2009-08-19 19:56:38 | 000,090,112 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-06-04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R) SRV - [2009-03-12 16:36:24 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe -- (mi-raysat_3dsmax2010_32) SRV - [2009-02-23 11:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService) SRV - [2008-06-13 03:05:48 | 001,539,224 | ---- | M] (Autodesk, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskNetSrv.exe -- (Autodesk Network Licensing Service) SRV - [2008-05-29 15:55:24 | 001,286,144 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\Speeding HDD\SteelVine.exe -- (57xx SteelVine Manager) SRV - [2007-12-27 15:39:30 | 000,166,520 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service) SRV - [2007-12-27 15:39:20 | 000,051,816 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - File not found [Kernel | System | Stopped] -- C:\Windows\SysNative\DRIVERS\EIO64.sys -- (EIO64) DRV:[b]64bit:[/b] - [2010-11-06 12:33:12 | 000,081,584 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:[b]64bit:[/b] - [2010-09-23 08:46:09 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd) DRV:[b]64bit:[/b] - [2010-03-02 12:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:[b]64bit:[/b] - [2010-02-18 21:35:50 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2009-09-17 14:38:22 | 000,478,208 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV:[b]64bit:[/b] - [2009-09-17 14:38:22 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MCfilt64.sys -- (MCfilt) DRV:[b]64bit:[/b] - [2009-08-26 06:48:44 | 000,071,040 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf) DRV:[b]64bit:[/b] - [2009-07-16 11:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM) DRV:[b]64bit:[/b] - [2009-07-13 03:01:41 | 000,105,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:[b]64bit:[/b] - [2009-07-09 02:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:[b]64bit:[/b] - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-06-04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009-05-20 10:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:[b]64bit:[/b] - [2009-05-18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2009-03-13 10:55:38 | 000,318,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock) DRV:[b]64bit:[/b] - [2009-01-08 10:55:04 | 000,129,280 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge) DRV:[b]64bit:[/b] - [2007-06-24 21:56:56 | 000,047,368 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btcusb.sys -- (Btcsrusb) DRV:[b]64bit:[/b] - [2007-06-24 21:56:42 | 000,037,384 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV:[b]64bit:[/b] - [2007-06-24 21:56:36 | 000,037,896 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\blueletaudio.sys -- (BlueletAudio) DRV:[b]64bit:[/b] - [2007-03-05 20:47:08 | 000,025,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BtNetDrv.sys -- (BT) DRV:[b]64bit:[/b] - [2007-03-05 20:39:28 | 000,063,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VcommMgr.sys -- (VcommMgr) DRV:[b]64bit:[/b] - [2007-03-05 20:38:20 | 000,047,120 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VComm.sys -- (VComm) DRV:[b]64bit:[/b] - [2007-02-16 20:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter) DRV:[b]64bit:[/b] - [2007-02-16 19:30:12 | 000,014,640 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid) DRV:[b]64bit:[/b] - [2007-02-16 01:11:26 | 000,012,976 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WacomVKHid.sys -- (WacomVKHid) DRV:[b]64bit:[/b] - [2006-12-05 10:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207) DRV:[b]64bit:[/b] - [2006-11-22 05:20:00 | 000,107,008 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\WibuKey64.sys -- (WIBUKEY) DRV - [2010-11-04 01:59:02 | 000,017,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys -- (Lavasoft Kernexplorer) DRV - [2009-12-18 10:58:52 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64) DRV - [2007-06-24 21:56:56 | 000,047,368 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\btcusb.sys -- (Btcsrusb) DRV - [2007-06-24 21:56:42 | 000,037,384 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV - [2007-06-24 21:56:36 | 000,037,896 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\blueletaudio.sys -- (BlueletAudio) DRV - [2007-03-05 20:47:08 | 000,025,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\btnetdrv.sys -- (BT) DRV - [2007-03-05 20:42:54 | 000,049,680 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BTHidMgr.sys -- (BTHidMgr) DRV - [2007-03-05 20:41:34 | 000,024,976 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\vbtenum.sys -- (BTHidEnum) DRV - [2007-03-05 20:39:28 | 000,063,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\VCommMgr.sys -- (VcommMgr) DRV - [2007-03-05 20:38:20 | 000,047,120 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\VComm.sys -- (VComm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Bing" FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q=" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.lockerz.com/" FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0 FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.6.1 FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:1.1.2 FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3 FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0 FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=IEFM1&q=" FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 50370 FF - prefs.js..network.proxy.type: 1 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-10-25 13:19:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: G:\Adobe CS5\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010-11-02 17:58:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-10-22 00:50:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-11-14 20:57:32 | 000,000,000 | ---D | M] [2010-02-17 16:19:43 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\mozilla\Extensions [2010-10-25 13:19:10 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\mozilla\Firefox\Profiles\y4p9czh5.default\extensions [2010-10-25 13:19:10 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\mozilla\Firefox\Profiles\y4p9czh5.default\extensions\autofillForms@blueimp.net [2010-10-25 13:19:10 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\mozilla\Firefox\Profiles\y4p9czh5.default\extensions\DTToolbar@toolbarnet.com [2010-03-15 08:28:16 | 000,001,819 | ---- | M] () -- C:\Users\Michał\AppData\Roaming\Mozilla\FireFox\Profiles\y4p9czh5.default\searchplugins\bing.xml [2010-02-18 21:36:10 | 000,002,055 | ---- | M] () -- C:\Users\Michał\AppData\Roaming\Mozilla\FireFox\Profiles\y4p9czh5.default\searchplugins\daemon-search.xml [2010-11-06 12:37:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2010-10-25 13:19:05 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-11-06 12:37:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-03-27 18:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll [2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010-10-01 20:25:17 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2010-10-01 20:25:17 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2010-10-01 20:25:17 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2010-10-01 20:25:17 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2010-10-01 20:25:17 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2010-10-01 20:25:17 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-11-02 18:28:36 | 000,001,410 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 preactivate.adobe.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 192.150.18.108 O1 - Hosts: 127.0.0.1 activate.adobe.com:443 O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - G:\Adobe CS5\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - G:\Adobe CS5\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O3:[b]64bit:[/b] - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation) O4:[b]64bit:[/b] - HKLM..\Run: [RunDLLEntry] C:\Windows\system32\AmbRunE.DLL File not found O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - Startup: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE Gamer HUD Lite.lnk = C:\Program Files (x86)\GIGABYTE\Gamer HUD Lite\HUD.exe () O4 - Startup: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk = C:\Program Files (x86)\RocketDock\RocketDock.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll () O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.87.36.36 192.87.106.106 O18:[b]64bit:[/b] - Protocol\Handler\dialux {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18 - Protocol\Handler\dialux {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - C:\Program Files (x86)\DIALux\DLXToolBox.dll (DIAL GmbH, Germany) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001 Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-10-25 16:58:10 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O33 - MountPoints2\{92c5cd14-1d5e-11df-8339-0015830d20c4}\Shell - "" = AutoRun O33 - MountPoints2\{92c5cd14-1d5e-11df-8339-0015830d20c4}\Shell\AutoRun\command - "" = J:\autorun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BlueSoleil.lnk - C:\PROGRA~2\IVTCOR~1\BLUESO~1\gprs.exe - (IVT Corporation.) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DRSpawner.lnk - C:\PROGRA~3\ASGvis\DRSPAW~1\DRSPAW~1.EXE - File not found MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk - C:\PROGRA~2\WIBUKEY\Server\WkSvMgr.exe - (WIBU-SYSTEMS AG) MsConfig:64bit - StartUpFolder: C:^Users^Michał^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\MICHA~1\AppData\Roaming\Dropbox\bin\Dropbox.exe - () MsConfig:64bit - StartUpFolder: C:^Users^Michał^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk - C:\PROGRA~2\MICROS~1\Office14\ONENOTEM.EXE - File not found MsConfig:64bit - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]AdobeAAMUpdater-1.0[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]AdobeCS4ServiceManager[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe File not found MsConfig:64bit - StartUpReg: [b]AQQ[/b] - hkey= - key= - C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe (Creative Team S.A.) MsConfig:64bit - StartUpReg: [b]BCSSync[/b] - hkey= - key= - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe File not found MsConfig:64bit - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig:64bit - StartUpReg: [b]Gadu-Gadu 10[/b] - hkey= - key= - C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) MsConfig:64bit - StartUpReg: [b]IPLA![/b] - hkey= - key= - C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.) MsConfig:64bit - StartUpReg: [b]iTunesHelper[/b] - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig:64bit - StartUpReg: [b]LanguageShortcut[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe File not found MsConfig:64bit - StartUpReg: [b]msnmsgr[/b] - hkey= - key= - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: [b]PWRISOVM.EXE[/b] - hkey= - key= - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) MsConfig:64bit - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.) MsConfig:64bit - StartUpReg: [b]RemoteControl[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.) MsConfig:64bit - StartUpReg: [b]SearchSettings[/b] - hkey= - key= - C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.) MsConfig:64bit - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig:64bit - StartUpReg: [b]UCam_Menu[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) MsConfig:64bit - StartUpReg: [b]UpdatePSTShortCut[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) MsConfig:64bit - StartUpReg: [b]uTorrent[/b] - hkey= - key= - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) MsConfig:64bit - State: "bootini" - Reg Error: Key error. MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PEVSystemStart - Service SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] procexp90.Sys - Driver SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PEVSystemStart - Service SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: procexp90.Sys - Driver SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PEVSystemStart - Service SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] procexp90.Sys - Driver SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PEVSystemStart - Service SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: procexp90.Sys - Driver SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-11-17 21:46:06 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Michał\Desktop\OTL.exe [2010-11-16 14:46:58 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Ahead [2010-11-16 14:45:22 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Ahead [2010-11-16 14:45:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead [2010-11-16 14:44:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2010-11-16 14:44:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero [2010-11-16 14:44:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead [2010-11-16 13:45:17 | 000,000,000 | ---D | C] -- C:\Users\Michał\Documents\CyberLink [2010-11-16 13:31:35 | 000,000,000 | ---D | C] -- C:\Users\Michał\Desktop\power dvd 6 [2010-11-15 01:49:10 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\dvdcss [2010-11-14 12:19:11 | 000,000,000 | ---D | C] -- C:\Users\Michał\Desktop\monka [2010-11-12 20:59:05 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Malwarebytes [2010-11-12 20:58:56 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010-11-12 20:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010-11-12 20:58:54 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010-11-12 20:58:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010-11-12 01:03:45 | 002,916,438 | ---- | C] (Robert McNeel & Associates) -- C:\Windows\SysWow64\rcm.dll [2010-11-12 01:03:45 | 002,777,088 | ---- | C] (Robert McNeel & Associates) -- C:\Windows\SysWow64\rhrdk.10.v40.dll [2010-11-12 01:03:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield Shared [2010-11-12 01:03:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASGvis [2010-11-07 18:23:28 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010-11-07 18:23:28 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Adobe Mini Bridge CS5 [2010-11-06 12:38:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2010-11-05 11:56:59 | 000,000,000 | ---D | C] -- C:\Users\Michał\Desktop\Store [2010-11-04 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2010-11-04 16:01:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2010-11-04 16:00:47 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010-11-04 16:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework [2010-11-04 16:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2010-11-04 16:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2010-11-04 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2010-11-04 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2010-11-04 15:59:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2010-11-02 18:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2010-11-01 16:37:08 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Osram_Lamp [2010-11-01 00:59:42 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Philips Lighting [2010-10-31 20:01:44 | 000,000,000 | ---D | C] -- C:\Users\Michał\Desktop\icons [2010-10-31 19:54:53 | 000,000,000 | ---D | C] -- C:\Guzzini [2010-10-31 19:52:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Philips Lighting [2010-10-31 19:51:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Philips Lighting [2010-10-31 19:48:15 | 000,000,000 | ---D | C] -- C:\ProgramData\DIALux PlugIns [2010-10-31 19:21:48 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Apps [2010-10-31 00:01:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\DirectX [2010-10-25 15:39:30 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Avira [2010-10-25 14:10:01 | 000,000,000 | ---D | C] -- C:\Users\Michał\Documents\3ds Max 2010 Tutorials [2010-10-25 12:46:58 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2010-10-25 12:46:58 | 000,081,584 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010-10-25 12:46:58 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys [2010-10-25 12:46:58 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys [2010-10-25 12:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010-10-25 10:54:25 | 000,000,000 | -H-D | C] -- C:\$AVG [2010-10-25 10:42:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2010-10-25 10:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10 [2010-10-25 10:41:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2010-10-25 10:38:08 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2010-10-25 03:06:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2010-10-25 02:34:08 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Sunbelt Software [2010-10-25 02:33:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E961CE1B-C3EA-4882-9F67-F859B555D097} [2010-10-24 19:18:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files [2010-10-24 18:51:27 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW [2010-10-24 00:23:38 | 000,000,000 | -HSD | C] -- C:\Program Files\Common Files\log [2010-10-24 00:09:23 | 000,000,000 | -HSD | C] -- C:\Windows\log [2010-10-23 08:15:05 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\StageManager [2010-10-23 08:13:47 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\PACE Anti-Piracy [2010-10-23 08:13:47 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\PACE Anti-Piracy [2010-10-23 08:13:47 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy [2010-10-23 08:13:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PACE Anti-Piracy [2010-10-23 08:13:46 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\NVIDIA [2010-10-23 08:13:44 | 000,000,000 | ---D | C] -- C:\Users\Michał\Documents\Adobe [2010-10-23 08:12:59 | 000,000,000 | ---D | C] -- C:\Users\Michał\Application Data [2010-10-22 13:16:57 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2010-10-22 13:06:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe [2010-10-22 13:06:24 | 000,000,000 | ---D | C] -- C:\Users\Michał\Adobe Flash Builder 4 [2010-10-22 12:05:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared [2010-10-22 12:05:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2010-10-22 12:05:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name [2010-10-16 10:13:06 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\HDRsoft [2010-10-14 19:02:11 | 000,000,000 | ---D | C] -- C:\ProgramData\DIALux [2010-10-14 19:02:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DIALux [2010-10-14 19:02:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DIALux [2010-10-01 06:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010-10-01 06:57:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2010-10-01 06:57:35 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2010-10-01 06:56:16 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2010-09-29 23:47:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Feedback Tool [2010-09-27 20:21:33 | 000,000,000 | R--D | C] -- C:\Users\Michał\Documents\My Dropbox [2010-09-27 20:20:25 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Dropbox [2010-09-27 19:33:00 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Thinstall [2010-09-25 13:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\McNeel [2010-09-20 15:59:49 | 000,000,000 | ---D | C] -- C:\Users\Michał\Documents\DIALux [2010-09-20 15:53:06 | 000,071,040 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\aksdf.sys [2010-09-20 15:53:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Aladdin Shared [2010-09-20 15:52:55 | 002,869,760 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\hasplms.exe [2010-09-20 15:52:55 | 002,869,760 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\aksllmtp.exe [2010-09-20 15:52:55 | 000,129,280 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\aksfridge.sys [2010-09-20 15:52:50 | 000,318,464 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\hardlock.sys [2010-09-20 15:52:39 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\ecue [2010-09-20 15:52:39 | 000,000,000 | ---D | C] -- C:\ProgramData\ecue [2010-09-20 15:52:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ecue [2010-09-20 15:39:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\POV-Ray for Windows v3.6 [2010-09-20 15:37:40 | 003,833,856 | ---- | C] (Amyuni Technologies http://www.amyuni.com) -- C:\Windows\SysWow64\cdintf300.dll [2010-09-20 15:37:40 | 001,966,080 | ---- | C] (Amyuni Technologies http://www.amyuni.com) -- C:\Windows\SysWow64\cdintf251.dll [2010-09-20 15:36:47 | 000,000,000 | ---D | C] -- C:\Windows\DIALux [2010-02-18 23:57:05 | 003,414,528 | ---- | C] (Karol Winnicki) -- C:\Program Files (x86)\BESTplayer.exe [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-11-18 00:52:45 | 001,531,304 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010-11-18 00:52:45 | 000,690,494 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2010-11-18 00:52:45 | 000,609,896 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010-11-18 00:52:45 | 000,132,020 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2010-11-18 00:52:45 | 000,104,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010-11-18 00:47:15 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2010-11-18 00:46:10 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010-11-18 00:46:06 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-11-18 00:46:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-11-18 00:46:03 | 261,443,582 | -HS- | M] () -- C:\hiberfil.sys [2010-11-17 21:47:17 | 006,291,456 | -HS- | M] () -- C:\Users\Michał\ntuser.dat [2010-11-17 21:47:15 | 001,724,904 | -H-- | M] () -- C:\Users\Michał\AppData\Local\IconCache.db [2010-11-17 21:43:14 | 000,339,991 | ---- | M] () -- C:\Users\Michał\Desktop\RSIT.exe [2010-11-17 21:42:56 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Michał\Desktop\OTL.exe [2010-11-17 21:36:01 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010-11-17 21:03:44 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010-11-17 21:03:44 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010-11-14 22:38:36 | 021,426,176 | ---- | M] () -- C:\Users\Michał\Desktop\bril copy(5).dlx [2010-11-14 21:34:31 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010-11-12 20:58:58 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010-11-09 22:18:44 | 000,524,288 | -HS- | M] () -- C:\Users\Michał\ntuser.dat{e9f78b67-ec19-11df-9651-0015830d20c4}.TMContainer00000000000000000002.regtrans-ms [2010-11-09 22:18:44 | 000,524,288 | -HS- | M] () -- C:\Users\Michał\ntuser.dat{e9f78b67-ec19-11df-9651-0015830d20c4}.TMContainer00000000000000000001.regtrans-ms [2010-11-09 22:18:44 | 000,065,536 | -HS- | M] () -- C:\Users\Michał\ntuser.dat{e9f78b67-ec19-11df-9651-0015830d20c4}.TM.blf [2010-11-09 21:25:15 | 000,000,965 | ---- | M] () -- C:\Users\Michał\Desktop\shift — skrót.lnk [2010-11-09 12:31:37 | 000,524,288 | -HS- | M] () -- C:\Users\Michał\ntuser.dat{aafd4ca3-ebf2-11df-823b-0015830d20c4}.TMContainer00000000000000000002.regtrans-ms [2010-11-09 12:31:37 | 000,524,288 | -HS- | M] () -- C:\Users\Michał\ntuser.dat{aafd4ca3-ebf2-11df-823b-0015830d20c4}.TMContainer00000000000000000001.regtrans-ms [2010-11-09 12:31:37 | 000,065,536 | -HS- | M] () -- C:\Users\Michał\ntuser.dat{aafd4ca3-ebf2-11df-823b-0015830d20c4}.TM.blf [2010-11-09 12:09:48 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\TempR31492.html [2010-11-08 21:41:19 | 000,007,628 | ---- | M] () -- C:\Users\Michał\AppData\Local\resmon.resmoncfg [2010-11-07 16:01:37 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\Tempd37108.html [2010-11-07 14:33:30 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\TempA18840.html [2010-11-07 00:20:28 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\TempcO3116.html [2010-11-06 12:33:12 | 000,081,584 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010-11-05 11:09:18 | 015,748,000 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010-11-05 02:38:51 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\Tempy70456.html [2010-11-04 22:21:21 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temph16612.html [2010-11-04 16:20:41 | 000,150,232 | ---- | M] () -- C:\Users\Michał\AppData\Local\GDIPFONTCACHEV1.DAT [2010-11-04 15:59:58 | 000,000,769 | ---- | M] () -- C:\Windows\win.ini [2010-11-04 15:49:39 | 000,000,162 | -H-- | M] () -- C:\Users\Michał\Desktop\~$IL Brief.docx [2010-11-04 14:21:54 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\Tempi16280.html [2010-11-04 11:39:52 | 000,000,102 | ---- | M] () -- C:\Windows\Dialux.ini [2010-11-04 11:30:51 | 000,000,236 | ---- | M] () -- C:\Windows\ODBC.INI [2010-11-04 01:59:02 | 000,049,752 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2010-11-04 01:51:06 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\Tempmt6140.html [2010-11-04 01:51:06 | 000,002,089 | ---- | M] () -- C:\Users\Michał\AppData\Local\Tempkv6140.html [2010-11-02 18:28:36 | 000,001,410 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2010-11-02 17:43:51 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\TempfA4452.html [2010-11-02 17:43:51 | 000,002,089 | ---- | M] () -- C:\Users\Michał\AppData\Local\TempsG4452.html [2010-10-31 19:50:15 | 000,002,078 | ---- | M] () -- C:\Users\Public\Desktop\OSRAM.lnk [2010-10-31 00:43:37 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\TempSr8084.html [2010-10-30 18:04:37 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\TempY81600.html [2010-10-30 18:04:37 | 000,002,089 | ---- | M] () -- C:\Users\Michał\AppData\Local\TempK81600.html [2010-10-30 01:09:00 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\Tempg66856.html [2010-10-28 00:54:04 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\TempxK3472.html [2010-10-27 23:47:54 | 000,136,718 | ---- | M] () -- C:\Users\Michał\Desktop\extension_5_3_15.crx [2010-10-27 14:22:09 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\TempMC8596.html [2010-10-27 14:22:09 | 000,002,089 | ---- | M] () -- C:\Users\Michał\AppData\Local\TempvR8596.html [2010-10-27 14:21:53 | 000,000,985 | ---- | M] () -- C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk [2010-10-27 13:40:23 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\Tempaup880.html [2010-10-27 13:40:23 | 000,002,089 | ---- | M] () -- C:\Users\Michał\AppData\Local\TempTXL880.html [2010-10-27 04:02:40 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\TempSC8176.html [2010-10-27 04:02:40 | 000,002,089 | ---- | M] () -- C:\Users\Michał\AppData\Local\Tempcr8176.html [2010-10-26 19:27:23 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp107020.html [2010-10-26 18:49:33 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\Tempj80540.html [2010-10-26 18:49:33 | 000,002,089 | ---- | M] () -- C:\Users\Michał\AppData\Local\TempV80540.html [2010-10-26 02:30:43 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temph49544.html [2010-10-25 14:08:16 | 000,017,963 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\services [2010-10-25 13:46:27 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\Tempge2212.html [2010-10-25 13:46:27 | 000,002,089 | ---- | M] () -- C:\Users\Michał\AppData\Local\TempsJ2212.html [2010-10-25 12:40:28 | 000,524,288 | -HS- | M] () -- C:\Users\Michał\ntuser.dat{264f7d55-e02a-11df-b5fb-0015830d20c4}.TMContainer00000000000000000002.regtrans-ms [2010-10-25 12:40:28 | 000,524,288 | -HS- | M] () -- C:\Users\Michał\ntuser.dat{264f7d55-e02a-11df-b5fb-0015830d20c4}.TMContainer00000000000000000001.regtrans-ms [2010-10-25 12:40:28 | 000,065,536 | -HS- | M] () -- C:\Users\Michał\ntuser.dat{264f7d55-e02a-11df-b5fb-0015830d20c4}.TM.blf [2010-10-25 03:41:40 | 000,524,288 | -HS- | M] () -- C:\Users\Michał\ntuser.dat{b06c94c3-dfd8-11df-b7eb-0015830d20c4}.TMContainer00000000000000000002.regtrans-ms [2010-10-25 03:41:40 | 000,524,288 | -HS- | M] () -- C:\Users\Michał\ntuser.dat{b06c94c3-dfd8-11df-b7eb-0015830d20c4}.TMContainer00000000000000000001.regtrans-ms [2010-10-25 03:41:40 | 000,065,536 | -HS- | M] () -- C:\Users\Michał\ntuser.dat{b06c94c3-dfd8-11df-b7eb-0015830d20c4}.TM.blf [2010-10-25 03:21:04 | 000,000,000 | ---- | M] () -- C:\Users\Michał\microsoft [2010-10-25 02:56:28 | 000,000,371 | ---- | M] () -- C:\Windows\lgfwup.ini [2010-10-25 02:06:25 | 000,524,288 | -HS- | M] () -- C:\Users\Michał\ntuser.dat{57eb8b72-dfd3-11df-88d4-0015830d20c4}.TMContainer00000000000000000002.regtrans-ms [2010-10-25 02:06:25 | 000,524,288 | -HS- | M] () -- C:\Users\Michał\ntuser.dat{57eb8b72-dfd3-11df-88d4-0015830d20c4}.TMContainer00000000000000000001.regtrans-ms [2010-10-25 02:06:25 | 000,065,536 | -HS- | M] () -- C:\Users\Michał\ntuser.dat{57eb8b72-dfd3-11df-88d4-0015830d20c4}.TM.blf [2010-10-24 19:18:07 | 000,002,432 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temps39388.html [2010-10-24 12:08:12 | 000,000,051 | -HS- | M] () -- C:\Windows\drive.ini [2010-10-23 08:13:47 | 000,000,021 | ---- | M] () -- C:\Windows\SurCode.INI [2010-10-14 19:03:11 | 000,001,871 | ---- | M] () -- C:\Users\Michał\Desktop\DIALux 4.8.lnk [2010-10-13 21:22:59 | 000,004,608 | ---- | M] () -- C:\Users\Michał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-09-29 21:37:30 | 000,057,632 | ---- | M] () -- C:\PA207.DAT [2010-09-27 20:21:33 | 000,001,002 | ---- | M] () -- C:\Users\Michał\Desktop\Dropbox.lnk [2010-09-23 08:46:09 | 000,069,152 | ---- | M] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys [2010-09-23 08:46:08 | 000,015,880 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-11-18 00:47:15 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2010-11-17 21:46:06 | 000,339,991 | ---- | C] () -- C:\Users\Michał\Desktop\RSIT.exe [2010-11-14 23:04:15 | 021,426,176 | ---- | C] () -- C:\Users\Michał\Desktop\bril copy(5).dlx [2010-11-12 20:58:58 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010-11-12 01:03:45 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\BongoSDK.dll [2010-11-12 01:03:45 | 000,000,096 | ---- | C] () -- C:\Windows\SysWow64\vssver.scc [2010-11-09 21:25:15 | 000,000,965 | ---- | C] () -- C:\Users\Michał\Desktop\shift — skrót.lnk [2010-11-09 17:08:06 | 000,524,288 | -HS- | C] () -- C:\Users\Michał\ntuser.dat{e9f78b67-ec19-11df-9651-0015830d20c4}.TMContainer00000000000000000002.regtrans-ms [2010-11-09 17:08:06 | 000,524,288 | -HS- | C] () -- C:\Users\Michał\ntuser.dat{e9f78b67-ec19-11df-9651-0015830d20c4}.TMContainer00000000000000000001.regtrans-ms [2010-11-09 17:08:06 | 000,065,536 | -HS- | C] () -- C:\Users\Michał\ntuser.dat{e9f78b67-ec19-11df-9651-0015830d20c4}.TM.blf [2010-11-09 12:29:17 | 000,524,288 | -HS- | C] () -- C:\Users\Michał\ntuser.dat{aafd4ca3-ebf2-11df-823b-0015830d20c4}.TMContainer00000000000000000002.regtrans-ms [2010-11-09 12:29:17 | 000,524,288 | -HS- | C] () -- C:\Users\Michał\ntuser.dat{aafd4ca3-ebf2-11df-823b-0015830d20c4}.TMContainer00000000000000000001.regtrans-ms [2010-11-09 12:29:17 | 000,065,536 | -HS- | C] () -- C:\Users\Michał\ntuser.dat{aafd4ca3-ebf2-11df-823b-0015830d20c4}.TM.blf [2010-11-09 09:39:14 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\TempR31492.html [2010-11-07 16:01:02 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\Tempd37108.html [2010-11-07 10:35:02 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\TempA18840.html [2010-11-06 12:33:34 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\TempcO3116.html [2010-11-05 02:03:06 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\Tempy70456.html [2010-11-04 16:16:57 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\Temph16612.html [2010-11-04 15:49:39 | 000,000,162 | -H-- | C] () -- C:\Users\Michał\Desktop\~$IL Brief.docx [2010-11-04 12:46:51 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\Tempi16280.html [2010-11-03 17:58:52 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\Tempmt6140.html [2010-11-03 17:58:52 | 000,002,089 | ---- | C] () -- C:\Users\Michał\AppData\Local\Tempkv6140.html [2010-11-02 17:34:00 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\TempfA4452.html [2010-11-02 17:34:00 | 000,002,089 | ---- | C] () -- C:\Users\Michał\AppData\Local\TempsG4452.html [2010-11-01 16:18:27 | 000,000,236 | ---- | C] () -- C:\Windows\ODBC.INI [2010-10-31 19:50:15 | 000,002,078 | ---- | C] () -- C:\Users\Public\Desktop\OSRAM.lnk [2010-10-30 23:47:06 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\TempSr8084.html [2010-10-30 11:17:13 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\TempY81600.html [2010-10-30 11:17:13 | 000,002,089 | ---- | C] () -- C:\Users\Michał\AppData\Local\TempK81600.html [2010-10-30 01:04:47 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\Tempg66856.html [2010-10-27 23:47:54 | 000,136,718 | ---- | C] () -- C:\Users\Michał\Desktop\extension_5_3_15.crx [2010-10-27 14:35:42 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\TempxK3472.html [2010-10-27 14:21:53 | 000,000,985 | ---- | C] () -- C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk [2010-10-27 14:12:46 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\TempMC8596.html [2010-10-27 14:12:46 | 000,002,089 | ---- | C] () -- C:\Users\Michał\AppData\Local\TempvR8596.html [2010-10-27 13:28:50 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\Tempaup880.html [2010-10-27 13:28:50 | 000,002,089 | ---- | C] () -- C:\Users\Michał\AppData\Local\TempTXL880.html [2010-10-27 03:04:22 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\TempSC8176.html [2010-10-27 03:04:22 | 000,002,089 | ---- | C] () -- C:\Users\Michał\AppData\Local\Tempcr8176.html [2010-10-26 18:49:43 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\Temp107020.html [2010-10-26 15:29:55 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\Tempj80540.html [2010-10-26 15:29:55 | 000,002,089 | ---- | C] () -- C:\Users\Michał\AppData\Local\TempV80540.html [2010-10-26 15:26:11 | 000,196,608 | ---- | C] () -- C:\Windows\SysWow64\BongoSDK.10.v40.dll [2010-10-26 02:21:02 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\Temph49544.html [2010-10-25 13:13:27 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\Tempge2212.html [2010-10-25 13:13:27 | 000,002,089 | ---- | C] () -- C:\Users\Michał\AppData\Local\TempsJ2212.html [2010-10-25 12:22:56 | 000,524,288 | -HS- | C] () -- C:\Users\Michał\ntuser.dat{264f7d55-e02a-11df-b5fb-0015830d20c4}.TMContainer00000000000000000002.regtrans-ms [2010-10-25 12:22:56 | 000,524,288 | -HS- | C] () -- C:\Users\Michał\ntuser.dat{264f7d55-e02a-11df-b5fb-0015830d20c4}.TMContainer00000000000000000001.regtrans-ms [2010-10-25 12:22:56 | 000,065,536 | -HS- | C] () -- C:\Users\Michał\ntuser.dat{264f7d55-e02a-11df-b5fb-0015830d20c4}.TM.blf [2010-10-25 03:21:04 | 000,000,000 | ---- | C] () -- C:\Users\Michał\microsoft [2010-10-25 02:51:39 | 000,524,288 | -HS- | C] () -- C:\Users\Michał\ntuser.dat{b06c94c3-dfd8-11df-b7eb-0015830d20c4}.TMContainer00000000000000000002.regtrans-ms [2010-10-25 02:51:39 | 000,524,288 | -HS- | C] () -- C:\Users\Michał\ntuser.dat{b06c94c3-dfd8-11df-b7eb-0015830d20c4}.TMContainer00000000000000000001.regtrans-ms [2010-10-25 02:51:39 | 000,065,536 | -HS- | C] () -- C:\Users\Michał\ntuser.dat{b06c94c3-dfd8-11df-b7eb-0015830d20c4}.TM.blf [2010-10-25 02:06:25 | 000,524,288 | -HS- | C] () -- C:\Users\Michał\ntuser.dat{57eb8b72-dfd3-11df-88d4-0015830d20c4}.TMContainer00000000000000000002.regtrans-ms [2010-10-25 02:06:25 | 000,524,288 | -HS- | C] () -- C:\Users\Michał\ntuser.dat{57eb8b72-dfd3-11df-88d4-0015830d20c4}.TMContainer00000000000000000001.regtrans-ms [2010-10-25 02:06:25 | 000,065,536 | -HS- | C] () -- C:\Users\Michał\ntuser.dat{57eb8b72-dfd3-11df-88d4-0015830d20c4}.TM.blf [2010-10-25 01:38:07 | 001,724,904 | -H-- | C] () -- C:\Users\Michał\AppData\Local\IconCache.db [2010-10-24 15:22:22 | 000,033,280 | -HS- | C] () -- C:\Users\Michał\AppData\Roaming\Thumbs.db [2010-10-24 13:11:48 | 000,002,432 | ---- | C] () -- C:\Users\Michał\AppData\Local\Temps39388.html [2010-10-24 00:09:23 | 000,000,051 | -HS- | C] () -- C:\Windows\drive.ini [2010-10-23 08:13:47 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI [2010-10-14 19:03:11 | 000,001,871 | ---- | C] () -- C:\Users\Michał\Desktop\DIALux 4.8.lnk [2010-09-29 23:48:38 | 000,072,533 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2010-09-29 23:48:38 | 000,072,533 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2010-09-27 20:21:33 | 000,001,002 | ---- | C] () -- C:\Users\Michał\Desktop\Dropbox.lnk [2010-09-20 15:37:37 | 000,000,102 | ---- | C] () -- C:\Windows\Dialux.ini [2010-06-13 12:55:36 | 000,020,816 | ---- | C] () -- C:\Users\Michał\AppData\Roaming\UserTile.png [2010-04-25 13:14:41 | 000,000,000 | ---- | C] () -- C:\Windows\Viewer.INI [2010-03-29 18:52:20 | 000,000,029 | ---- | C] () -- C:\Windows\DEBUGSM.INI [2010-03-17 14:39:32 | 000,000,227 | ---- | C] () -- C:\Windows\iepreview.ini [2010-02-28 17:07:09 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll [2010-02-28 16:12:57 | 000,004,608 | ---- | C] () -- C:\Users\Michał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-02-25 23:12:48 | 000,000,083 | ---- | C] () -- C:\Windows\Wwp.INI [2010-02-24 22:24:46 | 000,000,231 | ---- | C] () -- C:\Windows\SysWow64\3dsmax.ini [2010-02-24 22:24:46 | 000,000,043 | ---- | C] () -- C:\Windows\SysWow64\InstallSettings.ini [2010-02-24 17:58:13 | 001,548,506 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010-02-23 23:20:47 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2010-02-23 23:20:47 | 000,000,088 | RHS- | C] () -- C:\ProgramData\65B23FF20A.sys [2010-02-22 14:48:59 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010-02-21 11:51:42 | 000,000,965 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2010-02-18 21:22:54 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2010-02-18 21:22:27 | 000,000,026 | ---- | C] () -- C:\Windows\CDE V200 Ex.ini [2010-02-18 17:58:52 | 000,000,371 | ---- | C] () -- C:\Windows\lgfwup.ini [2010-02-18 17:03:49 | 000,042,284 | ---- | C] () -- C:\Windows\Ascd_log.ini [2010-02-18 17:03:29 | 000,029,871 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2010-02-17 16:29:20 | 000,006,188 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010-02-17 16:24:07 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010-02-17 15:50:12 | 000,170,496 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2010-02-17 15:50:12 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2010-02-17 15:50:12 | 000,002,773 | ---- | C] () -- C:\Windows\FF08_Render_Spk_Hp.ini [2010-02-17 15:50:12 | 000,001,650 | ---- | C] () -- C:\Windows\FF08_Capture.ini [2010-02-17 15:50:12 | 000,001,540 | ---- | C] () -- C:\Windows\FF08_Render.ini [2010-02-17 15:34:59 | 000,007,628 | ---- | C] () -- C:\Users\Michał\AppData\Local\resmon.resmoncfg [2010-02-17 14:40:34 | 000,150,232 | ---- | C] () -- C:\Users\Michał\AppData\Local\GDIPFONTCACHEV1.DAT [2010-02-17 14:22:30 | 000,013,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-02-17 14:03:11 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll [2010-02-17 14:03:11 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2010-02-17 13:44:18 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2009-07-14 05:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2009-07-14 05:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini [2009-07-14 03:35:42 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2009-07-14 03:34:57 | 000,000,769 | ---- | C] () -- C:\Windows\win.ini [2009-07-14 03:34:57 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2007-12-28 08:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2007-11-26 20:56:28 | 000,151,415 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2006-11-02 08:27:46 | 000,000,566 | ---- | C] () -- C:\Windows\SysWow64\SP207.ini [2006-10-09 15:29:22 | 000,032,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\BTNetFilter.sys [color=#E56717]========== LOP Check ==========[/color] [2010-11-16 14:10:42 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\AIMP [2010-02-19 15:47:07 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Apetito.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010-10-25 13:19:09 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Autodesk [2010-10-27 13:56:38 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\BESTplayer [2010-02-24 08:45:46 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Bitstream [2010-02-28 15:47:22 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010-02-20 21:29:34 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\DAEMON Tools Lite [2010-10-25 12:23:20 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Dropbox [2010-03-02 22:47:30 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 [2010-10-25 13:19:09 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\EPSON [2010-10-25 13:19:09 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Gadu-Gadu 10 [2010-11-14 20:57:29 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\GHISLER [2010-10-25 13:19:09 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Graphisoft [2010-10-16 10:13:06 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\HDRsoft [2010-08-26 18:21:36 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\ipla [2010-11-14 20:57:29 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\IrfanView [2010-10-25 13:19:10 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Opera [2010-10-23 08:13:47 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\PACE Anti-Piracy [2010-11-01 00:59:42 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Philips Lighting [2010-11-05 21:21:56 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Spotify [2010-10-23 08:15:05 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\StageManager [2010-11-07 18:23:28 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010-10-25 13:20:30 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Thinstall [2010-04-16 10:42:13 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\TS3Client [2010-05-25 13:55:48 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\uk.co.planetside [2010-11-18 00:46:23 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\uTorrent [2010-11-18 00:47:15 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job [2010-09-24 01:09:17 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-11-18 00:46:02 | 000,124,819 | ---- | M] () -- C:\aaw7boot.log [2009-07-14 02:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2010-02-17 20:03:34 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2010-02-17 15:43:54 | 000,008,192 | ---- | M] () -- C:\bootsect.lxe.bak [2010-10-14 19:03:13 | 000,026,073 | ---- | M] () -- C:\DIALux Setup Information.txt [2010-10-14 19:09:03 | 000,235,952 | ---- | M] () -- C:\DIALux Setup Log.txt [2010-02-17 15:43:53 | 000,383,592 | RHS- | M] () -- C:\gdrop [2010-11-18 00:46:03 | 261,443,582 | -HS- | M] () -- C:\hiberfil.sys [2010-09-29 21:37:30 | 000,057,632 | ---- | M] () -- C:\PA207.DAT [2010-11-18 00:46:03 | 3211,907,070 | -HS- | M] () -- C:\pagefile.sys [2010-05-22 13:52:32 | 000,000,000 | ---- | M] () -- C:\plugin.ini [2010-05-22 13:52:31 | 000,000,208 | ---- | M] () -- C:\startvrlservice_log.txt [2010-11-14 23:14:56 | 000,000,656 | ---- | M] () -- C:\vraylog.txt [2010-02-24 10:09:29 | 000,000,804 | ---- | M] () -- C:\VRLServer.txt [2010-05-22 13:52:13 | 000,001,106 | ---- | M] () -- C:\VRSpawner.log [2010-02-17 15:43:53 | 000,171,136 | RHS- | M] () -- C:\xeldr [2010-02-18 17:08:09 | 000,000,275 | R--- | M] () -- C:\YukonInstall.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 1079 bytes -> C:\ProgramData\Microsoft:c92rDuBgQc1WgDKFKFqtZMY @Alternate Data Stream - 1074 bytes -> C:\ProgramData\Microsoft:LF4xMaIcYw9I4vzcrIYE < End of report > [/log] OTL extras: [log] OTL Extras logfile created on: 2010-11-18 00:50:32 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Michał\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.7930.16406) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 11,00 Gb Total Physical Memory | 9,00 Gb Available Physical Memory | 83,00% Memory free 22,00 Gb Paging File | 20,00 Gb Available in Paging File | 91,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 88,82 Gb Total Space | 15,49 Gb Free Space | 17,44% Space Free | Partition Type: NTFS Drive D: | 11,17 Gb Total Space | 6,45 Gb Free Space | 57,68% Space Free | Partition Type: NTFS Drive E: | 250,00 Gb Total Space | 221,67 Gb Free Space | 88,67% Space Free | Partition Type: NTFS Drive F: | 250,00 Gb Total Space | 147,73 Gb Free Space | 59,09% Space Free | Partition Type: NTFS Drive G: | 331,52 Gb Total Space | 81,19 Gb Free Space | 24,49% Space Free | Partition Type: NTFS Drive M: | 484,98 Mb Total Space | 484,10 Mb Free Space | 99,82% Space Free | Partition Type: FAT32 Computer Name: SCORPION | User Name: Michał | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) .js[@ = jsfile] -- Reg Error: Key error. File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) .js [@ = jsfile] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-21-2459495681-4173276582-2486991001-1001\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [open] -- Reg Error: Key error. piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Bridge] -- G:\Adobe CS5\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Bridge] -- G:\Adobe CS5\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00060000-0000-1004-8002-0000C06B5161}" = WIBU-KEY Setup (WIBU-KEY Remove) "{056B9C5B-2E8D-4EBC-941C-06C78A30ABB3}" = Microsoft_VC80_ATL_x86_x64 "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes "{138D2BE4-7981-4F34-BA23-81B6B99D0DE6}" = Microsoft_VC80_MFCLOC_x86_x64 "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{2A8EEE2F-4A9E-43D8-AA07-EC8A316B2DEB}" = Autodesk Revit Architecture 2010 x64 "{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{3D46855F-7B71-4CF7-A270-62E0E4F05037}" = Microsoft_VC80_CRT_x86_x64 "{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{47A70BC0-BB3E-468B-9E01-56CCD6F2A911}" = Microsoft_VC80_MFC_x86_x64 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5783F2D7-8001-0415-0102-0060B0CE6BBA}" = AutoCAD 2010 - Polski "{5783F2D7-8001-0415-1102-0060B0CE6BBA}" = Pakiet językowy programu AutoCAD 2010 - polski "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{6DA2E7DC-BC1E-4595-83A9-99BAD907AA1C}" = AVG 2011 "{7F05E704-30A6-421A-97A7-8EEB1C7FF011}" = Corel Shell Extension - 64Bit "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010 "{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010 "{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{A9F1B5F6-0EE6-0409-BADD-F8BD360FACC3}" = Autodesk 3ds Max 2010 64-bit "{B9E591DD-DAAC-0409-B1B8-5667E359170B}" = Autodesk 3ds Max 2010 64-bit Components "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "AutoCAD 2010 - Polski" = AutoCAD 2010 - Polski "Autodesk FBX Plugin 2009.4 - 3ds Max 2010 64-bit" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010 64-bit "Autodesk Revit Architecture 2010 x64" = Autodesk Revit Architecture 2010 x64 "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "TeamSpeak 3 Client" = TeamSpeak 3 Client "V-Ray for 3dsmax 2010 for x64" = V-Ray for 3dsmax 2010 for x64 "WinRAR archiver" = Archiwizator WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam "{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection "{1C21A34A-5CBA-4AC2-8EDD-6531C06B520E}" = V-Ray for Rhinoceros "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live "{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20 "{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager "{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}" = Autodesk 3ds Max 2010 32-bit "{33E8C156-B983-46DA-2254-CBB065606066}" = Apetito "{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft VC80 Support DLLs "{39316EDC-804F-4081-9974-0A13BA77E5EF}" = Windows Internet Explorer Platform Preview "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver "{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1 "{40625DE4-DCDB-44FE-84B5-E65F1365BF44}" = V-Ray for Rhinoceros "{4086DF3D-B6CB-4AA5-BF7F-EF1BC0A63BD4}" = PhotoDlx "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = EPSON Event Manager "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E5EE953-0D92-A385-E3A0-FBFCB2DE15AA}" = EA Download Manager UI "{50566374-A1F2-4608-A173-771BEEFABAEE}" = V-Ray for Rhinoceros "{51958BA7-21E4-4A8B-9098-CD8375BD17B2}" = Asystent rejestracji usługi Windows Live "{54DBAF71-635A-45CB-A7DD-7EAB60F5C460}" = V-Ray for Rhinoceros 4.0 "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01) "{55D9E026-DCB0-46FF-B60A-68B972228CF6}" = Autodesk Design Review 2010 "{567EA4E4-B799-4F1C-BFE0-D0381BD8651A}" = OSRAM Lamp PlugIn 1.7.0.0 "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5791B7D3-8B34-4218-9750-6A8E45D0AD32}" = pdfforge Toolbar v1.1.2 "{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate "{597E70FF-7C46-4EED-8092-91B7C2E0529D}" = Google SketchUp 7 "{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}" = Rhinoceros 4.0 "{60A08432-00DD-0409-AC2C-143C75460878}" = Autodesk 3ds Max 2010 32-bit Components "{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Oprogramowanie "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3 "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX "{6EFFB73F-A7E4-E9BF-3C2F-1AF19A5183F4}" = e-Deklaracje Desktop "{72019134-3A61-4C39-A540-245600C4CDFA}" = Turbo Squid Tentacles 3ds Max 2008 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7FF0ACFE-4346-4D9D-B822-C69B99AAE1FC}" = Microsoft_VC80_MFCLOC_x86 "{80E563B0-BE7C-4768-8783-00C462BD3593}" = Calculux 7.5.0.1 "{818690C7-8DA5-4623-BBA8-A73CFBD44077}" = Sound Blaster X-Fi MB "{81AD9228-21AC-4DBD-AE33-98146A88BAA8}" = Philips Product Selector 5.2.4.0 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX "{8AE28FB8-B8AE-4B58-A5FE-77F45E462BAE}" = Microsoft_VC80_MFC_x86 "{8F85CC2C-4B26-4CF6-B835-DC59BCEDD287}" = Bluesoleil2.7.0.13 VoIP Release 071227 "{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}" = Gamer HUD Lite "{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool "{90AA5CE4-3517-4A50-95BF-B2C88EC41795}" = STAL EXPONENT 1.0.2 "{922A36F5-6663-45C0-A515-B63C4E585195}" = TweakIt "{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{939740B5-0064-4779-854A-8C1086181C05}" = Macromedia FreeHand MXa "{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58 "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9862473C-E063-4C68-A161-2CDE0E8048A5}" = Podstawowe programy Windows Live "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.4 - Polish "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer "{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT "{BDD11F42-6F08-4BB6-B4CA-3258BB58CDD5}" = Speeding HDD "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo "{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5 "{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage "{C541BF6F-EC08-4447-8A5B-2A4801465650}" = V-Ray for Rhinoceros "{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = Trust 100K Series Webcam "{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 1.12 "{CB07E706-5DD7-4093-83A1-1430D5B6FA75}" = Microsoft_VC80_ATL_x86 "{CCBC3666-5199-4702-B052-2C58FCA6EFF9}" = Rhinoceros 4.0 SR4b "{CCEB53A5-A252-4CF3-8602-429AB06BF0AE}" = Terragen "{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library "{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension "{D03E7B00-CA85-4684-9321-1888873C34BD}" = ArcSoft PhotoImpression 6 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D1803CD4-0CE7-4484-98E3-88D7A2D629A4}" = Windows Live Messenger "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D7960C39-E3FD-4B46-8E97-A1E9D128F913}" = Rhinoceros 4.0 SR3 "{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{D98C0C51-F9BB-4EE4-B791-22BF6EE31045}" = Nero 7 Premium "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}" = Autodesk 3ds Max 2010 Tutorials Files "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0 "{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II "{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables "001FFF1FFF13FF00FF1801F00F02F000-R1" = ArchiCAD 13 POL (x86) "Ad-Aware" = Ad-Aware "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AIMP2" = AIMP2 "Akamai" = Akamai NetSession Interface "Apetito.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Apetito "AQQ" = WapSter AQQ "Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.50 "Audacity_is1" = Audacity 1.2.6 "Autodesk Design Review 2010" = Autodesk Design Review 2010 "Autodesk FBX Plugin 2009.4 - 3ds Max 2010" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2 "CCleaner" = CCleaner "CDex" = CDex - Open Source Digital Audio CD Extractor "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI "CREATIVE KARAOKE PLAYER" = Creative Karaoke Player "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "DIALux" = DIALux 4.8 "EA Download Manager" = EA Download Manager "ecue HASP SRM Driver V5.2" = ecue HASP SRM Driver V5.2 "ecue Imagine V5.2" = ecue Imagine V5.2 "ecue Library Editor V5.2" = ecue Library Editor V5.2 "ecue Patchelor V5.2" = ecue Patchelor V5.2 "ecue Programmer V5.2" = ecue Programmer V5.2 "e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1" = e-Deklaracje Desktop "eMule Plus_is1" = eMule Plus 1.2e "EPSON PERFECTION V200 PHOTO Przewodnik użytkownika" = EPSON PERFECTION V200 PHOTO Podręcznik "EPSON Scanner" = EPSON Scan "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30 "FBX Plugin 2006.11.1 for Max 2008" = FBX Plugin 2006.11.1 for Max 2008 "FBX Plugin 2006.11.1 for Max 2008 64" = FBX Plugin 2006.11.1 for Max 2008 64 "ffdshow_is1" = ffdshow [rev 3255] [2010-02-08] "Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.1 "Gadu-Gadu 10" = Gadu-Gadu 10 "Google Chrome" = Google Chrome "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "InstallShield_{80E563B0-BE7C-4768-8783-00C462BD3593}" = Calculux 7.5.0.1 "InstallShield_{81AD9228-21AC-4DBD-AE33-98146A88BAA8}" = Philips Product Selector 5.2.4.0 "ipla" = ipla 2.1.5 "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Marvell Miniport Driver" = Marvell Miniport Driver "Mozilla Firefox (3.6.11)" = Mozilla Firefox (3.6.11) "mv61xxDriver" = marvell 61xx "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OVH MoM" = OVH MoM "Pen Tablet Driver" = Pen Tablet "Picasa 3" = Picasa 3 "Pontifex II" = Pontifex II "POV-Ray for Windows v3.6" = POV-Ray for Windows v3.6.0 "PowerISO" = PowerISO "PPS max plugin_is1" = PPS max plugin 1.5.0 "PunkBusterSvc" = PunkBuster Services "RealPlayer 12.0" = RealPlayer "Rhino RDK" = Rhino RDK "RocketDock_is1" = RocketDock 1.3.5 "SopCast" = SopCast 3.2.9 "Spotify" = Spotify "Totalcmd" = Total Commander (Remove or Repair) "uTorrent" = µTorrent "VLC media player" = VLC media player 1.0.5 "WaveStudio 7" = Creative WaveStudio 7 "Wielki słownik angielsko-polski i polsko-angielski PWN-OXFORD" = Wielki słownik angielsko-polski i polsko-angielski PWN-OXFORD "WinLiveSuite_Wave3" = Podstawowe programy Windows Live "Worms World Party" = Worms World Party [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2459495681-4173276582-2486991001-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-10-12 12:19:48 | Computer Name = scorpion | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\WapSter\wapster aqq\System\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "c:\program files (x86)\WapSter\wapster aqq\System\DelZip179.dll" w wierszu 8. Wartość "*" atrybutu "language" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2010-10-13 13:33:21 | Computer Name = scorpion | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2010-10-13 13:33:26 | Computer Name = scorpion | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\WapSter\wapster aqq\System\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "c:\program files (x86)\WapSter\wapster aqq\System\DelZip179.dll" w wierszu 8. Wartość "*" atrybutu "language" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2010-10-13 17:07:35 | Computer Name = scorpion | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4c98293e Nazwa modułu powodującego błąd: gcswf32.dll, wersja: 10.1.85.3, sygnatura czasowa: 0x4c91ad25 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0016c324 Identyfikator procesu powodującego błąd: 0x145c Godzina uruchomienia aplikacji powodującej błąd: 0x01cb6b0e6035c62f Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Google\Chrome\Application\6.0.472.63\gcswf32.dll Identyfikator raportu: e6240503-d70d-11df-9514-0015830d20c4 Error - 2010-10-14 13:58:10 | Computer Name = scorpion | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: AcroRd32.exe, wersja: 9.3.3.177, sygnatura czasowa: 0x4c1d77af Nazwa modułu powodującego błąd: ole32.dll, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bdac7 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0002f2c2 Identyfikator procesu powodującego błąd: 0x14f0 Godzina uruchomienia aplikacji powodującej błąd: 0x01cb6bc955c81eb0 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe Ścieżka modułu powodującego błąd: C:\Windows\syswow64\ole32.dll Identyfikator raportu: 9a804352-d7bc-11df-9483-0015830d20c4 Error - 2010-10-14 14:48:25 | Computer Name = scorpion | Source = Application Hang | ID = 1002 Description = Program chrome.exe w wersji 0.0.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 1084 Godzina rozpoczęcia: 01cb6bb57cfac48b Godzina zakończenia: 4 Ścieżka aplikacji: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Identyfikator raportu: 9844eb3c-d7c3-11df-9483-0015830d20c4 Error - 2010-10-16 11:48:12 | Computer Name = scorpion | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2010-10-16 11:48:19 | Computer Name = scorpion | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\WapSter\wapster aqq\System\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "c:\program files (x86)\WapSter\wapster aqq\System\DelZip179.dll" w wierszu 8. Wartość "*" atrybutu "language" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2010-10-17 06:13:56 | Computer Name = scorpion | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2010-10-17 06:14:03 | Computer Name = scorpion | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\WapSter\wapster aqq\System\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "c:\program files (x86)\WapSter\wapster aqq\System\DelZip179.dll" w wierszu 8. Wartość "*" atrybutu "language" elementu "assemblyIdentity" jest nieprawidłowa. [ System Events ] Error - 2010-11-15 10:14:33 | Computer Name = scorpion | Source = Service Control Manager | ID = 7001 Description = Usługa Agent zasad IPsec zależy od usługi Podstawowy aparat filtrowania, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2010-11-15 10:14:34 | Computer Name = scorpion | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Windows Service Manager z powodu następującego błędu: %%2 Error - 2010-11-15 13:23:15 | Computer Name = scorpion | Source = VDS Basic Provider | ID = 33554433 Description = Error - 2010-11-16 09:45:15 | Computer Name = scorpion | Source = Service Control Manager | ID = 7030 Description = Usługa NBService jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error - 2010-11-17 15:56:15 | Computer Name = scorpion | Source = Service Control Manager | ID = 7001 Description = Usługa Moduły obsługi kluczy IPsec IKE i AuthIP zależy od usługi Podstawowy aparat filtrowania, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2010-11-17 15:56:15 | Computer Name = scorpion | Source = Service Control Manager | ID = 7001 Description = Usługa Agent zasad IPsec zależy od usługi Podstawowy aparat filtrowania, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2010-11-17 15:56:15 | Computer Name = scorpion | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Windows Service Manager z powodu następującego błędu: %%2 Error - 2010-11-17 19:46:15 | Computer Name = scorpion | Source = Service Control Manager | ID = 7001 Description = Usługa Moduły obsługi kluczy IPsec IKE i AuthIP zależy od usługi Podstawowy aparat filtrowania, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2010-11-17 19:46:16 | Computer Name = scorpion | Source = Service Control Manager | ID = 7001 Description = Usługa Agent zasad IPsec zależy od usługi Podstawowy aparat filtrowania, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2010-11-17 19:46:19 | Computer Name = scorpion | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Windows Service Manager z powodu następującego błędu: %%2 < End of report > [/log] RSIT: [log] Logfile of random's system information tool 1.08 (written by random/random) Run by Michał at 2010-11-18 00:56:24 Microsoft Windows 7 Ultimate System drive C: has 16 GB (17%) free of 91 GB Total RAM: 11255 MB (81% free) HijackThis download failed ======Scheduled tasks folder====== C:\Windows\tasks\Ad-Aware Update (Weekly).job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}] ContributeBHO Class - G:\Adobe CS5\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - G:\Adobe CS5\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2009-07-13 36864] "EEventManager"=C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe [2006-10-12 102400] "avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-11-06 281768] "AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] "TkBellExe"=C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe [2010-02-22 202256] "RemoteControl"=C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [2005-01-12 32768] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AdobeBridge"= [] "Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2009-07-14 1173504] "uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2010-02-18 319280] "RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-05-16 153136] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup OfficeSAS.lnk - C:\Program Files (x86)\Microsoft Office\Office14\OfficeSAS\officeSASscheduler.exe C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup GIGABYTE Gamer HUD Lite.lnk - C:\Program Files (x86)\GIGABYTE\Gamer HUD Lite\HUD.exe RocketDock.lnk - C:\Program Files (x86)\RocketDock\RocketDock.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - .scr - open - C:\Windows\system32\notepad.exe "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2010-11-18 00:56:24 ----D---- C:\rsit 2010-11-16 14:45:22 ----D---- C:\Users\Michał\AppData\Roaming\Ahead 2010-11-16 14:45:15 ----D---- C:\ProgramData\Ahead 2010-11-16 14:44:50 ----D---- C:\ProgramData\Nero 2010-11-16 14:44:50 ----D---- C:\Program Files (x86)\Nero 2010-11-16 14:44:50 ----D---- C:\Program Files (x86)\Common Files\Ahead 2010-11-15 01:49:10 ----D---- C:\Users\Michał\AppData\Roaming\dvdcss 2010-11-12 20:59:05 ----D---- C:\Users\Michał\AppData\Roaming\Malwarebytes 2010-11-12 20:58:56 ----A---- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys 2010-11-12 20:58:55 ----D---- C:\ProgramData\Malwarebytes 2010-11-12 20:58:54 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2010-11-12 01:03:45 ----A---- C:\Windows\SysWOW64\rhrdk.10.v40.dll 2010-11-12 01:03:45 ----A---- C:\Windows\SysWOW64\rcm.dll 2010-11-12 01:03:45 ----A---- C:\Windows\SysWOW64\BongoSDK.dll 2010-11-12 01:03:27 ----D---- C:\Program Files (x86)\Common Files\InstallShield Shared 2010-11-12 01:03:21 ----D---- C:\Program Files (x86)\ASGvis 2010-11-07 18:23:28 ----D---- C:\Users\Michał\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2010-11-07 18:23:28 ----D---- C:\Users\Michał\AppData\Roaming\Adobe Mini Bridge CS5 2010-11-06 12:38:32 ----D---- C:\Program Files (x86)\Common Files\Java 2010-11-06 12:37:45 ----A---- C:\Windows\SysWOW64\javaws.exe 2010-11-06 12:37:45 ----A---- C:\Windows\SysWOW64\javaw.exe 2010-11-06 12:37:45 ----A---- C:\Windows\SysWOW64\java.exe 2010-11-06 12:37:45 ----A---- C:\Windows\SysWOW64\deployJava1.dll 2010-11-04 16:00:47 ----D---- C:\Windows\PCHEALTH 2010-11-04 16:00:13 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8 2010-11-04 15:59:37 ----D---- C:\Program Files (x86)\Microsoft Analysis Services 2010-11-02 18:02:13 ----D---- C:\ProgramData\ALM 2010-11-01 16:18:27 ----A---- C:\Windows\ODBC.INI 2010-11-01 00:59:42 ----D---- C:\Users\Michał\AppData\Roaming\Philips Lighting 2010-10-31 19:54:53 ----D---- C:\Guzzini 2010-10-31 19:52:36 ----D---- C:\Program Files (x86)\Common Files\Philips Lighting 2010-10-31 19:51:27 ----D---- C:\Program Files (x86)\Philips Lighting 2010-10-31 19:48:15 ----D---- C:\ProgramData\DIALux PlugIns 2010-10-31 00:01:00 ----D---- C:\Windows\SysWOW64\DirectX 2010-10-26 15:26:11 ----A---- C:\Windows\SysWOW64\BongoSDK.10.v40.dll 2010-10-25 15:39:30 ----D---- C:\Users\Michał\AppData\Roaming\Avira 2010-10-25 12:46:58 ----A---- C:\Windows\SysWOW64\drivers\avgntmgr.sys 2010-10-25 12:46:58 ----A---- C:\Windows\SysWOW64\drivers\avgntdd.sys 2010-10-25 12:46:57 ----D---- C:\ProgramData\Avira 2010-10-25 10:54:25 ----HD---- C:\$AVG 2010-10-25 10:42:34 ----HD---- C:\ProgramData\Common Files 2010-10-25 10:42:12 ----D---- C:\ProgramData\AVG10 2010-10-25 10:41:52 ----D---- C:\Program Files (x86)\AVG 2010-10-25 10:38:08 ----D---- C:\ProgramData\MFAData 2010-10-25 03:06:23 ----D---- C:\Program Files (x86)\Trend Micro 2010-10-25 02:33:39 ----HDC---- C:\ProgramData\{E961CE1B-C3EA-4882-9F67-F859B555D097} 2010-10-24 19:18:56 ----D---- C:\ProgramData\Kaspersky Lab Setup Files 2010-10-24 18:51:27 ----RD---- C:\32788R22FWJFW 2010-10-24 00:09:23 ----SHD---- C:\Windows\log 2010-10-24 00:09:23 ----ASH---- C:\Windows\drive.ini 2010-10-23 08:15:05 ----D---- C:\Users\Michał\AppData\Roaming\StageManager 2010-10-23 08:13:47 ----D---- C:\Users\Michał\AppData\Roaming\PACE Anti-Piracy 2010-10-23 08:13:47 ----D---- C:\ProgramData\PACE Anti-Piracy 2010-10-23 08:13:47 ----A---- C:\Windows\SurCode.INI 2010-10-23 08:13:46 ----D---- C:\Users\Michał\AppData\Roaming\NVIDIA 2010-10-22 13:16:57 ----D---- C:\ProgramData\regid.1986-12.com.adobe 2010-10-22 12:05:14 ----D---- C:\Program Files (x86)\My Company Name 2010-10-22 12:05:14 ----D---- C:\Program Files (x86)\Common Files\Sonic Shared 2010-10-22 12:05:14 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine ======List of files/folders modified in the last 1 months====== 2010-11-18 00:56:24 ----D---- C:\Users\Michał\AppData\Roaming\uTorrent 2010-11-18 00:55:37 ----D---- C:\Windows\Prefetch 2010-11-18 00:52:45 ----D---- C:\Windows\System32 2010-11-18 00:52:45 ----D---- C:\Windows\inf 2010-11-18 00:48:57 ----D---- C:\Windows\Temp 2010-11-18 00:47:15 ----D---- C:\Windows\Tasks 2010-11-18 00:46:19 ----D---- C:\ProgramData\NVIDIA 2010-11-18 00:46:17 ----D---- C:\Program Files (x86)\Common Files\Akamai 2010-11-17 21:14:50 ----SHD---- C:\System Volume Information 2010-11-17 20:56:10 ----D---- C:\Windows 2010-11-16 14:47:03 ----SHD---- C:\Windows\Installer 2010-11-16 14:47:03 ----HD---- C:\Config.Msi 2010-11-16 14:45:15 ----HD---- C:\ProgramData 2010-11-16 14:45:02 ----D---- C:\Windows\ehome 2010-11-16 14:44:51 ----D---- C:\Windows\SysWOW64 2010-11-16 14:44:50 ----RD---- C:\Program Files (x86) 2010-11-16 14:44:50 ----D---- C:\Program Files (x86)\Common Files 2010-11-16 14:10:42 ----D---- C:\Users\Michał\AppData\Roaming\AIMP 2010-11-16 13:44:55 ----D---- C:\Program Files (x86)\CyberLink 2010-11-16 13:44:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2010-11-15 01:49:12 ----D---- C:\Users\Michał\AppData\Roaming\vlc 2010-11-14 23:14:56 ----A---- C:\vraylog.txt 2010-11-14 21:34:31 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe 2010-11-14 20:57:40 ----D---- C:\Program Files (x86)\AIMP2 2010-11-14 20:57:39 ----D---- C:\Program Files (x86)\Common Files\Adobe 2010-11-14 20:57:33 ----D---- C:\Program Files (x86)\DIALux 2010-11-14 20:57:33 ----D---- C:\Program Files (x86)\Common Files\microsoft shared 2010-11-14 20:57:33 ----D---- C:\Program Files (x86)\Common Files\McNeel Shared 2010-11-14 20:57:33 ----D---- C:\Program Files (x86)\Common Files\DIALux 2010-11-14 20:57:32 ----D---- C:\Program Files (x86)\RocketDock 2010-11-14 20:57:32 ----D---- C:\Program Files (x86)\MSBuild 2010-11-14 20:57:30 ----RD---- C:\Program Files 2010-11-14 20:57:30 ----D---- C:\ProgramData\Microsoft Help 2010-11-14 20:57:30 ----D---- C:\ProgramData\FLEXnet 2010-11-14 20:57:29 ----D---- C:\Users\Michał\AppData\Roaming\IrfanView 2010-11-14 20:57:29 ----D---- C:\Users\Michał\AppData\Roaming\GHISLER 2010-11-14 20:57:28 ----RSD---- C:\Windows\Fonts 2010-11-14 20:57:28 ----RSD---- C:\Windows\assembly 2010-11-14 20:57:26 ----D---- C:\Windows\ShellNew 2010-11-14 20:57:25 ----D---- C:\Windows\SysWOW64\Macromed 2010-11-14 20:57:25 ----D---- C:\Windows\SysWOW64\drivers 2010-11-14 20:57:25 ----D---- C:\Windows\registration 2010-11-14 03:01:57 ----D---- C:\Users\Michał\AppData\Roaming\Skype 2010-11-14 02:47:15 ----D---- C:\Users\Michał\AppData\Roaming\skypePM 2010-11-12 22:13:14 ----SD---- C:\Users\Michał\AppData\Roaming\Microsoft 2010-11-12 22:13:14 ----D---- C:\Program Files (x86)\pdfforge Toolbar 2010-11-12 01:06:56 ----D---- C:\ProgramData\McNeel 2010-11-12 00:56:39 ----D---- C:\Program Files (x86)\Rhinoceros 4.0 2010-11-06 12:37:41 ----D---- C:\Program Files (x86)\Java 2010-11-05 21:21:56 ----D---- C:\Users\Michał\AppData\Roaming\Spotify 2010-11-04 19:16:10 ----D---- C:\Windows\Microsoft.NET 2010-11-04 16:00:47 ----ASD---- C:\ProgramData\Microsoft 2010-11-04 15:59:58 ----A---- C:\Windows\win.ini 2010-11-04 15:59:19 ----D---- C:\Program Files (x86)\Microsoft Office 2010-11-04 15:52:12 ----D---- C:\Program Files (x86)\Common Files\Designer 2010-11-04 15:51:23 ----D---- C:\Program Files (x86)\Common Files\System 2010-11-04 11:39:52 ----A---- C:\Windows\Dialux.ini 2010-11-02 18:17:00 ----D---- C:\Users\Michał\AppData\Roaming\Adobe 2010-11-02 18:15:26 ----D---- C:\ProgramData\Adobe 2010-11-02 16:51:34 ----D---- C:\Program Files (x86)\Adobe 2010-11-02 16:26:58 ----D---- C:\totalcmd 2010-11-02 14:14:43 ----D---- C:\Windows\winsxs 2010-11-02 14:13:17 ----D---- C:\Program Files (x86)\CCleaner 2010-10-31 19:48:17 ----D---- C:\ProgramData\DIALux 2010-10-27 16:13:31 ----D---- C:\Program Files (x86)\Pontifex II 2010-10-27 13:56:38 ----D---- C:\Users\Michał\AppData\Roaming\BESTplayer 2010-10-27 13:27:37 ----D---- C:\Windows\pss 2010-10-26 13:24:48 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2010-10-25 16:58:10 ----D---- C:\Autodesk 2010-10-25 15:01:23 ----D---- C:\Windows\Help 2010-10-25 15:00:38 ----D---- C:\Program Files (x86)\Common Files\Autodesk Shared 2010-10-25 15:00:26 ----D---- C:\Windows\Downloaded Program Files 2010-10-25 15:00:19 ----D---- C:\ProgramData\Autodesk 2010-10-25 13:20:59 ----D---- C:\Windows\SysWOW64\wbem 2010-10-25 13:20:30 ----D---- C:\Users\Michał\AppData\Roaming\Thinstall 2010-10-25 13:20:22 ----D---- C:\Program Files (x86)\Avira 2010-10-25 13:19:27 ----D---- C:\Windows\Web 2010-10-25 13:19:27 ----D---- C:\Windows\Vss 2010-10-25 13:19:27 ----D---- C:\Windows\twain_32 2010-10-25 13:19:27 ----D---- C:\Windows\SysWOW64\XPSViewer 2010-10-25 13:19:26 ----D---- C:\Windows\SysWOW64\winrm 2010-10-25 13:19:26 ----D---- C:\Windows\SysWOW64\WindowsPowerShell 2010-10-25 13:19:26 ----D---- C:\Windows\SysWOW64\wdi 2010-10-25 13:19:26 ----D---- C:\Windows\SysWOW64\WCN 2010-10-25 13:19:26 ----D---- C:\Windows\SysWOW64\spp 2010-10-25 13:19:26 ----D---- C:\Windows\SysWOW64\spool 2010-10-25 13:19:26 ----D---- C:\Windows\SysWOW64\Speech 2010-10-25 13:19:26 ----D---- C:\Windows\SysWOW64\slmgr 2010-10-25 13:19:25 ----D---- C:\Windows\SysWOW64\Printing_Admin_Scripts 2010-10-25 13:19:25 ----D---- C:\Windows\SysWOW64\pl-PL 2010-10-25 13:19:25 ----D---- C:\Windows\SysWOW64\PhotoImpression Slideshow 2010-10-25 13:19:24 ----D---- C:\Windows\SysWOW64\NetworkList 2010-10-25 13:19:24 ----D---- C:\Windows\SysWOW64\MUI 2010-10-25 13:19:24 ----D---- C:\Windows\SysWOW64\Msdtc 2010-10-25 13:19:24 ----D---- C:\Windows\SysWOW64\migwiz 2010-10-25 13:19:24 ----D---- C:\Windows\SysWOW64\migration 2010-10-25 13:19:23 ----D---- C:\Windows\SysWOW64\InstallShield 2010-10-25 13:19:23 ----D---- C:\Windows\SysWOW64\IME 2010-10-25 13:19:23 ----D---- C:\Windows\SysWOW64\Futuremark 2010-10-25 13:19:23 ----D---- C:\Windows\SysWOW64\DriverStore 2010-10-25 13:19:23 ----D---- C:\Windows\SysWOW64\Dism 2010-10-25 13:19:23 ----D---- C:\Windows\SysWOW64\config 2010-10-25 13:19:23 ----D---- C:\Windows\SysWOW64\com 2010-10-25 13:19:13 ----RSD---- C:\Windows\Media 2010-10-25 13:19:13 ----D---- C:\Windows\Speech 2010-10-25 13:19:13 ----D---- C:\Windows\Setup 2010-10-25 13:19:13 ----D---- C:\Windows\servicing 2010-10-25 13:19:13 ----D---- C:\Windows\ServiceProfiles 2010-10-25 13:19:13 ----D---- C:\Windows\security 2010-10-25 13:19:13 ----D---- C:\Windows\schemas 2010-10-25 13:19:13 ----D---- C:\Windows\Resources 2010-10-25 13:19:13 ----D---- C:\Windows\rescache 2010-10-25 13:19:13 ----D---- C:\Windows\RaidTool 2010-10-25 13:19:13 ----D---- C:\Windows\PolicyDefinitions 2010-10-25 13:19:13 ----D---- C:\Windows\PLA 2010-10-25 13:19:13 ----D---- C:\Windows\PixArt 2010-10-25 13:19:13 ----D---- C:\Windows\Performance 2010-10-25 13:19:12 ----D---- C:\Windows\IME 2010-10-25 13:19:12 ----D---- C:\Windows\Globalization 2010-10-25 13:19:12 ----D---- C:\Windows\diagnostics 2010-10-25 13:19:12 ----D---- C:\Windows\CtDrvInstall 2010-10-25 13:19:12 ----D---- C:\Windows\Branding 2010-10-25 13:19:12 ----D---- C:\Windows\Boot 2010-10-25 13:19:12 ----D---- C:\Windows\AsusInstAll 2010-10-25 13:19:10 ----D---- C:\Windows\AsDmiHtm 2010-10-25 13:19:10 ----D---- C:\Windows\AppPatch 2010-10-25 13:19:10 ----D---- C:\Windows\AppCompat 2010-10-25 13:19:10 ----D---- C:\Users\Michał\AppData\Roaming\Real 2010-10-25 13:19:10 ----D---- C:\Users\Michał\AppData\Roaming\Opera 2010-10-25 13:19:10 ----D---- C:\Users\Michał\AppData\Roaming\Mozilla 2010-10-25 13:19:09 ----D---- C:\Users\Michał\AppData\Roaming\Macromedia 2010-10-25 13:19:09 ----D---- C:\Users\Michał\AppData\Roaming\Graphisoft 2010-10-25 13:19:09 ----D---- C:\Users\Michał\AppData\Roaming\Gadu-Gadu 10 2010-10-25 13:19:09 ----D---- C:\Users\Michał\AppData\Roaming\EPSON 2010-10-25 13:19:09 ----D---- C:\Users\Michał\AppData\Roaming\Corel 2010-10-25 13:19:09 ----D---- C:\Users\Michał\AppData\Roaming\Autodesk 2010-10-25 13:19:08 ----D---- C:\Team17 2010-10-25 13:19:08 ----D---- C:\ProgramData\Temp 2010-10-25 13:19:08 ----D---- C:\ProgramData\Skype 2010-10-25 13:19:08 ----D---- C:\ProgramData\Real 2010-10-25 13:19:08 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2010-10-25 13:19:07 ----D---- C:\ProgramData\Lavasoft 2010-10-25 13:19:07 ----D---- C:\ProgramData\Gadu-Gadu 10 2010-10-25 13:19:07 ----D---- C:\ProgramData\Electronic Arts 2010-10-25 13:19:07 ----D---- C:\ProgramData\CyberLink 2010-10-25 13:19:07 ----D---- C:\ProgramData\Creative 2010-10-25 13:19:07 ----D---- C:\ProgramData\Apple Computer 2010-10-25 13:19:07 ----D---- C:\ProgramData\Apple 2010-10-25 13:19:05 ----RD---- C:\Program Files (x86)\Skype 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Windows Sidebar 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Windows Photo Viewer 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Windows NT 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Windows Media Player 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Windows Mail 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Windows Live 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Windows Defender 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\WIBUKEY 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\WapSter 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\VideoLAN 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Trust 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Tablet 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\SopCast 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Safari 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Reference Assemblies 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Real 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\QuickTime 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\PWN 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\POV-Ray for Windows v3.6 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\PDFCreator 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\OVH 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Opera 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Mozilla Firefox 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Microsoft.NET 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Microsoft 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Microsoft SDKs 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\MAXON.CINEMA.4D.Studio.Bundle.v10.111.Multilanguage 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Marvell 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Macromedia 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\lg_fwupdate 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Lavasoft 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Lavalys 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\K-Lite Codec Pack 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\IVT Corporation 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\iTunes 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\IrfanView 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Internet Explorer Platform Preview 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Internet Explorer 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Intel 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Infer Engineering 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Graphisoft 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Google 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\GIGABYTE 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Gadu-Gadu 10 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Futuremark 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\ffdshow 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Feedback Tool 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\epson 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\eMule 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Electronic Arts 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\e-Deklaracje 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\ecue 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\DAEMON Tools Lite 2010-10-25 13:19:03 ----HD---- C:\Program Files (x86)\Creative Installation Information 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Creative 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\xing shared 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Windows Live 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\SpeechEngines 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Real 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\PAC207 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Macrovision Shared 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Macromedia Shared 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\InstallShield 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Graphisoft Shared 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Futuremark Shared 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Creative Labs Shared 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Creative 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Corel 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\ArcSoft 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Apple 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\CDex_150 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\CDex 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\blender-2.49b-win64-python26 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\Autodesk 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\Audacity 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\ASUS 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\Ashampoo 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\ArcSoft 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\Apple Software Update 2010-10-25 13:19:00 ----RHD---- C:\MSOCache 2010-10-25 13:19:00 ----D---- C:\Program Files (x86)\Analog Devices 2010-10-25 13:19:00 ----D---- C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint 2010-10-25 13:19:00 ----D---- C:\NVIDIA 2010-10-25 13:19:00 ----D---- C:\Live! Cam 2010-10-25 13:18:58 ----SHD---- C:\$Recycle.Bin 2010-10-25 12:23:20 ----D---- C:\Users\Michał\AppData\Roaming\Dropbox 2010-10-25 03:09:03 ----D---- C:\Program Files (x86)\SystemRequirementsLab 2010-10-25 02:56:28 ----A---- C:\Windows\lgfwup.ini 2010-10-25 02:39:55 ----D---- C:\Users\Michał\AppData\Roaming\WTablet ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys [2007-03-05 24976] R0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys [2007-03-05 49680] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [] R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [] R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [] R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [] R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440] R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [] R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys [] R2 adfs;adfs; C:\Windows\SysWOW64\drivers\adfs.sys [] R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [] R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [] R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [] R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys [] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [] R3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2007-06-24 37896] R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-06-24 37384] R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2007-03-05 25360] R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-06-24 47368] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [] R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2010-11-04 17440] R3 MCfilt;MCfilt; C:\Windows\system32\drivers\MCfilt64.sys [] R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [] R3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [] R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 47120] R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2007-03-05 63248] R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [] R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [] R3 WacomVKHid;Virtual Keyboard Driver; C:\Windows\system32\DRIVERS\WacomVKHid.sys [] S1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys [] S3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-09-18 22784] S3 ALSysIO;ALSysIO; \??\C:\Users\MICHA~1\AppData\Local\Temp\ALSysIO64.sys [] S3 BthEnum;Usługa wyliczania Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [] S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [] S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [] S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [] S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [] S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [] S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [] S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [] S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 57xx SteelVine Manager;57xx SteelVine; C:\Program Files (x86)\ASUS\Speeding HDD\SteelVine.exe [2008-05-29 1286144] R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [] R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-11-06 135336] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-11-06 267944] R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-08-19 90112] R2 Bonjour Service;Usługa Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-07-27 345376] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200] R2 hasplms;HASP License Manager; C:\Windows\system32\hasplms.exe -run [] R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-11-17 1375992] R2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit; C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-03-12 86016] R2 mi-raysat_3dsmax2010_64;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit; C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe [2009-03-12 86016] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936] R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-18 135664] S2 svchost32;Windows Service Manager; C:\Windows\system32\DirectX\svchost.exe /service [] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 544768] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-04-09 1436424] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-21 655624] S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 InstallShield Licensing Service;InstallShield Licensing Service; C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [2010-11-12 78536] S3 iPod Service;Usługa iPod; C:\Program Files\iPod\bin\iPodService.exe [] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888] S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672] S4 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2010-01-08 380928] S4 Autodesk Network Licensing Service;Autodesk Network Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [2008-06-13 1539224] S4 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe [2007-12-27 166520] S4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-02-17 79360] S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-02-17 79360] S4 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2010-02-28 68096] S4 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-11-14 66872] S4 Start BT in service;Start BT in service; C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-12-27 51816] S4 TabletServicePen;TabletServicePen; C:\Windows\system32\Pen_Tablet.exe [] -----------------EOF----------------- [/log] RSIT info: [log] info.txt logfile of random's system information tool 1.08 2010-11-18 00:56:26 ======Uninstall list====== -->"C:\Program Files (x86)\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /nolog/l0x0009 -->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /nolog/l0x0009 -->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /nolog/l0x0009 -->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /nolog/l0x0009 -->"C:\Program Files (x86)\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /nolog/l0x0009 -->C:\Program Files (x86)\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL -->C:\Windows\UNNeroShowTime.exe /UNINSTALL -->C:\Windows\UNNeroVision.exe /UNINSTALL -->C:\Windows\UNRecode.exe /UNINSTALL -->MsiExec /X{8A809006-C25A-4A3A-9DAB-94659BCDB107} -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6F3684E3-0FA0-4443-B97D-65117730222E}\setup.exe" -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DCCC08BD-FC52-4AEB-ACF8-6A5C06550468}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9 /remove µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL 3DMark Vantage-->C:\Program Files (x86)\InstallShield Installation Information\{C40C3C3D-97CF-44B5-836C-766E374464B3}\setup.exe -runfromtemp -l0x0009 -removeonly ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07} Ad-Aware-->"C:\ProgramData\{E961CE1B-C3EA-4882-9F67-F859B555D097}\Ad-AwareInstall.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\ProgramData\{E961CE1B-C3EA-4882-9F67-F859B555D097}\Ad-AwareInstall.exe Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D} Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} Adobe Creative Suite 5 Master Collection-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{6E9EF98E-259E-416D-B5F8-0ABDB99942CE} Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C} Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C} Adobe Reader 9.3.4 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A93000000001} AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4} AIMP2-->C:\Program Files (x86)\AIMP2\Uninstall.exe Akamai NetSession Interface-->C:\Program Files (x86)\Common Files\Akamai\uninstall.exe Apetito-->msiexec /qb /x {33E8C156-B983-46DA-2254-CBB065606066} Apetito-->MsiExec.exe /I{33E8C156-B983-46DA-2254-CBB065606066} Apple Application Support-->MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} ArchiCAD 13 POL (x86)-->C:\Program Files (x86)\Graphisoft\ArchiCAD 13\Uninstall.AC\uninstaller.exe ArcSoft PhotoImpression 6-->C:\Program Files (x86)\InstallShield Installation Information\{D03E7B00-CA85-4684-9321-1888873C34BD}\SETUP.EXE -runfromtemp -l0x0009 -removeonly Ashampoo WinOptimizer 6.50-->"C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\unins000.exe" ASUSUpdate-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\Setup.exe" -l0x9 Asystent rejestracji usługi Windows Live-->MsiExec.exe /I{51958BA7-21E4-4A8B-9098-CD8375BD17B2} Audacity 1.2.6-->"C:\Program Files (x86)\Audacity\unins000.exe" Autodesk 3ds Max 2010 32-bit Components-->MsiExec.exe /I{60A08432-00DD-0409-AC2C-143C75460878} Autodesk 3ds Max 2010 32-bit-->MsiExec.exe /I{317AC0C7-FEBF-0409-87A3-4FC70D0ED900} Autodesk 3ds Max 2010 Tutorials Files-->MsiExec.exe /I{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00} Autodesk Backburner 2008.1-->MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379} Autodesk Design Review 2010-->C:\Program Files (x86)\Autodesk\Autodesk Design Review\Setup\Setup.exe /P {55D9E026-DCB0-46FF-B60A-68B972228CF6} /M ADR Autodesk FBX Plugin 2009.4 - 3ds Max 2010-->C:\Program Files (x86)\Autodesk\FBX\FBXPlugins\2009.4\3ds Max 2010\Uninstall.exe Autodesk Material Library 2011 Base Image library-->MsiExec.exe /I{CD1E078C-A6B9-47DA-B035-6365C85C7832} Autodesk Material Library 2011-->MsiExec.exe /I{9DEABCB6-B759-4D52-92F8-51B34A2B4D40} Avira AntiVir Personal - Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE Bluesoleil2.7.0.13 VoIP Release 071227-->MsiExec.exe /X{8F85CC2C-4B26-4CF6-B835-DC59BCEDD287} Calculux 7.5.0.1-->C:\Program Files (x86)\InstallShield Installation Information\{80E563B0-BE7C-4768-8783-00C462BD3593}\setup.exe -runfromtemp -l0x0409 Call of Duty Modern Warfare 2-->"G:\GAMES\Modern Warfare 2\unins000.exe" CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe" CDex - Open Source Digital Audio CD Extractor-->C:\Program Files (x86)\CDex\uninstall.exe CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->c:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\Uninst.exe CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->MsiExec.exe /X{CE2DA11A-917F-4CF5-AB55-755EC115DD10} Creative Karaoke Player-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DCCC08BD-FC52-4AEB-ACF8-6A5C06550468}\setup.exe" -l0x9 /remove Creative MediaSource 5-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\setup.exe" -l0x9 /remove Creative WaveStudio 7-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9 /remove DAEMON Tools Toolbar-->C:\Program Files (x86)\DAEMON Tools Toolbar\uninst.exe DIALux 4.8-->"C:\Windows\DIALux\uninstall.exe" "/U:C:\Program Files (x86)\DIALux\Uninstall\uninstall.xml" EA Download Manager UI-->msiexec /qb /x {4E5EE953-0D92-A385-E3A0-FBFCB2DE15AA} EA Download Manager UI-->MsiExec.exe /I{4E5EE953-0D92-A385-E3A0-FBFCB2DE15AA} EA Download Manager-->C:\Program Files (x86)\Electronic Arts\EADM\EADMUninstall.exe ecue HASP SRM Driver V5.2-->C:\Program Files (x86)\ecue\HASP SRM Driver V5.2\uninst.exe ecue Imagine V5.2-->C:\Program Files (x86)\ecue\Imagine V5.2\uninst.exe ecue Library Editor V5.2-->C:\Program Files (x86)\ecue\Library Editor V5.2\uninst.exe ecue Patchelor V5.2-->C:\Program Files (x86)\ecue\Patchelor V5.2\uninst.exe ecue Programmer V5.2-->C:\Program Files (x86)\ecue\Programmer V5.2\uninst.exe e-Deklaracje Desktop-->msiexec /qb /x {6EFFB73F-A7E4-E9BF-3C2F-1AF19A5183F4} e-Deklaracje Desktop-->MsiExec.exe /I{6EFFB73F-A7E4-E9BF-3C2F-1AF19A5183F4} eMule Plus 1.2e-->"C:\Program Files (x86)\eMule\unins000.exe" EPSON Attach To Email-->C:\Program Files (x86)\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG EPSON Copy Utility 3-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x9 -UnInstall EPSON Event Manager-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{48F22622-1CC2-4A83-9C1E-644DD96F832D}\Setup.exe" -l0x9 -u EPSON File Manager-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}\Setup.exe" -l0x9 UNINST EPSON PERFECTION V200 PHOTO Podręcznik-->C:\Program Files (x86)\EPSON\TPMANUAL\PerfV200\POL\USE_G\DOCUNINS.EXE EPSON Scan Assistant-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x9 -u EPSON Scan-->C:\Program Files (x86)\epson\escndv\setup\setup.exe /r EVEREST Ultimate Edition v5.30-->"C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\unins000.exe" FARO LS 1.1.406.58-->MsiExec.exe /I{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C} FBX Plugin 2006.11.1 for Max 2008 64-->C:\Program Files (x86)\Autodesk\FBX\FbxPlugins\2006.11.1\Max2008_64\Uninstall.exe FBX Plugin 2006.11.1 for Max 2008-->C:\Program Files (x86)\Autodesk\FBX\FbxPlugins\2006.11.1\Max2008\Uninstall.exe Feedback Tool-->MsiExec.exe /I{90024193-9F13-4877-89D5-A1CDF0CBBF28} ffdshow [rev 3255] [2010-02-08]-->"C:\Program Files (x86)\ffdshow\unins000.exe" Free M4a to MP3 Converter 6.1-->"C:\Program Files (x86)\Free M4a to MP3 Converter\unins000.exe" Futuremark SystemInfo-->C:\Program Files (x86)\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe -runfromtemp -l0x0009 -removeonly Gadu-Gadu 10-->C:\Program Files (x86)\Gadu-Gadu 10\Uninstall.exe Gamer HUD Lite-->MsiExec.exe /I{8FE4D086-63BD-44EB-882C-C7EA5A1EF016} Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\7.0.517.44\Installer\setup.exe" --uninstall --system-level Google Earth-->MsiExec.exe /X{4286E640-B5FB-11DF-AC4B-005056C00008} Google SketchUp 7-->MsiExec.exe /X{597E70FF-7C46-4EED-8092-91B7C2E0529D} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)-->C:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)-->C:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)-->C:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)-->C:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)-->C:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" ipla 2.1.5-->C:\Program Files (x86)\ipla\uninst.exe IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF} JMicron JMB36X Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x9 -removeonly K-Lite Codec Pack 6.0.4 (Basic)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe" LG CyberLink PowerBackup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{ADD5DB49-72CF-11D8-9D75-000129760D75}\Setup.exe" -uninstall LG CyberLink PowerProducer-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall LG CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall LG CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall LG ODD Auto Oprogramowanie-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\Setup.exe" LG Power Tools-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall LG Power Tools-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall Macromedia FreeHand MXa-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{939740B5-0064-4779-854A-8C1086181C05}\Setup.exe" -l0x9 UNINSTALL Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" marvell 61xx-->C:\Program Files (x86)\Marvell\61xx\uninst-61xx.exe Marvell Miniport Driver-->C:\Program Files (x86)\Marvell\Miniport Driver\Uninst.exe Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft VC80 Support DLLs-->MsiExec.exe /I{342F5437-C87D-4BB5-89B9-B23E16C6A395} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual Studio Tools for Applications 2.0 - ENU-->MsiExec.exe /X{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} Microsoft Visual Studio Tools for Applications 2.0 Runtime-->MsiExec.exe /X{299C0434-4F4E-341F-A916-4E07AEB35E79} Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25} Microsoft_VC80_ATL_x86-->MsiExec.exe /I{CB07E706-5DD7-4093-83A1-1430D5B6FA75} Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C} Microsoft_VC80_CRT_x86-->MsiExec.exe /I{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A} Microsoft_VC80_MFC_x86-->MsiExec.exe /I{8AE28FB8-B8AE-4B58-A5FE-77F45E462BAE} Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57} Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{7FF0ACFE-4346-4D9D-B822-C69B99AAE1FC} Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7} Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C} Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403} Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A} Mozilla Firefox (3.6.11)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} Narzędzie do przekazywania usługi Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Need for Speed™ SHIFT-->MsiExec.exe /X{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4} Nero 7 Premium-->MsiExec.exe /X{D98C0C51-F9BB-4EE4-B791-22BF6EE31045} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NVIDIA PhysX-->MsiExec.exe /X{8A809006-C25A-4A3A-9DAB-94659BCDB107} NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask Opera 10.63-->MsiExec.exe /X{87CC8013-56D1-43E1-A0A5-AD406B4EBA95} OSRAM Lamp PlugIn 1.7.0.0-->"C:\Program Files (x86)\InstallShield Installation Information\{567EA4E4-B799-4F1C-BFE0-D0381BD8651A}\setup.exe" -runfromtemp -l0x0009 -removeonly OVH MoM-->"C:\Program Files (x86)\OVH\MoM\uninst-MoM.exe" PC Probe II-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\setup.exe" -l0x9 PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392} PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe pdfforge Toolbar v1.1.2-->MsiExec.exe /X{5791B7D3-8B34-4218-9750-6A8E45D0AD32} Pen Tablet-->C:\Program Files (x86)\Tablet\Pen\Remove.exe /u Philips Product Selector 5.2.4.0-->C:\Program Files (x86)\InstallShield Installation Information\{81AD9228-21AC-4DBD-AE33-98146A88BAA8}\setup.exe -runfromtemp -l0x0409 PhotoDlx-->"C:\Program Files (x86)\InstallShield Installation Information\{4086DF3D-B6CB-4AA5-BF7F-EF1BC0A63BD4}\setup.exe" -runfromtemp -l0x0009anything -uninst Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe" Podstawowe programy Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Podstawowe programy Windows Live-->MsiExec.exe /I{9862473C-E063-4C68-A161-2CDE0E8048A5} Pontifex II-->C:\Program Files (x86)\Pontifex II\uninstall.exe POV-Ray for Windows v3.6.0-->C:\PROGRA~2\POV-RA~1.6\unwise.exe C:\PROGRA~2\POV-RA~1.6\install.log PowerDVD-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe" PPS max plugin 1.5.0-->"C:\Program Files (x86)\Philips Lighting\VIZProxy\unins000.exe" PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u PxMergeModule-->MsiExec.exe /I{024521CF-C07E-4F8E-8481-0D75695E03AF} QuickTime-->MsiExec.exe /I{E7004147-2CCA-431C-AA05-2AB166B9785D} RealPlayer-->C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0 RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F} Rhino RDK-->C:\PROGRA~2\COMMON~1\MCNEEL~1\RDK\UNWISE.EXE C:\PROGRA~2\COMMON~1\MCNEEL~1\RDK\INSTALL.LOG Rhinoceros 4.0 SR3-->MsiExec.exe /I{D7960C39-E3FD-4B46-8E97-A1E9D128F913} Rhinoceros 4.0 SR4b-->MsiExec.exe /I{CCBC3666-5199-4702-B052-2C58FCA6EFF9} Rhinoceros 4.0-->MsiExec.exe /I{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87} RocketDock 1.3.5-->"C:\Program Files (x86)\RocketDock\unins000.exe" Safari-->MsiExec.exe /I{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43} Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A} Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} SopCast 3.2.9-->C:\Program Files (x86)\SopCast\uninst.exe Sound Blaster X-Fi MB-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{818690C7-8DA5-4623-BBA8-A73CFBD44077}\setup.exe" -l0x9 /remove SoundMAX-->C:\Program Files (x86)\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe -runfromtemp -l0x0015 -removeonly Speeding HDD-->MsiExec.exe /I{BDD11F42-6F08-4BB6-B4CA-3258BB58CDD5} Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004} Spotify-->"C:\Program Files (x86)\Spotify\uninstall.exe" STAL EXPONENT 1.0.2-->MsiExec.exe /I{90AA5CE4-3517-4A50-95BF-B2C88EC41795} System Requirements Lab for Intel-->MsiExec.exe /I{F7FC9307-374E-4017-8E9D-DE1154780480} Terragen-->MsiExec.exe /I{CCEB53A5-A252-4CF3-8602-429AB06BF0AE} Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe Trust 100K Series Webcam-->C:\Program Files (x86)\InstallShield Installation Information\{C679F9B9-C65D-4C65-BD6C-BF90B859E281}\setup.exe -runfromtemp -l0x0009 -removeonly Turbo Squid Tentacles 3ds Max 2008-->MsiExec.exe /X{72019134-3A61-4C39-A540-245600C4CDFA} TweakIt-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{922A36F5-6663-45C0-A515-B63C4E585195}\setup.exe" -l0x9 VDownloader 1.12-->"C:\Program Files (x86)\VDOWNLOADER\unins000.exe" Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\SysWOW64\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" Visual Studio 2008 x64 Redistributables-->MsiExec.exe /I{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49} VLC media player 1.0.5-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe V-Ray for Rhinoceros 4.0-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{54DBAF71-635A-45CB-A7DD-7EAB60F5C460}\setup.exe" -l0x9 -removeonly V-Ray for Rhinoceros-->"C:\Program Files (x86)\InstallShield Installation Information\{40625DE4-DCDB-44FE-84B5-E65F1365BF44}\setup.exe" -runfromtemp -l0x0009 -removeonly WapSter AQQ-->C:\Program Files (x86)\WapSter\WapSter AQQ\uninstall.exe Wielki słownik angielsko-polski i polsko-angielski PWN-OXFORD-->C:\Windows\IsUn0415.exe -f"C:\Program Files (x86)\PWN\WSPWNOUP2006\Uninst.isu" Windows Internet Explorer Platform Preview-->MsiExec.exe /I{39316EDC-804F-4081-9974-0A13BA77E5EF} Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956} Windows Live Messenger-->MsiExec.exe /X{D1803CD4-0CE7-4484-98E3-88D7A2D629A4} Worms World Party-->C:\Windows\IsUn0415.exe -f"C:\Team17\Worms World Party\Uninst.isu" ======Hosts File====== 127.0.0.1 activate.adobe.com 127.0.0.1 preactivate.adobe.com 127.0.0.1 adobeereg.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 192.150.18.108 127.0.0.1 activate.adobe.com:443 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com ======System event log====== Computer Name: scorpion Event Code: 7036 Message: Usługa Protexis Licensing V2 weszła w stan zatrzymania. Record Number: 64206 Source Name: Service Control Manager Time Written: 20100611151242.165633-000 Event Type: Informacje User: Computer Name: scorpion Event Code: 7036 Message: Usługa Zasilanie weszła w stan zatrzymania. Record Number: 64205 Source Name: Service Control Manager Time Written: 20100611151242.165633-000 Event Type: Informacje User: Computer Name: scorpion Event Code: 7036 Message: Usługa PnkBstrA weszła w stan zatrzymania. Record Number: 64204 Source Name: Service Control Manager Time Written: 20100611151242.165633-000 Event Type: Informacje User: Computer Name: scorpion Event Code: 7036 Message: Usługa Host usługi diagnostyki weszła w stan zatrzymania. Record Number: 64203 Source Name: Service Control Manager Time Written: 20100611151242.150033-000 Event Type: Informacje User: Computer Name: scorpion Event Code: 7036 Message: Usługa Office Software Protection Platform weszła w stan zatrzymania. Record Number: 64202 Source Name: Service Control Manager Time Written: 20100611151242.134433-000 Event Type: Informacje User: =====Application event log===== Computer Name: scorpion Event Code: 4113 Message: AntiVir has detected 'TR/Crypt.XPACK.Gen' in the file C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe Record Number: 4838 Source Name: Avira AntiVir Time Written: 20100226083339.000000-000 Event Type: Ostrzeżenia User: ZARZĄDZANIE NT\SYSTEM Computer Name: scorpion Event Code: 4113 Message: AntiVir has detected 'TR/Crypt.XPACK.Gen' in the file C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe Record Number: 4837 Source Name: Avira AntiVir Time Written: 20100226083327.000000-000 Event Type: Ostrzeżenia User: ZARZĄDZANIE NT\SYSTEM Computer Name: scorpion Event Code: 4113 Message: AntiVir has detected 'TR/Crypt.XPACK.Gen' in the file C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe Record Number: 4836 Source Name: Avira AntiVir Time Written: 20100226082603.000000-000 Event Type: Ostrzeżenia User: ZARZĄDZANIE NT\SYSTEM Computer Name: scorpion Event Code: 4113 Message: AntiVir has detected 'TR/Crypt.XPACK.Gen' in the file C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe Record Number: 4835 Source Name: Avira AntiVir Time Written: 20100226082551.000000-000 Event Type: Ostrzeżenia User: ZARZĄDZANIE NT\SYSTEM Computer Name: scorpion Event Code: 1003 Message: The Software Protection service has completed licensing status check. Application Id=59a52881-a989-479d-af46-f275c6370663 Licensing Status= 1: 0248c7a3-0740-4aa9-b4e2-9d51d8b13528, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 2: 0aebdf46-4084-4c03-b276-72e473b1b4b0, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 3: 175d1eed-a58e-4ca6-a712-56c9a5fc2c21, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 4: 35cb890a-91eb-4acc-8c22-c1f4443af630, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 5: 4631a3f9-6cb5-41fa-9c09-3a56f5964702, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 6: 46c05e2d-6280-47bf-9d18-3e8e9a5231e1, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 7: 6c162e12-c502-4abf-8c26-f38668409172, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 8: 714bf8ed-0082-48c7-b135-77640026d026, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 9: 72381d02-e871-4f37-b3e6-0ee15333035c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 10: 8c0d01dc-9002-4e6e-ae6f-dc240ccca1f8, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 11: 8c8cd357-b14e-4a71-a3b0-0c29c75e9a01, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 12: 8c9cebbb-6624-456e-bcfa-07c6b05e7d36, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 13: 8dd1b467-f97b-493e-8df3-ba3113c9e6cc, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 14: 8fd365e7-a2d0-4275-986a-aab64f264a57, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 15: a2aec78f-6912-491b-8c0e-3dc93986e93c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 16: b101f5b5-c65c-4d09-bbce-c163ef8e1667, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 17: b331c8cf-25ed-44cf-8bb8-c0df920754e1, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 18: bf4eb0e8-5584-4d21-82d0-cde414724942, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 19: cec08034-a389-449b-a77a-b6e108825347, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 20: cff38370-227d-48d1-afc5-3ccb502454f4, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 21: dac1d6e7-3d5b-426d-86dd-d523feb5725f, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 22: dda35b34-c94b-4622-9727-6f33109b9e0c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 23: e705662b-3b8b-482e-8efd-a40b97447514, 1, 1 [(0 [0x00000000, 1, 0], [(?)(?)( 1 0x00000000 3 0 msft:rm/algorithm/hwid/4.0 0x00000000 0)( 7 0x00000000 2010/10/31)(?)(?)])(1 )(2 )] 24: ef671765-fe3f-4836-b046-43ab4e23dc03, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] Record Number: 4834 Source Name: Office Software Protection Platform Service Time Written: 20100226081803.000000-000 Event Type: Informacje User: =====Security event log===== Computer Name: scorpion Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Uprawnienia: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 10571 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100417164602.656833-000 Event Type: Sukcesy inspekcji User: Computer Name: scorpion Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SCORPION$ Domena konta: DOM52 Identyfikator logowania: 0x3e7 Typ logowania: 5 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x2e8 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Nazwa stacji roboczej: Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: Advapi Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 10570 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100417164602.656833-000 Event Type: Sukcesy inspekcji User: Computer Name: scorpion Event Code: 4902 Message: Utworzono tabelę zasad inspekcji użytkownika. Liczba elementów: 0 Identyfikator zasad: 0xcd93 Record Number: 10569 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100417164602.563233-000 Event Type: Sukcesy inspekcji User: Computer Name: scorpion Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-0-0 Nazwa konta: - Domena konta: - Identyfikator logowania: 0x0 Typ logowania: 0 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x4 Nazwa procesu: Informacje o sieci: Nazwa stacji roboczej: - Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: - Pakiet uwierzytelniania: - Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 10568 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100417164602.547633-000 Event Type: Sukcesy inspekcji User: Computer Name: scorpion Event Code: 4608 Message: Trwa uruchamianie systemu Windows. To zdarzenie jest rejestrowane w momencie uruchamiania programu LSASS.EXE i inicjowania podsystemu inspekcji. Record Number: 10567 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100417164602.547633-000 Event Type: Sukcesy inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=c:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Autodesk\Backburner\;C:\Program Files (x86)\Common Files\Autodesk Shared\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files (x86)\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=8 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 26 Stepping 5, GenuineIntel "PROCESSOR_REVISION"=1a05 "CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip "asl.log"=Destination=file -----------------EOF----------------- [/log]halo, jest mi w stanie ktoś pomóc??
Tomek01 komentarz 23 listopada 2010 komentarz 23 listopada 2010 Na Ciebie czekałem 6 dni a Ty nie możesz kilku godzin ? Odinstaluj: DAEMON Tools Toolbar, searchsettings (pdfforge Toolbar), Contribute Toolbar. W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL SRV:64bit: - File not found [Auto | Stopped] -- C:\Windows\SysNative\DirectX\svchost.exe -- (svchost32) IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0 FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:1.1.2 FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3 FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0[2010-10-25 13:19:10 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\mozilla\Firefox\Profiles\y4p9czh5.default\extensions\DTToolbar@toolbarnet.com [2010-02-18 21:36:10 | 000,002,055 | ---- | M] () -- C:\Users\Michał\AppData\Roaming\Mozilla\FireFox\Profiles\y4p9czh5.default\searchplugins\daemon-search.xml O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - G:\Adobe CS5\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - G:\Adobe CS5\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O3:64bit: - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O33 - MountPoints2\{92c5cd14-1d5e-11df-8339-0015830d20c4}\Shell - "" = AutoRun O33 - MountPoints2\{92c5cd14-1d5e-11df-8339-0015830d20c4}\Shell\AutoRun\command - "" = J:\autorun.exe -- File not foundMsConfig:64bit - StartUpReg: SearchSettings - hkey= - key= - C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.) :Files C:\Windows\system32\DirectX\svchost.exe C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe C:\Users\Michał\AppData\Local\Temp*.html C:\Windows\drive.ini C:\Program Files\desktop.ini C:\Program Files (x86)\desktop.ini :Services Application Updater Windows Service Manager svchost32 :Commands [emptytemp] [start explorer] [Reboot] [/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT. Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wynik pokaż na forum.
qbikk89 komentarz 25 listopada 2010 Autor komentarz 25 listopada 2010 (edytowane) Z całym szacunkiem, ponieważ to Ty mi pomagasz i poświęcasz mi swój czas za co jestem wdzięczny. Ale logi wstawiłem już 18.11, czyli dzień po Twoim poście, niestety coś źle wkleiłem, tak więc inny moderator zmienił mój post.. takie tylko sprostowanie chciałem, żeby nie było, że nie mogę poczekać paru godzin (aż tak narwany nie jestem;) ),ja właśnie czekałem te 5 dni, aż straciłem wiarę, że ktoś wie jak to naprawić i dodałem tą odpowiedź i sorki, że tak wyszło, że Ty musiałeś czekać 6 dni.. nie wiem jak to się stało, że nie pojawiło Ci się powiadomienie, że dodałem wcześniej odpowiedź na Twojego posta, nie moja wina. Teraz znowu nie miałem neta, żeby to wcześniej napisać... Ale do rzeczy, tak więc zrobiłem co mi kazałeś (niestety nie mogłem znaleźć Contribute Toolbar, aby go usunąć =/, a neta niestety dalej nie ma w przeglądarkach =/ Tutaj wstawiam kolejno logi: OTL run fix: [log] All processes killed ========== PROCESSES ========== No active process named Explorer.exe was found! ========== OTL ========== Service svchost32 stopped successfully! Service svchost32 deleted successfully! File C:\Windows\SysNative\DirectX\svchost.exe not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Prefs.js: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 removed from extensions.enabledItems Prefs.js: DTToolbar@toolbarnet.com:1.1.2.0185 removed from extensions.enabledItems Prefs.js: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0 removed from extensions.enabledItems Prefs.js: pdfforge@mybrowserbar.com:1.1.2 removed from extensions.enabledItems Prefs.js: searchsettings@spigot.com:1.2.3 removed from extensions.enabledItems Prefs.js: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0[2010-10-25 13:19:10 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\mozilla\Firefox\Profiles\y4p9czh5.default\extensions\DTToolbar@toolbarnet.com removed from extensions.enabledItems C:\Users\Michał\AppData\Roaming\Mozilla\FireFox\Profiles\y4p9czh5.default\searchplugins\daemon-search.xml moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{074C1DC5-9320-4A9A-947D-C042949C6216}\ deleted successfully. G:\Adobe CS5\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll moved successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully. File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}\ deleted successfully. File G:\Adobe CS5\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll not found. 64bit-Registry value HKEY_USERS\S-1-5-21-2459495681-4173276582-2486991001-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll not found. Registry value HKEY_USERS\S-1-5-21-2459495681-4173276582-2486991001-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{92c5cd14-1d5e-11df-8339-0015830d20c4}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92c5cd14-1d5e-11df-8339-0015830d20c4}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{92c5cd14-1d5e-11df-8339-0015830d20c4}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92c5cd14-1d5e-11df-8339-0015830d20c4}\ not found. File J:\autorun.exe not found. ========== FILES ========== File\Folder C:\Windows\system32\DirectX\svchost.exe not found. File\Folder C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe not found. C:\Users\Michał\AppData\Local\Temp107020.html moved successfully. C:\Users\Michał\AppData\Local\TempA18840.html moved successfully. C:\Users\Michał\AppData\Local\Tempaup880.html moved successfully. C:\Users\Michał\AppData\Local\TempBuv868.html moved successfully. C:\Users\Michał\AppData\Local\TempcO3116.html moved successfully. C:\Users\Michał\AppData\Local\Tempcr8176.html moved successfully. C:\Users\Michał\AppData\Local\Tempd37108.html moved successfully. C:\Users\Michał\AppData\Local\TempfA4452.html moved successfully. C:\Users\Michał\AppData\Local\Tempg66856.html moved successfully. C:\Users\Michał\AppData\Local\Tempge2212.html moved successfully. C:\Users\Michał\AppData\Local\Temph16612.html moved successfully. C:\Users\Michał\AppData\Local\Temph49544.html moved successfully. C:\Users\Michał\AppData\Local\Tempi16280.html moved successfully. C:\Users\Michał\AppData\Local\Tempj80540.html moved successfully. C:\Users\Michał\AppData\Local\TempK81600.html moved successfully. C:\Users\Michał\AppData\Local\Tempkv6140.html moved successfully. C:\Users\Michał\AppData\Local\TempMC8596.html moved successfully. C:\Users\Michał\AppData\Local\Tempmt6140.html moved successfully. C:\Users\Michał\AppData\Local\TempR31492.html moved successfully. C:\Users\Michał\AppData\Local\Temps39388.html moved successfully. C:\Users\Michał\AppData\Local\TempSC8176.html moved successfully. C:\Users\Michał\AppData\Local\TempsG4452.html moved successfully. C:\Users\Michał\AppData\Local\TempsJ2212.html moved successfully. C:\Users\Michał\AppData\Local\TempSr8084.html moved successfully. C:\Users\Michał\AppData\Local\TempTXL880.html moved successfully. C:\Users\Michał\AppData\Local\TempV80540.html moved successfully. C:\Users\Michał\AppData\Local\TempvR8596.html moved successfully. C:\Users\Michał\AppData\Local\TempxK3472.html moved successfully. C:\Users\Michał\AppData\Local\Tempy70456.html moved successfully. C:\Users\Michał\AppData\Local\TempY81600.html moved successfully. C:\Windows\drive.ini moved successfully. C:\Program Files\desktop.ini moved successfully. C:\Program Files (x86)\desktop.ini moved successfully. ========== SERVICES/DRIVERS ========== Error: No service named Application Updater was found to stop! Service\Driver key Application Updater not found. Error: No service named Windows Service Manager was found to stop! Service\Driver key Windows Service Manager not found. Error: No service named svchost32 was found to stop! Service\Driver key svchost32 not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 41620 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Michał ->Temp folder emptied: 573547 bytes ->Temporary Internet Files folder emptied: 67078 bytes ->Java cache emptied: 12876624 bytes ->FireFox cache emptied: 41738744 bytes ->Google Chrome cache emptied: 594288 bytes ->Apple Safari cache emptied: 0 bytes ->Opera cache emptied: 240 bytes ->Flash cache emptied: 48522 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 356352 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 8405015 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68032 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 62,00 mb OTL by OldTimer - Version 3.2.17.3 log created on 11242010_231046 Files\Folders moved on Reboot... C:\Users\Michał\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot. Registry entries deleted on Reboot... [/log] OTL: [log] OTL logfile created on: 2010-11-24 23:14:47 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Michał\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.7930.16406) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 11,00 Gb Total Physical Memory | 9,00 Gb Available Physical Memory | 84,00% Memory free 22,00 Gb Paging File | 20,00 Gb Available in Paging File | 92,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 88,82 Gb Total Space | 15,45 Gb Free Space | 17,39% Space Free | Partition Type: NTFS Drive D: | 11,17 Gb Total Space | 6,45 Gb Free Space | 57,68% Space Free | Partition Type: NTFS Drive E: | 250,00 Gb Total Space | 221,67 Gb Free Space | 88,67% Space Free | Partition Type: NTFS Drive F: | 250,00 Gb Total Space | 130,60 Gb Free Space | 52,24% Space Free | Partition Type: NTFS Drive G: | 331,52 Gb Total Space | 62,41 Gb Free Space | 18,83% Space Free | Partition Type: NTFS Drive M: | 484,98 Mb Total Space | 389,34 Mb Free Space | 80,28% Space Free | Partition Type: FAT32 Computer Name: SCORPION | User Name: Michał | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - File not found -- C:\Windows\SysWow64\hasplms.exe PRC - [2010-11-24 18:36:53 | 000,928,496 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2010-11-24 18:36:51 | 001,375,992 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe PRC - [2010-11-17 21:42:56 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Michał\Desktop\OTL.exe PRC - [2010-11-06 12:33:12 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010-11-06 12:33:12 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2010-11-06 12:33:12 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2010-11-02 17:50:11 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe PRC - [2010-09-23 08:46:07 | 000,755,096 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe PRC - [2010-07-27 17:44:08 | 000,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe PRC - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010-02-22 13:04:07 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe PRC - [2010-02-18 20:47:48 | 000,319,280 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe PRC - [2009-08-19 19:56:38 | 000,090,112 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe PRC - [2009-08-12 13:44:52 | 001,678,848 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\Gamer HUD Lite\HUD.exe PRC - [2009-07-14 02:14:42 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe PRC - [2009-06-04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009-06-04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2009-03-12 16:39:54 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe PRC - [2009-03-12 16:36:24 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe PRC - [2009-02-23 11:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe PRC - [2008-12-11 13:45:22 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe PRC - [2008-05-29 15:55:24 | 001,286,144 | ---- | M] () -- C:\Program Files (x86)\ASUS\Speeding HDD\SteelVine.exe PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe PRC - [2007-05-16 09:27:38 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2007-05-16 09:27:28 | 000,271,920 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe PRC - [2007-05-16 09:27:16 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2007-05-14 03:54:36 | 000,272,024 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe PRC - [2006-11-03 10:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe PRC - [2006-10-12 15:57:08 | 000,102,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe PRC - [2005-01-12 03:01:32 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-11-17 21:42:56 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Michał\Desktop\OTL.exe MOD - [2010-02-22 13:04:29 | 000,118,784 | ---- | M] (RealPlayer) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll MOD - [2010-02-22 13:04:12 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr71.dll MOD - [2010-02-22 13:04:11 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp71.dll MOD - [2009-07-14 02:17:51 | 001,289,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2009-07-14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2009-07-14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2009-07-14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 02:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-07-14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2009-07-14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2009-07-14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2009-07-14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 02:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2009-07-14 02:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2009-07-14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2009-07-14 02:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2009-07-14 02:16:12 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2009-07-14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2009-07-14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2009-07-14 02:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2009-07-14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 02:11:24 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2009-07-14 02:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2009-07-14 02:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2009-07-14 02:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 02:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2009-07-14 02:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2009-07-14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll MOD - [2009-07-14 02:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - File not found [Disabled | Stopped] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA) SRV:[b]64bit:[/b] - File not found [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV:[b]64bit:[/b] - [2010-04-09 19:30:11 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2009-09-17 14:38:22 | 000,111,616 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2009-04-21 11:59:08 | 002,869,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms) SRV:[b]64bit:[/b] - [2009-03-12 16:39:54 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe -- (mi-raysat_3dsmax2010_64) SRV:[b]64bit:[/b] - [2007-09-07 19:16:16 | 001,909,032 | ---- | M] (Wacom Technology, Corp.) [Disabled | Stopped] -- C:\Windows\SysNative\Pen_Tablet.exe -- (TabletServicePen) SRV - [2010-11-24 18:36:51 | 001,375,992 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2010-11-14 21:34:31 | 000,066,872 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010-11-12 01:03:27 | 000,078,536 | ---- | M] (Macrovision ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe -- (InstallShield Licensing Service) SRV - [2010-11-11 18:06:29 | 003,019,352 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_4176eef.dll -- (Akamai) SRV - [2010-11-06 12:33:12 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010-11-06 12:33:12 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010-08-13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-02-28 16:25:22 | 000,068,096 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service) SRV - [2010-02-21 12:25:51 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010-02-17 15:50:06 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service) SRV - [2010-02-17 15:49:39 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) SRV - [2009-08-24 22:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe -- (DfSdkS) SRV - [2009-08-19 19:56:38 | 000,090,112 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-06-04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2009-03-12 16:36:24 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe -- (mi-raysat_3dsmax2010_32) SRV - [2009-02-23 11:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService) SRV - [2008-06-13 03:05:48 | 001,539,224 | ---- | M] (Autodesk, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskNetSrv.exe -- (Autodesk Network Licensing Service) SRV - [2008-05-29 15:55:24 | 001,286,144 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\Speeding HDD\SteelVine.exe -- (57xx SteelVine Manager) SRV - [2007-12-27 15:39:30 | 000,166,520 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service) SRV - [2007-12-27 15:39:20 | 000,051,816 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - File not found [Kernel | System | Stopped] -- C:\Windows\SysNative\DRIVERS\EIO64.sys -- (EIO64) DRV:[b]64bit:[/b] - [2010-11-06 12:33:12 | 000,081,584 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:[b]64bit:[/b] - [2010-09-23 08:46:09 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd) DRV:[b]64bit:[/b] - [2010-03-02 12:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:[b]64bit:[/b] - [2010-02-18 21:35:50 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2009-09-17 14:38:22 | 000,478,208 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV:[b]64bit:[/b] - [2009-09-17 14:38:22 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MCfilt64.sys -- (MCfilt) DRV:[b]64bit:[/b] - [2009-08-26 06:48:44 | 000,071,040 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf) DRV:[b]64bit:[/b] - [2009-07-16 11:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM) DRV:[b]64bit:[/b] - [2009-07-13 03:01:41 | 000,105,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:[b]64bit:[/b] - [2009-07-09 02:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:[b]64bit:[/b] - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-06-04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009-05-20 10:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:[b]64bit:[/b] - [2009-05-18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2009-03-13 10:55:38 | 000,318,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock) DRV:[b]64bit:[/b] - [2009-01-08 10:55:04 | 000,129,280 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge) DRV:[b]64bit:[/b] - [2007-06-24 21:56:56 | 000,047,368 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btcusb.sys -- (Btcsrusb) DRV:[b]64bit:[/b] - [2007-06-24 21:56:42 | 000,037,384 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV:[b]64bit:[/b] - [2007-06-24 21:56:36 | 000,037,896 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\blueletaudio.sys -- (BlueletAudio) DRV:[b]64bit:[/b] - [2007-03-05 20:47:08 | 000,025,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BtNetDrv.sys -- (BT) DRV:[b]64bit:[/b] - [2007-03-05 20:39:28 | 000,063,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VcommMgr.sys -- (VcommMgr) DRV:[b]64bit:[/b] - [2007-03-05 20:38:20 | 000,047,120 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VComm.sys -- (VComm) DRV:[b]64bit:[/b] - [2007-02-16 20:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter) DRV:[b]64bit:[/b] - [2007-02-16 19:30:12 | 000,014,640 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid) DRV:[b]64bit:[/b] - [2007-02-16 01:11:26 | 000,012,976 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WacomVKHid.sys -- (WacomVKHid) DRV:[b]64bit:[/b] - [2006-12-05 10:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207) DRV:[b]64bit:[/b] - [2006-11-22 05:20:00 | 000,107,008 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\WibuKey64.sys -- (WIBUKEY) DRV - [2010-11-04 01:59:02 | 000,017,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer) DRV - [2009-12-18 10:58:52 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64) DRV - [2007-06-24 21:56:56 | 000,047,368 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\btcusb.sys -- (Btcsrusb) DRV - [2007-06-24 21:56:42 | 000,037,384 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV - [2007-06-24 21:56:36 | 000,037,896 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\blueletaudio.sys -- (BlueletAudio) DRV - [2007-03-05 20:47:08 | 000,025,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\btnetdrv.sys -- (BT) DRV - [2007-03-05 20:42:54 | 000,049,680 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BTHidMgr.sys -- (BTHidMgr) DRV - [2007-03-05 20:41:34 | 000,024,976 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\vbtenum.sys -- (BTHidEnum) DRV - [2007-03-05 20:39:28 | 000,063,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\VCommMgr.sys -- (VcommMgr) DRV - [2007-03-05 20:38:20 | 000,047,120 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\VComm.sys -- (VComm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Bing" FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q=" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.lockerz.com/" FF - prefs.js..extensions.enabledItems: "" FF - prefs.js..extensions.enabledItems: "" FF - prefs.js..extensions.enabledItems: "" FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.6.1 FF - prefs.js..extensions.enabledItems: "" FF - prefs.js..extensions.enabledItems: "" FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0 FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=IEFM1&q=" FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 50370 FF - prefs.js..network.proxy.type: 1 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-10-25 13:19:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: G:\Adobe CS5\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010-11-02 17:58:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-10-22 00:50:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-11-24 22:56:51 | 000,000,000 | ---D | M] [2010-02-17 16:19:43 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\mozilla\Extensions [2010-11-24 23:01:03 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\mozilla\Firefox\Profiles\y4p9czh5.default\extensions [2010-10-25 13:19:10 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\mozilla\Firefox\Profiles\y4p9czh5.default\extensions\autofillForms@blueimp.net [2010-03-15 08:28:16 | 000,001,819 | ---- | M] () -- C:\Users\Michał\AppData\Roaming\Mozilla\FireFox\Profiles\y4p9czh5.default\searchplugins\bing.xml [2010-11-24 23:01:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010-10-25 13:19:05 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-11-06 12:37:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-03-27 18:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll [2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010-10-01 20:25:17 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-10-01 20:25:17 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-10-01 20:25:17 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-10-01 20:25:17 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-10-01 20:25:17 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-10-01 20:25:17 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-11-02 18:28:36 | 000,001,410 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 preactivate.adobe.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 192.150.18.108 O1 - Hosts: 127.0.0.1 activate.adobe.com:443 O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation) O4:[b]64bit:[/b] - HKLM..\Run: [RunDLLEntry] C:\Windows\system32\AmbRunE.DLL File not found O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - Startup: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE Gamer HUD Lite.lnk = C:\Program Files (x86)\GIGABYTE\Gamer HUD Lite\HUD.exe () O4 - Startup: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk = C:\Program Files (x86)\RocketDock\RocketDock.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll () O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.87.36.36 192.87.106.106 O18:[b]64bit:[/b] - Protocol\Handler\dialux {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18 - Protocol\Handler\dialux {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - C:\Program Files (x86)\DIALux\DLXToolBox.dll (DIAL GmbH, Germany) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKU\S-1-5-21-2459495681-4173276582-2486991001-1001 Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-10-25 16:58:10 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-11-24 23:10:46 | 000,000,000 | ---D | C] -- C:\_OTL [2010-11-24 23:10:28 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Michał\Desktop\OTL.exe [2010-11-20 19:28:35 | 000,000,000 | ---D | C] -- C:\Users\Michał\Desktop\brudge [2010-11-16 14:46:58 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Ahead [2010-11-16 14:45:22 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Ahead [2010-11-16 14:45:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead [2010-11-16 14:44:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2010-11-16 14:44:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero [2010-11-16 14:44:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead [2010-11-16 13:45:17 | 000,000,000 | ---D | C] -- C:\Users\Michał\Documents\CyberLink [2010-11-16 13:31:35 | 000,000,000 | ---D | C] -- C:\Users\Michał\Desktop\power dvd 6 [2010-11-15 01:49:10 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\dvdcss [2010-11-14 12:19:11 | 000,000,000 | ---D | C] -- C:\Users\Michał\Desktop\monka [2010-11-12 20:59:05 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Malwarebytes [2010-11-12 20:58:56 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010-11-12 20:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010-11-12 20:58:54 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010-11-12 20:58:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010-11-12 01:03:45 | 002,916,438 | ---- | C] (Robert McNeel & Associates) -- C:\Windows\SysWow64\rcm.dll [2010-11-12 01:03:45 | 002,777,088 | ---- | C] (Robert McNeel & Associates) -- C:\Windows\SysWow64\rhrdk.10.v40.dll [2010-11-12 01:03:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield Shared [2010-11-12 01:03:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASGvis [2010-11-07 18:23:28 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010-11-07 18:23:28 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Adobe Mini Bridge CS5 [2010-11-06 12:38:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2010-11-06 12:37:45 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2010-11-06 12:37:45 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010-11-06 12:37:45 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010-11-06 12:37:45 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010-11-05 11:56:59 | 000,000,000 | ---D | C] -- C:\Users\Michał\Desktop\Store [2010-11-04 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2010-11-04 16:01:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2010-11-04 16:00:47 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010-11-04 16:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework [2010-11-04 16:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2010-11-04 16:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2010-11-04 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2010-11-04 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2010-11-04 15:59:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2010-11-02 18:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2010-11-01 16:37:08 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Osram_Lamp [2010-11-01 00:59:42 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Philips Lighting [2010-10-31 20:01:44 | 000,000,000 | ---D | C] -- C:\Users\Michał\Desktop\icons [2010-10-31 19:54:53 | 000,000,000 | ---D | C] -- C:\Guzzini [2010-10-31 19:52:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Philips Lighting [2010-10-31 19:51:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Philips Lighting [2010-10-31 19:48:15 | 000,000,000 | ---D | C] -- C:\ProgramData\DIALux PlugIns [2010-10-31 19:21:48 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Apps [2010-10-31 00:01:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\DirectX [2010-10-25 15:39:30 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Avira [2010-10-25 14:10:01 | 000,000,000 | ---D | C] -- C:\Users\Michał\Documents\3ds Max 2010 Tutorials [2010-10-25 12:46:58 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2010-10-25 12:46:58 | 000,081,584 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010-10-25 12:46:58 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys [2010-10-25 12:46:58 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys [2010-10-25 12:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010-10-25 10:54:25 | 000,000,000 | -H-D | C] -- C:\$AVG [2010-10-25 10:42:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2010-10-25 10:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10 [2010-10-25 10:41:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2010-10-25 10:38:08 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2010-10-25 03:06:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2010-10-25 02:34:08 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Sunbelt Software [2010-10-25 02:33:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E961CE1B-C3EA-4882-9F67-F859B555D097} [2010-10-24 19:18:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files [2010-10-24 18:51:27 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW [2010-10-24 00:23:38 | 000,000,000 | -HSD | C] -- C:\Program Files\Common Files\log [2010-10-24 00:09:23 | 000,000,000 | -HSD | C] -- C:\Windows\log [2010-10-23 08:15:05 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\StageManager [2010-10-23 08:13:47 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\PACE Anti-Piracy [2010-10-23 08:13:47 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\PACE Anti-Piracy [2010-10-23 08:13:47 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy [2010-10-23 08:13:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PACE Anti-Piracy [2010-10-23 08:13:46 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\NVIDIA [2010-10-23 08:13:44 | 000,000,000 | ---D | C] -- C:\Users\Michał\Documents\Adobe [2010-10-23 08:12:59 | 000,000,000 | ---D | C] -- C:\Users\Michał\Application Data [2010-10-22 13:16:57 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2010-10-22 13:06:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe [2010-10-22 13:06:24 | 000,000,000 | ---D | C] -- C:\Users\Michał\Adobe Flash Builder 4 [2010-10-22 12:05:14 | 000,055,280 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys [2010-10-22 12:05:14 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys [2010-10-22 12:05:14 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys [2010-10-22 12:05:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared [2010-10-22 12:05:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2010-10-22 12:05:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name [2010-10-16 10:13:06 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\HDRsoft [2010-10-14 19:02:11 | 000,000,000 | ---D | C] -- C:\ProgramData\DIALux [2010-10-14 19:02:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DIALux [2010-10-14 19:02:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DIALux [2010-10-01 06:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010-10-01 06:57:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2010-10-01 06:57:35 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2010-10-01 06:56:16 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2010-09-29 23:47:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Feedback Tool [2010-09-27 20:21:33 | 000,000,000 | R--D | C] -- C:\Users\Michał\Documents\My Dropbox [2010-09-27 20:20:25 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Dropbox [2010-09-27 19:33:00 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Thinstall [2010-02-18 23:57:05 | 003,414,528 | ---- | C] (Karol Winnicki) -- C:\Program Files (x86)\BESTplayer.exe [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-11-24 23:22:43 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010-11-24 23:22:43 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010-11-24 23:20:00 | 001,531,304 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010-11-24 23:20:00 | 000,690,494 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2010-11-24 23:20:00 | 000,609,896 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010-11-24 23:20:00 | 000,132,020 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2010-11-24 23:20:00 | 000,104,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010-11-24 23:13:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010-11-24 23:12:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-11-24 23:12:50 | 261,443,582 | -HS- | M] () -- C:\hiberfil.sys [2010-11-24 22:36:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010-11-23 17:38:36 | 019,657,194 | ---- | M] () -- C:\Users\Michał\Documents\vlc-1.1.4-win32.exe [2010-11-20 21:53:27 | 001,122,304 | ---- | M] () -- C:\Users\Michał\Desktop\MAGERE BRUG.indd [2010-11-20 21:48:22 | 001,153,552 | ---- | M] () -- C:\Users\Michał\Desktop\1 page.tif [2010-11-20 17:01:41 | 001,170,199 | ---- | M] () -- C:\Users\Michał\Desktop\P1010997-copy0000.gif [2010-11-20 17:01:41 | 000,001,496 | ---- | M] () -- C:\Users\Michał\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs [2010-11-20 16:56:29 | 006,420,259 | ---- | M] () -- C:\Users\Michał\Desktop\1.jpg [2010-11-18 21:15:38 | 000,038,942 | ---- | M] () -- C:\Users\Michał\Desktop\Bez nazwy-2.png [2010-11-17 21:42:56 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Michał\Desktop\OTL.exe [2010-11-14 22:38:36 | 021,426,176 | ---- | M] () -- C:\Users\Michał\Desktop\bril copy(5).dlx [2010-11-14 21:34:31 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010-11-12 20:58:58 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010-11-09 21:25:15 | 000,000,965 | ---- | M] () -- C:\Users\Michał\Desktop\shift — skrót.lnk [2010-11-08 21:41:19 | 000,007,628 | ---- | M] () -- C:\Users\Michał\AppData\Local\resmon.resmoncfg [2010-11-06 12:33:12 | 000,081,584 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010-11-05 11:09:18 | 015,748,000 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010-11-04 15:49:39 | 000,000,162 | -H-- | M] () -- C:\Users\Michał\Desktop\~$IL Brief.docx [2010-11-04 11:39:52 | 000,000,102 | ---- | M] () -- C:\Windows\Dialux.ini [2010-11-04 11:30:51 | 000,000,236 | ---- | M] () -- C:\Windows\ODBC.INI [2010-11-04 01:59:02 | 000,049,752 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2010-11-02 18:28:36 | 000,001,410 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2010-10-31 19:50:15 | 000,002,078 | ---- | M] () -- C:\Users\Public\Desktop\OSRAM.lnk [2010-10-27 23:47:54 | 000,136,718 | ---- | M] () -- C:\Users\Michał\Desktop\extension_5_3_15.crx [2010-10-27 14:21:53 | 000,000,985 | ---- | M] () -- C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk [2010-10-25 14:08:16 | 000,017,963 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\services [2010-10-25 03:21:04 | 000,000,000 | ---- | M] () -- C:\Users\Michał\microsoft [2010-10-25 02:56:28 | 000,000,371 | ---- | M] () -- C:\Windows\lgfwup.ini [2010-10-23 08:13:47 | 000,000,021 | ---- | M] () -- C:\Windows\SurCode.INI [2010-10-14 19:03:11 | 000,001,871 | ---- | M] () -- C:\Users\Michał\Desktop\DIALux 4.8.lnk [2010-10-13 21:22:59 | 000,004,608 | ---- | M] () -- C:\Users\Michał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-09-29 21:37:30 | 000,057,632 | ---- | M] () -- C:\PA207.DAT [2010-09-27 20:21:33 | 000,001,002 | ---- | M] () -- C:\Users\Michał\Desktop\Dropbox.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-11-23 17:38:19 | 019,657,194 | ---- | C] () -- C:\Users\Michał\Documents\vlc-1.1.4-win32.exe [2010-11-20 21:53:27 | 001,122,304 | ---- | C] () -- C:\Users\Michał\Desktop\MAGERE BRUG.indd [2010-11-20 17:15:19 | 001,153,552 | ---- | C] () -- C:\Users\Michał\Desktop\1 page.tif [2010-11-20 17:01:41 | 000,001,496 | ---- | C] () -- C:\Users\Michał\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs [2010-11-20 17:01:37 | 001,170,199 | ---- | C] () -- C:\Users\Michał\Desktop\P1010997-copy0000.gif [2010-11-20 16:56:25 | 006,420,259 | ---- | C] () -- C:\Users\Michał\Desktop\1.jpg [2010-11-18 21:15:29 | 000,038,942 | ---- | C] () -- C:\Users\Michał\Desktop\Bez nazwy-2.png [2010-11-14 23:04:15 | 021,426,176 | ---- | C] () -- C:\Users\Michał\Desktop\bril copy(5).dlx [2010-11-12 20:58:58 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010-11-12 01:03:45 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\BongoSDK.dll [2010-11-12 01:03:45 | 000,000,096 | ---- | C] () -- C:\Windows\SysWow64\vssver.scc [2010-11-09 21:25:15 | 000,000,965 | ---- | C] () -- C:\Users\Michał\Desktop\shift — skrót.lnk [2010-11-04 15:49:39 | 000,000,162 | -H-- | C] () -- C:\Users\Michał\Desktop\~$IL Brief.docx [2010-11-01 16:18:27 | 000,000,236 | ---- | C] () -- C:\Windows\ODBC.INI [2010-10-31 19:50:15 | 000,002,078 | ---- | C] () -- C:\Users\Public\Desktop\OSRAM.lnk [2010-10-27 23:47:54 | 000,136,718 | ---- | C] () -- C:\Users\Michał\Desktop\extension_5_3_15.crx [2010-10-27 14:21:53 | 000,000,985 | ---- | C] () -- C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk [2010-10-26 15:26:11 | 000,196,608 | ---- | C] () -- C:\Windows\SysWow64\BongoSDK.10.v40.dll [2010-10-25 03:21:04 | 000,000,000 | ---- | C] () -- C:\Users\Michał\microsoft [2010-10-23 08:13:47 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI [2010-10-14 19:03:11 | 000,001,871 | ---- | C] () -- C:\Users\Michał\Desktop\DIALux 4.8.lnk [2010-09-29 23:48:38 | 000,072,533 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2010-09-29 23:48:38 | 000,072,533 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2010-09-27 20:21:33 | 000,001,002 | ---- | C] () -- C:\Users\Michał\Desktop\Dropbox.lnk [2010-09-20 15:37:37 | 000,000,102 | ---- | C] () -- C:\Windows\Dialux.ini [2010-06-13 12:55:36 | 000,020,816 | ---- | C] () -- C:\Users\Michał\AppData\Roaming\UserTile.png [2010-04-25 13:14:41 | 000,000,000 | ---- | C] () -- C:\Windows\Viewer.INI [2010-03-29 18:52:20 | 000,000,029 | ---- | C] () -- C:\Windows\DEBUGSM.INI [2010-03-17 14:39:32 | 000,000,227 | ---- | C] () -- C:\Windows\iepreview.ini [2010-02-28 17:07:09 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll [2010-02-28 16:12:57 | 000,004,608 | ---- | C] () -- C:\Users\Michał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-02-25 23:12:48 | 000,000,083 | ---- | C] () -- C:\Windows\Wwp.INI [2010-02-24 22:24:46 | 000,000,231 | ---- | C] () -- C:\Windows\SysWow64\3dsmax.ini [2010-02-24 22:24:46 | 000,000,043 | ---- | C] () -- C:\Windows\SysWow64\InstallSettings.ini [2010-02-24 17:58:13 | 001,548,506 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010-02-23 23:20:47 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2010-02-23 23:20:47 | 000,000,088 | RHS- | C] () -- C:\ProgramData\65B23FF20A.sys [2010-02-22 14:48:59 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010-02-21 11:51:42 | 000,000,965 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2010-02-18 21:22:54 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2010-02-18 21:22:27 | 000,000,026 | ---- | C] () -- C:\Windows\CDE V200 Ex.ini [2010-02-18 17:58:52 | 000,000,371 | ---- | C] () -- C:\Windows\lgfwup.ini [2010-02-18 17:03:49 | 000,042,284 | ---- | C] () -- C:\Windows\Ascd_log.ini [2010-02-18 17:03:29 | 000,029,871 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2010-02-17 16:29:20 | 000,006,188 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010-02-17 16:24:07 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010-02-17 15:50:12 | 000,170,496 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2010-02-17 15:50:12 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2010-02-17 15:50:12 | 000,002,773 | ---- | C] () -- C:\Windows\FF08_Render_Spk_Hp.ini [2010-02-17 15:50:12 | 000,001,650 | ---- | C] () -- C:\Windows\FF08_Capture.ini [2010-02-17 15:50:12 | 000,001,540 | ---- | C] () -- C:\Windows\FF08_Render.ini [2010-02-17 15:34:59 | 000,007,628 | ---- | C] () -- C:\Users\Michał\AppData\Local\resmon.resmoncfg [2010-02-17 14:22:30 | 000,013,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-02-17 14:03:11 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll [2010-02-17 14:03:11 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2010-02-17 13:44:18 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2007-12-28 08:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2007-11-26 20:56:28 | 000,151,415 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2006-11-02 08:27:46 | 000,000,566 | ---- | C] () -- C:\Windows\SysWow64\SP207.ini [2006-10-09 15:29:22 | 000,032,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\BTNetFilter.sys [color=#E56717]========== LOP Check ==========[/color] [2010-11-24 22:59:01 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\AIMP [2010-02-19 15:47:07 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Apetito.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010-10-25 13:19:09 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Autodesk [2010-10-27 13:56:38 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\BESTplayer [2010-02-24 08:45:46 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Bitstream [2010-02-28 15:47:22 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010-02-20 21:29:34 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\DAEMON Tools Lite [2010-10-25 12:23:20 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Dropbox [2010-03-02 22:47:30 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 [2010-10-25 13:19:09 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\EPSON [2010-10-25 13:19:09 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Gadu-Gadu 10 [2010-11-24 22:56:47 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\GHISLER [2010-10-25 13:19:09 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Graphisoft [2010-10-16 10:13:06 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\HDRsoft [2010-08-26 18:21:36 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\ipla [2010-11-24 22:56:47 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\IrfanView [2010-10-25 13:19:10 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Opera [2010-10-23 08:13:47 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\PACE Anti-Piracy [2010-11-01 00:59:42 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Philips Lighting [2010-11-24 20:15:57 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Spotify [2010-10-23 08:15:05 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\StageManager [2010-11-07 18:23:28 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010-10-25 13:20:30 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Thinstall [2010-04-16 10:42:13 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\TS3Client [2010-05-25 13:55:48 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\uk.co.planetside [2010-11-24 23:23:54 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\uTorrent [2010-09-24 01:09:17 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 1079 bytes -> C:\ProgramData\Microsoft:c92rDuBgQc1WgDKFKFqtZMY @Alternate Data Stream - 1074 bytes -> C:\ProgramData\Microsoft:LF4xMaIcYw9I4vzcrIYE < End of report > [/log] OTL Extras: [log] OTL Extras logfile created on: 2010-11-24 23:14:47 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Michał\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.7930.16406) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 11,00 Gb Total Physical Memory | 9,00 Gb Available Physical Memory | 84,00% Memory free 22,00 Gb Paging File | 20,00 Gb Available in Paging File | 92,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 88,82 Gb Total Space | 15,45 Gb Free Space | 17,39% Space Free | Partition Type: NTFS Drive D: | 11,17 Gb Total Space | 6,45 Gb Free Space | 57,68% Space Free | Partition Type: NTFS Drive E: | 250,00 Gb Total Space | 221,67 Gb Free Space | 88,67% Space Free | Partition Type: NTFS Drive F: | 250,00 Gb Total Space | 130,60 Gb Free Space | 52,24% Space Free | Partition Type: NTFS Drive G: | 331,52 Gb Total Space | 62,41 Gb Free Space | 18,83% Space Free | Partition Type: NTFS Drive M: | 484,98 Mb Total Space | 389,34 Mb Free Space | 80,28% Space Free | Partition Type: FAT32 Computer Name: SCORPION | User Name: Michał | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) .js[@ = jsfile] -- Reg Error: Key error. File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) .js [@ = jsfile] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-21-2459495681-4173276582-2486991001-1001\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [open] -- Reg Error: Key error. piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Bridge] -- G:\Adobe CS5\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Bridge] -- G:\Adobe CS5\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00060000-0000-1004-8002-0000C06B5161}" = WIBU-KEY Setup (WIBU-KEY Remove) "{056B9C5B-2E8D-4EBC-941C-06C78A30ABB3}" = Microsoft_VC80_ATL_x86_x64 "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes "{138D2BE4-7981-4F34-BA23-81B6B99D0DE6}" = Microsoft_VC80_MFCLOC_x86_x64 "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{2A8EEE2F-4A9E-43D8-AA07-EC8A316B2DEB}" = Autodesk Revit Architecture 2010 x64 "{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{3D46855F-7B71-4CF7-A270-62E0E4F05037}" = Microsoft_VC80_CRT_x86_x64 "{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{47A70BC0-BB3E-468B-9E01-56CCD6F2A911}" = Microsoft_VC80_MFC_x86_x64 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5783F2D7-8001-0415-0102-0060B0CE6BBA}" = AutoCAD 2010 - Polski "{5783F2D7-8001-0415-1102-0060B0CE6BBA}" = Pakiet językowy programu AutoCAD 2010 - polski "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{6DA2E7DC-BC1E-4595-83A9-99BAD907AA1C}" = AVG 2011 "{7F05E704-30A6-421A-97A7-8EEB1C7FF011}" = Corel Shell Extension - 64Bit "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010 "{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010 "{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{A9F1B5F6-0EE6-0409-BADD-F8BD360FACC3}" = Autodesk 3ds Max 2010 64-bit "{B9E591DD-DAAC-0409-B1B8-5667E359170B}" = Autodesk 3ds Max 2010 64-bit Components "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "AutoCAD 2010 - Polski" = AutoCAD 2010 - Polski "Autodesk FBX Plugin 2009.4 - 3ds Max 2010 64-bit" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010 64-bit "Autodesk Revit Architecture 2010 x64" = Autodesk Revit Architecture 2010 x64 "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "TeamSpeak 3 Client" = TeamSpeak 3 Client "V-Ray for 3dsmax 2010 for x64" = V-Ray for 3dsmax 2010 for x64 "WinRAR archiver" = Archiwizator WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam "{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection "{1C21A34A-5CBA-4AC2-8EDD-6531C06B520E}" = V-Ray for Rhinoceros "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live "{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20 "{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager "{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}" = Autodesk 3ds Max 2010 32-bit "{33E8C156-B983-46DA-2254-CBB065606066}" = Apetito "{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft VC80 Support DLLs "{39316EDC-804F-4081-9974-0A13BA77E5EF}" = Windows Internet Explorer Platform Preview "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver "{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1 "{40625DE4-DCDB-44FE-84B5-E65F1365BF44}" = V-Ray for Rhinoceros "{4086DF3D-B6CB-4AA5-BF7F-EF1BC0A63BD4}" = PhotoDlx "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = EPSON Event Manager "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E5EE953-0D92-A385-E3A0-FBFCB2DE15AA}" = EA Download Manager UI "{50566374-A1F2-4608-A173-771BEEFABAEE}" = V-Ray for Rhinoceros "{51958BA7-21E4-4A8B-9098-CD8375BD17B2}" = Asystent rejestracji usługi Windows Live "{54DBAF71-635A-45CB-A7DD-7EAB60F5C460}" = V-Ray for Rhinoceros 4.0 "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01) "{55D9E026-DCB0-46FF-B60A-68B972228CF6}" = Autodesk Design Review 2010 "{567EA4E4-B799-4F1C-BFE0-D0381BD8651A}" = OSRAM Lamp PlugIn 1.7.0.0 "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate "{597E70FF-7C46-4EED-8092-91B7C2E0529D}" = Google SketchUp 7 "{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}" = Rhinoceros 4.0 "{60A08432-00DD-0409-AC2C-143C75460878}" = Autodesk 3ds Max 2010 32-bit Components "{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Oprogramowanie "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3 "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX "{6EFFB73F-A7E4-E9BF-3C2F-1AF19A5183F4}" = e-Deklaracje Desktop "{72019134-3A61-4C39-A540-245600C4CDFA}" = Turbo Squid Tentacles 3ds Max 2008 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7FF0ACFE-4346-4D9D-B822-C69B99AAE1FC}" = Microsoft_VC80_MFCLOC_x86 "{80E563B0-BE7C-4768-8783-00C462BD3593}" = Calculux 7.5.0.1 "{818690C7-8DA5-4623-BBA8-A73CFBD44077}" = Sound Blaster X-Fi MB "{81AD9228-21AC-4DBD-AE33-98146A88BAA8}" = Philips Product Selector 5.2.4.0 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX "{8AE28FB8-B8AE-4B58-A5FE-77F45E462BAE}" = Microsoft_VC80_MFC_x86 "{8F85CC2C-4B26-4CF6-B835-DC59BCEDD287}" = Bluesoleil2.7.0.13 VoIP Release 071227 "{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}" = Gamer HUD Lite "{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool "{90AA5CE4-3517-4A50-95BF-B2C88EC41795}" = STAL EXPONENT 1.0.2 "{922A36F5-6663-45C0-A515-B63C4E585195}" = TweakIt "{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{939740B5-0064-4779-854A-8C1086181C05}" = Macromedia FreeHand MXa "{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58 "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9862473C-E063-4C68-A161-2CDE0E8048A5}" = Podstawowe programy Windows Live "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.4 - Polish "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer "{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT "{BDD11F42-6F08-4BB6-B4CA-3258BB58CDD5}" = Speeding HDD "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo "{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5 "{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage "{C541BF6F-EC08-4447-8A5B-2A4801465650}" = V-Ray for Rhinoceros "{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = Trust 100K Series Webcam "{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 1.12 "{CB07E706-5DD7-4093-83A1-1430D5B6FA75}" = Microsoft_VC80_ATL_x86 "{CCBC3666-5199-4702-B052-2C58FCA6EFF9}" = Rhinoceros 4.0 SR4b "{CCEB53A5-A252-4CF3-8602-429AB06BF0AE}" = Terragen "{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library "{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension "{D03E7B00-CA85-4684-9321-1888873C34BD}" = ArcSoft PhotoImpression 6 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D1803CD4-0CE7-4484-98E3-88D7A2D629A4}" = Windows Live Messenger "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D7960C39-E3FD-4B46-8E97-A1E9D128F913}" = Rhinoceros 4.0 SR3 "{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{D98C0C51-F9BB-4EE4-B791-22BF6EE31045}" = Nero 7 Premium "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}" = Autodesk 3ds Max 2010 Tutorials Files "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0 "{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II "{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables "001FFF1FFF13FF00FF1801F00F02F000-R1" = ArchiCAD 13 POL (x86) "Ad-Aware" = Ad-Aware "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AIMP2" = AIMP2 "Akamai" = Akamai NetSession Interface "Apetito.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Apetito "AQQ" = WapSter AQQ "Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.50 "Audacity_is1" = Audacity 1.2.6 "Autodesk Design Review 2010" = Autodesk Design Review 2010 "Autodesk FBX Plugin 2009.4 - 3ds Max 2010" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner "CDex" = CDex - Open Source Digital Audio CD Extractor "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI "CREATIVE KARAOKE PLAYER" = Creative Karaoke Player "DIALux" = DIALux 4.8 "EA Download Manager" = EA Download Manager "ecue HASP SRM Driver V5.2" = ecue HASP SRM Driver V5.2 "ecue Imagine V5.2" = ecue Imagine V5.2 "ecue Library Editor V5.2" = ecue Library Editor V5.2 "ecue Patchelor V5.2" = ecue Patchelor V5.2 "ecue Programmer V5.2" = ecue Programmer V5.2 "e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1" = e-Deklaracje Desktop "eMule Plus_is1" = eMule Plus 1.2e "EPSON PERFECTION V200 PHOTO Przewodnik użytkownika" = EPSON PERFECTION V200 PHOTO Podręcznik "EPSON Scanner" = EPSON Scan "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30 "FBX Plugin 2006.11.1 for Max 2008" = FBX Plugin 2006.11.1 for Max 2008 "FBX Plugin 2006.11.1 for Max 2008 64" = FBX Plugin 2006.11.1 for Max 2008 64 "ffdshow_is1" = ffdshow [rev 3255] [2010-02-08] "Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.1 "Gadu-Gadu 10" = Gadu-Gadu 10 "Google Chrome" = Google Chrome "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "InstallShield_{80E563B0-BE7C-4768-8783-00C462BD3593}" = Calculux 7.5.0.1 "InstallShield_{81AD9228-21AC-4DBD-AE33-98146A88BAA8}" = Philips Product Selector 5.2.4.0 "ipla" = ipla 2.1.5 "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Marvell Miniport Driver" = Marvell Miniport Driver "Mozilla Firefox (3.6.11)" = Mozilla Firefox (3.6.11) "mv61xxDriver" = marvell 61xx "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OVH MoM" = OVH MoM "Pen Tablet Driver" = Pen Tablet "Picasa 3" = Picasa 3 "Pontifex II" = Pontifex II "POV-Ray for Windows v3.6" = POV-Ray for Windows v3.6.0 "PowerISO" = PowerISO "PPS max plugin_is1" = PPS max plugin 1.5.0 "PunkBusterSvc" = PunkBuster Services "RealPlayer 12.0" = RealPlayer "Rhino RDK" = Rhino RDK "RocketDock_is1" = RocketDock 1.3.5 "SopCast" = SopCast 3.2.9 "Spotify" = Spotify "Totalcmd" = Total Commander (Remove or Repair) "uTorrent" = µTorrent "VLC media player" = VLC media player 1.0.5 "WaveStudio 7" = Creative WaveStudio 7 "Wielki słownik angielsko-polski i polsko-angielski PWN-OXFORD" = Wielki słownik angielsko-polski i polsko-angielski PWN-OXFORD "WinLiveSuite_Wave3" = Podstawowe programy Windows Live "Worms World Party" = Worms World Party [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2459495681-4173276582-2486991001-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-10-10 17:06:00 | Computer Name = scorpion | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4c98293e Nazwa modułu powodującego błąd: gcswf32.dll, wersja: 10.1.85.3, sygnatura czasowa: 0x4c91ad25 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0016c324 Identyfikator procesu powodującego błąd: 0x16e8 Godzina uruchomienia aplikacji powodującej błąd: 0x01cb68ad0997d0ca Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Google\Chrome\Application\6.0.472.63\gcswf32.dll Identyfikator raportu: 2e4f5bfc-d4b2-11df-94a3-0015830d20c4 Error - 2010-10-11 03:12:23 | Computer Name = scorpion | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2010-10-11 03:12:30 | Computer Name = scorpion | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\WapSter\wapster aqq\System\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "c:\program files (x86)\WapSter\wapster aqq\System\DelZip179.dll" w wierszu 8. Wartość "*" atrybutu "language" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2010-10-12 12:19:41 | Computer Name = scorpion | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2010-10-12 12:19:48 | Computer Name = scorpion | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\WapSter\wapster aqq\System\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "c:\program files (x86)\WapSter\wapster aqq\System\DelZip179.dll" w wierszu 8. Wartość "*" atrybutu "language" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2010-10-13 13:33:21 | Computer Name = scorpion | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2010-10-13 13:33:26 | Computer Name = scorpion | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\WapSter\wapster aqq\System\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "c:\program files (x86)\WapSter\wapster aqq\System\DelZip179.dll" w wierszu 8. Wartość "*" atrybutu "language" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2010-10-13 17:07:35 | Computer Name = scorpion | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4c98293e Nazwa modułu powodującego błąd: gcswf32.dll, wersja: 10.1.85.3, sygnatura czasowa: 0x4c91ad25 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0016c324 Identyfikator procesu powodującego błąd: 0x145c Godzina uruchomienia aplikacji powodującej błąd: 0x01cb6b0e6035c62f Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Google\Chrome\Application\6.0.472.63\gcswf32.dll Identyfikator raportu: e6240503-d70d-11df-9514-0015830d20c4 Error - 2010-10-14 13:58:10 | Computer Name = scorpion | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: AcroRd32.exe, wersja: 9.3.3.177, sygnatura czasowa: 0x4c1d77af Nazwa modułu powodującego błąd: ole32.dll, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bdac7 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0002f2c2 Identyfikator procesu powodującego błąd: 0x14f0 Godzina uruchomienia aplikacji powodującej błąd: 0x01cb6bc955c81eb0 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe Ścieżka modułu powodującego błąd: C:\Windows\syswow64\ole32.dll Identyfikator raportu: 9a804352-d7bc-11df-9483-0015830d20c4 Error - 2010-10-14 14:48:25 | Computer Name = scorpion | Source = Application Hang | ID = 1002 Description = Program chrome.exe w wersji 0.0.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 1084 Godzina rozpoczęcia: 01cb6bb57cfac48b Godzina zakończenia: 4 Ścieżka aplikacji: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Identyfikator raportu: 9844eb3c-d7c3-11df-9483-0015830d20c4 [ System Events ] Error - 2010-11-24 18:10:48 | Computer Name = scorpion | Source = Service Control Manager | ID = 7031 Description = Usługa Wstępne ładowanie do pamięci niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2010-11-24 18:10:48 | Computer Name = scorpion | Source = Service Control Manager | ID = 7031 Description = Usługa Usługa wprowadzania na komputerze typu Tablet niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2010-11-24 18:10:48 | Computer Name = scorpion | Source = Service Control Manager | ID = 7031 Description = Usługa Klient śledzenia łączy rozproszonych niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2010-11-24 18:10:48 | Computer Name = scorpion | Source = Service Control Manager | ID = 7031 Description = Usługa Menedżer sesji Menedżera okien pulpitu niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2010-11-24 18:10:48 | Computer Name = scorpion | Source = Service Control Manager | ID = 7034 Description = Usługa Host systemu diagnostyki niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-11-24 18:10:48 | Computer Name = scorpion | Source = Service Control Manager | ID = 7031 Description = Usługa Usługa modułu wyliczającego urządzenia przenośne niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2010-11-24 18:10:48 | Computer Name = scorpion | Source = Service Control Manager | ID = 7031 Description = Usługa Windows Driver Foundation — User-mode Driver Framework niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2010-11-24 18:13:02 | Computer Name = scorpion | Source = Service Control Manager | ID = 7001 Description = Usługa Moduły obsługi kluczy IPsec IKE i AuthIP zależy od usługi Podstawowy aparat filtrowania, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2010-11-24 18:13:03 | Computer Name = scorpion | Source = Service Control Manager | ID = 7001 Description = Usługa Agent zasad IPsec zależy od usługi Podstawowy aparat filtrowania, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2010-11-24 18:18:03 | Computer Name = scorpion | Source = Service Control Manager | ID = 7022 Description = Usługa Windows Update zawiesiła się podczas uruchamiania. < End of report > [/log] RSIT: [log] Logfile of random's system information tool 1.08 (written by random/random) Run by Michał at 2010-11-24 23:25:23 Microsoft Windows 7 Ultimate System drive C: has 16 GB (17%) free of 91 GB Total RAM: 11255 MB (85% free) HijackThis download failed ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2009-07-13 36864] "EEventManager"=C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe [2006-10-12 102400] "avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-11-06 281768] "AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] "TkBellExe"=C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe [2010-02-22 202256] "RemoteControl"=C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [2005-01-12 32768] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AdobeBridge"= [] "Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2009-07-14 1173504] "uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2010-02-18 319280] "RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-05-16 153136] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup OfficeSAS.lnk - C:\Program Files (x86)\Microsoft Office\Office14\OfficeSAS\officeSASscheduler.exe C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup GIGABYTE Gamer HUD Lite.lnk - C:\Program Files (x86)\GIGABYTE\Gamer HUD Lite\HUD.exe RocketDock.lnk - C:\Program Files (x86)\RocketDock\RocketDock.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - .scr - open - C:\Windows\system32\notepad.exe "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2010-11-24 23:25:23 ----D---- C:\rsit 2010-11-24 23:10:46 ----D---- C:\_OTL 2010-11-16 14:45:22 ----D---- C:\Users\Michał\AppData\Roaming\Ahead 2010-11-16 14:45:15 ----D---- C:\ProgramData\Ahead 2010-11-16 14:44:50 ----D---- C:\ProgramData\Nero 2010-11-16 14:44:50 ----D---- C:\Program Files (x86)\Nero 2010-11-16 14:44:50 ----D---- C:\Program Files (x86)\Common Files\Ahead 2010-11-15 01:49:10 ----D---- C:\Users\Michał\AppData\Roaming\dvdcss 2010-11-12 20:59:05 ----D---- C:\Users\Michał\AppData\Roaming\Malwarebytes 2010-11-12 20:58:56 ----A---- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys 2010-11-12 20:58:55 ----D---- C:\ProgramData\Malwarebytes 2010-11-12 20:58:54 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2010-11-12 01:03:45 ----A---- C:\Windows\SysWOW64\rhrdk.10.v40.dll 2010-11-12 01:03:45 ----A---- C:\Windows\SysWOW64\rcm.dll 2010-11-12 01:03:45 ----A---- C:\Windows\SysWOW64\BongoSDK.dll 2010-11-12 01:03:27 ----D---- C:\Program Files (x86)\Common Files\InstallShield Shared 2010-11-12 01:03:21 ----D---- C:\Program Files (x86)\ASGvis 2010-11-07 18:23:28 ----D---- C:\Users\Michał\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2010-11-07 18:23:28 ----D---- C:\Users\Michał\AppData\Roaming\Adobe Mini Bridge CS5 2010-11-06 12:38:32 ----D---- C:\Program Files (x86)\Common Files\Java 2010-11-06 12:37:45 ----A---- C:\Windows\SysWOW64\javaws.exe 2010-11-06 12:37:45 ----A---- C:\Windows\SysWOW64\javaw.exe 2010-11-06 12:37:45 ----A---- C:\Windows\SysWOW64\java.exe 2010-11-06 12:37:45 ----A---- C:\Windows\SysWOW64\deployJava1.dll 2010-11-04 16:00:47 ----D---- C:\Windows\PCHEALTH 2010-11-04 16:00:13 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8 2010-11-04 15:59:37 ----D---- C:\Program Files (x86)\Microsoft Analysis Services 2010-11-02 18:02:13 ----D---- C:\ProgramData\ALM 2010-11-01 16:18:27 ----A---- C:\Windows\ODBC.INI 2010-11-01 00:59:42 ----D---- C:\Users\Michał\AppData\Roaming\Philips Lighting 2010-10-31 19:54:53 ----D---- C:\Guzzini 2010-10-31 19:52:36 ----D---- C:\Program Files (x86)\Common Files\Philips Lighting 2010-10-31 19:51:27 ----D---- C:\Program Files (x86)\Philips Lighting 2010-10-31 19:48:15 ----D---- C:\ProgramData\DIALux PlugIns 2010-10-31 00:01:00 ----D---- C:\Windows\SysWOW64\DirectX 2010-10-26 15:26:11 ----A---- C:\Windows\SysWOW64\BongoSDK.10.v40.dll 2010-10-25 15:39:30 ----D---- C:\Users\Michał\AppData\Roaming\Avira 2010-10-25 12:46:58 ----A---- C:\Windows\SysWOW64\drivers\avgntmgr.sys 2010-10-25 12:46:58 ----A---- C:\Windows\SysWOW64\drivers\avgntdd.sys 2010-10-25 12:46:57 ----D---- C:\ProgramData\Avira 2010-10-25 10:54:25 ----HD---- C:\$AVG 2010-10-25 10:42:34 ----HD---- C:\ProgramData\Common Files 2010-10-25 10:42:12 ----D---- C:\ProgramData\AVG10 2010-10-25 10:41:52 ----D---- C:\Program Files (x86)\AVG 2010-10-25 10:38:08 ----D---- C:\ProgramData\MFAData 2010-10-25 03:06:23 ----D---- C:\Program Files (x86)\Trend Micro 2010-10-25 02:33:39 ----HDC---- C:\ProgramData\{E961CE1B-C3EA-4882-9F67-F859B555D097} ======List of files/folders modified in the last 1 months====== 2010-11-24 23:24:56 ----D---- C:\Users\Michał\AppData\Roaming\uTorrent 2010-11-24 23:20:00 ----D---- C:\Windows\System32 2010-11-24 23:19:59 ----D---- C:\Windows\inf 2010-11-24 23:15:37 ----D---- C:\Windows\Temp 2010-11-24 23:13:05 ----D---- C:\Program Files (x86)\Common Files\Akamai 2010-11-24 23:13:03 ----D---- C:\ProgramData\NVIDIA 2010-11-24 23:10:59 ----D---- C:\Windows 2010-11-24 23:10:50 ----RD---- C:\Program Files (x86) 2010-11-24 23:10:50 ----RD---- C:\Program Files 2010-11-24 23:06:22 ----D---- C:\Windows\Prefetch 2010-11-24 23:01:44 ----SHD---- C:\Windows\Installer 2010-11-24 23:01:43 ----HD---- C:\Config.Msi 2010-11-24 23:01:31 ----SHD---- C:\System Volume Information 2010-11-24 23:01:03 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar 2010-11-24 22:59:01 ----D---- C:\Users\Michał\AppData\Roaming\AIMP 2010-11-24 22:56:57 ----D---- C:\Program Files (x86)\AIMP2 2010-11-24 22:56:56 ----D---- C:\Program Files (x86)\Common Files\Adobe 2010-11-24 22:56:53 ----D---- C:\Program Files (x86)\Common Files\microsoft shared 2010-11-24 22:56:53 ----D---- C:\Program Files (x86)\Common Files\McNeel Shared 2010-11-24 22:56:53 ----D---- C:\Program Files (x86)\Common Files\DIALux 2010-11-24 22:56:52 ----D---- C:\Program Files (x86)\DIALux 2010-11-24 22:56:52 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine 2010-11-24 22:56:52 ----D---- C:\Program Files (x86)\Common Files 2010-11-24 22:56:51 ----D---- C:\Program Files (x86)\MSBuild 2010-11-24 22:56:49 ----D---- C:\Program Files (x86)\RocketDock 2010-11-24 22:56:48 ----D---- C:\ProgramData\Microsoft Help 2010-11-24 22:56:48 ----D---- C:\ProgramData\FLEXnet 2010-11-24 22:56:47 ----D---- C:\Windows\AppCompat 2010-11-24 22:56:47 ----D---- C:\Users\Michał\AppData\Roaming\vlc 2010-11-24 22:56:47 ----D---- C:\Users\Michał\AppData\Roaming\IrfanView 2010-11-24 22:56:47 ----D---- C:\Users\Michał\AppData\Roaming\GHISLER 2010-11-24 22:56:46 ----RSD---- C:\Windows\Fonts 2010-11-24 22:56:46 ----RSD---- C:\Windows\assembly 2010-11-24 22:56:46 ----D---- C:\Windows\ehome 2010-11-24 22:56:45 ----D---- C:\Windows\Tasks 2010-11-24 22:56:45 ----D---- C:\Windows\SysWOW64\Macromed 2010-11-24 22:56:45 ----D---- C:\Windows\SysWOW64\drivers 2010-11-24 22:56:45 ----D---- C:\Windows\SysWOW64 2010-11-24 22:56:45 ----D---- C:\Windows\ShellNew 2010-11-24 22:56:45 ----D---- C:\Windows\registration 2010-11-24 20:44:34 ----D---- C:\Users\Michał\AppData\Roaming\Skype 2010-11-24 20:15:57 ----D---- C:\Users\Michał\AppData\Roaming\Spotify 2010-11-24 20:14:02 ----D---- C:\Users\Michał\AppData\Roaming\skypePM 2010-11-20 17:40:25 ----SD---- C:\Users\Michał\AppData\Roaming\Microsoft 2010-11-16 14:45:15 ----HD---- C:\ProgramData 2010-11-16 13:44:55 ----D---- C:\Program Files (x86)\CyberLink 2010-11-16 13:44:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2010-11-14 23:14:56 ----A---- C:\vraylog.txt 2010-11-14 21:34:31 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe 2010-11-12 01:06:56 ----D---- C:\ProgramData\McNeel 2010-11-12 00:56:39 ----D---- C:\Program Files (x86)\Rhinoceros 4.0 2010-11-06 12:37:41 ----D---- C:\Program Files (x86)\Java 2010-11-04 19:16:10 ----D---- C:\Windows\Microsoft.NET 2010-11-04 16:00:47 ----ASD---- C:\ProgramData\Microsoft 2010-11-04 15:59:58 ----A---- C:\Windows\win.ini 2010-11-04 15:59:19 ----D---- C:\Program Files (x86)\Microsoft Office 2010-11-04 15:52:12 ----D---- C:\Program Files (x86)\Common Files\Designer 2010-11-04 15:51:23 ----D---- C:\Program Files (x86)\Common Files\System 2010-11-04 11:39:52 ----A---- C:\Windows\Dialux.ini 2010-11-02 18:30:16 ----D---- C:\ProgramData\regid.1986-12.com.adobe 2010-11-02 18:17:00 ----D---- C:\Users\Michał\AppData\Roaming\Adobe 2010-11-02 18:15:26 ----D---- C:\ProgramData\Adobe 2010-11-02 16:51:34 ----D---- C:\Program Files (x86)\Adobe 2010-11-02 16:26:58 ----D---- C:\totalcmd 2010-11-02 14:14:43 ----D---- C:\Windows\winsxs 2010-11-02 14:13:17 ----D---- C:\Program Files (x86)\CCleaner 2010-10-31 19:48:17 ----D---- C:\ProgramData\DIALux 2010-10-27 16:13:31 ----D---- C:\Program Files (x86)\Pontifex II 2010-10-27 13:56:38 ----D---- C:\Users\Michał\AppData\Roaming\BESTplayer 2010-10-27 13:27:37 ----D---- C:\Windows\pss 2010-10-26 13:24:48 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2010-10-25 16:58:10 ----D---- C:\Autodesk 2010-10-25 15:01:23 ----D---- C:\Windows\Help 2010-10-25 15:00:38 ----D---- C:\Program Files (x86)\Common Files\Autodesk Shared 2010-10-25 15:00:26 ----D---- C:\Windows\Downloaded Program Files 2010-10-25 15:00:19 ----D---- C:\ProgramData\Autodesk 2010-10-25 13:20:59 ----D---- C:\Windows\SysWOW64\wbem 2010-10-25 13:20:30 ----D---- C:\Users\Michał\AppData\Roaming\Thinstall 2010-10-25 13:20:22 ----D---- C:\Program Files (x86)\Avira 2010-10-25 13:19:27 ----D---- C:\Windows\Web 2010-10-25 13:19:27 ----D---- C:\Windows\Vss 2010-10-25 13:19:27 ----D---- C:\Windows\twain_32 2010-10-25 13:19:27 ----D---- C:\Windows\SysWOW64\XPSViewer 2010-10-25 13:19:26 ----D---- C:\Windows\SysWOW64\winrm 2010-10-25 13:19:26 ----D---- C:\Windows\SysWOW64\WindowsPowerShell 2010-10-25 13:19:26 ----D---- C:\Windows\SysWOW64\wdi 2010-10-25 13:19:26 ----D---- C:\Windows\SysWOW64\WCN 2010-10-25 13:19:26 ----D---- C:\Windows\SysWOW64\spp 2010-10-25 13:19:26 ----D---- C:\Windows\SysWOW64\spool 2010-10-25 13:19:26 ----D---- C:\Windows\SysWOW64\Speech 2010-10-25 13:19:26 ----D---- C:\Windows\SysWOW64\slmgr 2010-10-25 13:19:25 ----D---- C:\Windows\SysWOW64\Printing_Admin_Scripts 2010-10-25 13:19:25 ----D---- C:\Windows\SysWOW64\pl-PL 2010-10-25 13:19:25 ----D---- C:\Windows\SysWOW64\PhotoImpression Slideshow 2010-10-25 13:19:24 ----D---- C:\Windows\SysWOW64\NetworkList 2010-10-25 13:19:24 ----D---- C:\Windows\SysWOW64\MUI 2010-10-25 13:19:24 ----D---- C:\Windows\SysWOW64\Msdtc 2010-10-25 13:19:24 ----D---- C:\Windows\SysWOW64\migwiz 2010-10-25 13:19:24 ----D---- C:\Windows\SysWOW64\migration 2010-10-25 13:19:23 ----D---- C:\Windows\SysWOW64\InstallShield 2010-10-25 13:19:23 ----D---- C:\Windows\SysWOW64\IME 2010-10-25 13:19:23 ----D---- C:\Windows\SysWOW64\Futuremark 2010-10-25 13:19:23 ----D---- C:\Windows\SysWOW64\DriverStore 2010-10-25 13:19:23 ----D---- C:\Windows\SysWOW64\Dism 2010-10-25 13:19:23 ----D---- C:\Windows\SysWOW64\config 2010-10-25 13:19:23 ----D---- C:\Windows\SysWOW64\com 2010-10-25 13:19:13 ----RSD---- C:\Windows\Media 2010-10-25 13:19:13 ----D---- C:\Windows\Speech 2010-10-25 13:19:13 ----D---- C:\Windows\Setup 2010-10-25 13:19:13 ----D---- C:\Windows\servicing 2010-10-25 13:19:13 ----D---- C:\Windows\ServiceProfiles 2010-10-25 13:19:13 ----D---- C:\Windows\security 2010-10-25 13:19:13 ----D---- C:\Windows\schemas 2010-10-25 13:19:13 ----D---- C:\Windows\Resources 2010-10-25 13:19:13 ----D---- C:\Windows\rescache 2010-10-25 13:19:13 ----D---- C:\Windows\RaidTool 2010-10-25 13:19:13 ----D---- C:\Windows\PolicyDefinitions 2010-10-25 13:19:13 ----D---- C:\Windows\PLA 2010-10-25 13:19:13 ----D---- C:\Windows\PixArt 2010-10-25 13:19:13 ----D---- C:\Windows\Performance 2010-10-25 13:19:12 ----D---- C:\Windows\IME 2010-10-25 13:19:12 ----D---- C:\Windows\Globalization 2010-10-25 13:19:12 ----D---- C:\Windows\diagnostics 2010-10-25 13:19:12 ----D---- C:\Windows\CtDrvInstall 2010-10-25 13:19:12 ----D---- C:\Windows\Branding 2010-10-25 13:19:12 ----D---- C:\Windows\Boot 2010-10-25 13:19:12 ----D---- C:\Windows\AsusInstAll 2010-10-25 13:19:10 ----D---- C:\Windows\AsDmiHtm 2010-10-25 13:19:10 ----D---- C:\Windows\AppPatch 2010-10-25 13:19:10 ----D---- C:\Users\Michał\AppData\Roaming\Real 2010-10-25 13:19:10 ----D---- C:\Users\Michał\AppData\Roaming\Opera 2010-10-25 13:19:10 ----D---- C:\Users\Michał\AppData\Roaming\Mozilla 2010-10-25 13:19:09 ----D---- C:\Users\Michał\AppData\Roaming\Macromedia 2010-10-25 13:19:09 ----D---- C:\Users\Michał\AppData\Roaming\Graphisoft 2010-10-25 13:19:09 ----D---- C:\Users\Michał\AppData\Roaming\Gadu-Gadu 10 2010-10-25 13:19:09 ----D---- C:\Users\Michał\AppData\Roaming\EPSON 2010-10-25 13:19:09 ----D---- C:\Users\Michał\AppData\Roaming\Corel 2010-10-25 13:19:09 ----D---- C:\Users\Michał\AppData\Roaming\Autodesk 2010-10-25 13:19:08 ----D---- C:\Team17 2010-10-25 13:19:08 ----D---- C:\ProgramData\Temp 2010-10-25 13:19:08 ----D---- C:\ProgramData\Skype 2010-10-25 13:19:08 ----D---- C:\ProgramData\Real 2010-10-25 13:19:08 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2010-10-25 13:19:07 ----D---- C:\ProgramData\Lavasoft 2010-10-25 13:19:07 ----D---- C:\ProgramData\Kaspersky Lab Setup Files 2010-10-25 13:19:07 ----D---- C:\ProgramData\Gadu-Gadu 10 2010-10-25 13:19:07 ----D---- C:\ProgramData\Electronic Arts 2010-10-25 13:19:07 ----D---- C:\ProgramData\CyberLink 2010-10-25 13:19:07 ----D---- C:\ProgramData\Creative 2010-10-25 13:19:07 ----D---- C:\ProgramData\Apple Computer 2010-10-25 13:19:07 ----D---- C:\ProgramData\Apple 2010-10-25 13:19:05 ----RD---- C:\Program Files (x86)\Skype 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Windows Sidebar 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Windows Photo Viewer 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Windows NT 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Windows Media Player 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Windows Mail 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Windows Live 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Windows Defender 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\WIBUKEY 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\WapSter 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\VideoLAN 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Trust 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Tablet 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\SopCast 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Safari 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Reference Assemblies 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Real 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\QuickTime 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\PWN 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\POV-Ray for Windows v3.6 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\PDFCreator 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\OVH 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Opera 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Mozilla Firefox 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Microsoft.NET 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0 2010-10-25 13:19:05 ----D---- C:\Program Files (x86)\Microsoft 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Microsoft SDKs 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\MAXON.CINEMA.4D.Studio.Bundle.v10.111.Multilanguage 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Marvell 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Macromedia 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\lg_fwupdate 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Lavasoft 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Lavalys 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\K-Lite Codec Pack 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\IVT Corporation 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\iTunes 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\IrfanView 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Internet Explorer Platform Preview 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Internet Explorer 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Intel 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Infer Engineering 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Graphisoft 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Google 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\GIGABYTE 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Gadu-Gadu 10 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Futuremark 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\ffdshow 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Feedback Tool 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\epson 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\eMule 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\Electronic Arts 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\e-Deklaracje 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\ecue 2010-10-25 13:19:04 ----D---- C:\Program Files (x86)\DAEMON Tools Lite 2010-10-25 13:19:03 ----HD---- C:\Program Files (x86)\Creative Installation Information 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Creative 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\xing shared 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Windows Live 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\SpeechEngines 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Sonic Shared 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Real 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\PAC207 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Macrovision Shared 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Macromedia Shared 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\InstallShield 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Graphisoft Shared 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Futuremark Shared 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Creative Labs Shared 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Creative 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Corel 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\ArcSoft 2010-10-25 13:19:03 ----D---- C:\Program Files (x86)\Common Files\Apple 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\CDex_150 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\CDex 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\blender-2.49b-win64-python26 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\Autodesk 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\Audacity 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\ASUS 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\Ashampoo 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\ArcSoft 2010-10-25 13:19:01 ----D---- C:\Program Files (x86)\Apple Software Update 2010-10-25 13:19:00 ----RHD---- C:\MSOCache 2010-10-25 13:19:00 ----D---- C:\Program Files (x86)\Analog Devices 2010-10-25 13:19:00 ----D---- C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint 2010-10-25 13:19:00 ----D---- C:\NVIDIA 2010-10-25 13:19:00 ----D---- C:\Live! Cam 2010-10-25 13:18:58 ----SHD---- C:\$Recycle.Bin 2010-10-25 13:18:58 ----RD---- C:\32788R22FWJFW 2010-10-25 12:23:20 ----D---- C:\Users\Michał\AppData\Roaming\Dropbox 2010-10-25 03:09:03 ----D---- C:\Program Files (x86)\SystemRequirementsLab 2010-10-25 02:56:28 ----A---- C:\Windows\lgfwup.ini 2010-10-25 02:39:55 ----D---- C:\Users\Michał\AppData\Roaming\WTablet ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys [2007-03-05 24976] R0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys [2007-03-05 49680] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [] R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [] R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [] R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [] R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440] R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [] R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys [] R2 adfs;adfs; C:\Windows\SysWOW64\drivers\adfs.sys [] R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [] R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [] R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [] R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys [] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [] R3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2007-06-24 37896] R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-06-24 37384] R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2007-03-05 25360] R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-06-24 47368] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [] R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2010-11-04 17440] R3 MCfilt;MCfilt; C:\Windows\system32\drivers\MCfilt64.sys [] R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [] R3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [] R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 47120] R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2007-03-05 63248] R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [] R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [] R3 WacomVKHid;Virtual Keyboard Driver; C:\Windows\system32\DRIVERS\WacomVKHid.sys [] S1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys [] S3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-09-18 22784] S3 ALSysIO;ALSysIO; \??\C:\Users\MICHA~1\AppData\Local\Temp\ALSysIO64.sys [] S3 BthEnum;Usługa wyliczania Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [] S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [] S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [] S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [] S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [] S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [] S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [] S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [] S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 57xx SteelVine Manager;57xx SteelVine; C:\Program Files (x86)\ASUS\Speeding HDD\SteelVine.exe [2008-05-29 1286144] R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [] R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-11-06 135336] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-11-06 267944] R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-08-19 90112] R2 Bonjour Service;Usługa Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-07-27 345376] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200] R2 hasplms;HASP License Manager; C:\Windows\system32\hasplms.exe -run [] R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-11-24 1375992] R2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit; C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-03-12 86016] R2 mi-raysat_3dsmax2010_64;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit; C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe [2009-03-12 86016] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936] R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-18 135664] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 544768] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-04-09 1436424] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-21 655624] S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 InstallShield Licensing Service;InstallShield Licensing Service; C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [2010-11-12 78536] S3 iPod Service;Usługa iPod; C:\Program Files\iPod\bin\iPodService.exe [] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888] S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672] S4 Autodesk Network Licensing Service;Autodesk Network Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [2008-06-13 1539224] S4 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe [2007-12-27 166520] S4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-02-17 79360] S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-02-17 79360] S4 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2010-02-28 68096] S4 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-11-14 66872] S4 Start BT in service;Start BT in service; C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-12-27 51816] S4 TabletServicePen;TabletServicePen; C:\Windows\system32\Pen_Tablet.exe [] -----------------EOF----------------- [/log] RSIT info: [log] info.txt logfile of random's system information tool 1.08 2010-11-24 23:25:25 ======Uninstall list====== -->"C:\Program Files (x86)\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /nolog/l0x0009 -->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /nolog/l0x0009 -->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /nolog/l0x0009 -->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /nolog/l0x0009 -->"C:\Program Files (x86)\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /nolog/l0x0009 -->C:\Program Files (x86)\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL -->C:\Windows\UNNeroShowTime.exe /UNINSTALL -->C:\Windows\UNNeroVision.exe /UNINSTALL -->C:\Windows\UNRecode.exe /UNINSTALL -->MsiExec /X{8A809006-C25A-4A3A-9DAB-94659BCDB107} -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6F3684E3-0FA0-4443-B97D-65117730222E}\setup.exe" -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DCCC08BD-FC52-4AEB-ACF8-6A5C06550468}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9 /remove µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL 3DMark Vantage-->C:\Program Files (x86)\InstallShield Installation Information\{C40C3C3D-97CF-44B5-836C-766E374464B3}\setup.exe -runfromtemp -l0x0009 -removeonly ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07} Ad-Aware-->"C:\ProgramData\{E961CE1B-C3EA-4882-9F67-F859B555D097}\Ad-AwareInstall.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\ProgramData\{E961CE1B-C3EA-4882-9F67-F859B555D097}\Ad-AwareInstall.exe Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D} Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} Adobe Creative Suite 5 Master Collection-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{6E9EF98E-259E-416D-B5F8-0ABDB99942CE} Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C} Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C} Adobe Reader 9.3.4 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A93000000001} AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4} AIMP2-->C:\Program Files (x86)\AIMP2\Uninstall.exe Akamai NetSession Interface-->C:\Program Files (x86)\Common Files\Akamai\uninstall.exe Apetito-->msiexec /qb /x {33E8C156-B983-46DA-2254-CBB065606066} Apetito-->MsiExec.exe /I{33E8C156-B983-46DA-2254-CBB065606066} Apple Application Support-->MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} ArchiCAD 13 POL (x86)-->C:\Program Files (x86)\Graphisoft\ArchiCAD 13\Uninstall.AC\uninstaller.exe ArcSoft PhotoImpression 6-->C:\Program Files (x86)\InstallShield Installation Information\{D03E7B00-CA85-4684-9321-1888873C34BD}\SETUP.EXE -runfromtemp -l0x0009 -removeonly Ashampoo WinOptimizer 6.50-->"C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\unins000.exe" ASUSUpdate-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\Setup.exe" -l0x9 Asystent rejestracji usługi Windows Live-->MsiExec.exe /I{51958BA7-21E4-4A8B-9098-CD8375BD17B2} Audacity 1.2.6-->"C:\Program Files (x86)\Audacity\unins000.exe" Autodesk 3ds Max 2010 32-bit Components-->MsiExec.exe /I{60A08432-00DD-0409-AC2C-143C75460878} Autodesk 3ds Max 2010 32-bit-->MsiExec.exe /I{317AC0C7-FEBF-0409-87A3-4FC70D0ED900} Autodesk 3ds Max 2010 Tutorials Files-->MsiExec.exe /I{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00} Autodesk Backburner 2008.1-->MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379} Autodesk Design Review 2010-->C:\Program Files (x86)\Autodesk\Autodesk Design Review\Setup\Setup.exe /P {55D9E026-DCB0-46FF-B60A-68B972228CF6} /M ADR Autodesk FBX Plugin 2009.4 - 3ds Max 2010-->C:\Program Files (x86)\Autodesk\FBX\FBXPlugins\2009.4\3ds Max 2010\Uninstall.exe Autodesk Material Library 2011 Base Image library-->MsiExec.exe /I{CD1E078C-A6B9-47DA-B035-6365C85C7832} Autodesk Material Library 2011-->MsiExec.exe /I{9DEABCB6-B759-4D52-92F8-51B34A2B4D40} Avira AntiVir Personal - Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE Bluesoleil2.7.0.13 VoIP Release 071227-->MsiExec.exe /X{8F85CC2C-4B26-4CF6-B835-DC59BCEDD287} Calculux 7.5.0.1-->C:\Program Files (x86)\InstallShield Installation Information\{80E563B0-BE7C-4768-8783-00C462BD3593}\setup.exe -runfromtemp -l0x0409 CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe" CDex - Open Source Digital Audio CD Extractor-->C:\Program Files (x86)\CDex\uninstall.exe CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->c:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\Uninst.exe CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->MsiExec.exe /X{CE2DA11A-917F-4CF5-AB55-755EC115DD10} Creative Karaoke Player-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DCCC08BD-FC52-4AEB-ACF8-6A5C06550468}\setup.exe" -l0x9 /remove Creative MediaSource 5-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\setup.exe" -l0x9 /remove Creative WaveStudio 7-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9 /remove DIALux 4.8-->"C:\Windows\DIALux\uninstall.exe" "/U:C:\Program Files (x86)\DIALux\Uninstall\uninstall.xml" EA Download Manager UI-->msiexec /qb /x {4E5EE953-0D92-A385-E3A0-FBFCB2DE15AA} EA Download Manager UI-->MsiExec.exe /I{4E5EE953-0D92-A385-E3A0-FBFCB2DE15AA} EA Download Manager-->C:\Program Files (x86)\Electronic Arts\EADM\EADMUninstall.exe ecue HASP SRM Driver V5.2-->C:\Program Files (x86)\ecue\HASP SRM Driver V5.2\uninst.exe ecue Imagine V5.2-->C:\Program Files (x86)\ecue\Imagine V5.2\uninst.exe ecue Library Editor V5.2-->C:\Program Files (x86)\ecue\Library Editor V5.2\uninst.exe ecue Patchelor V5.2-->C:\Program Files (x86)\ecue\Patchelor V5.2\uninst.exe ecue Programmer V5.2-->C:\Program Files (x86)\ecue\Programmer V5.2\uninst.exe e-Deklaracje Desktop-->msiexec /qb /x {6EFFB73F-A7E4-E9BF-3C2F-1AF19A5183F4} e-Deklaracje Desktop-->MsiExec.exe /I{6EFFB73F-A7E4-E9BF-3C2F-1AF19A5183F4} eMule Plus 1.2e-->"C:\Program Files (x86)\eMule\unins000.exe" EPSON Attach To Email-->C:\Program Files (x86)\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG EPSON Copy Utility 3-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x9 -UnInstall EPSON Event Manager-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{48F22622-1CC2-4A83-9C1E-644DD96F832D}\Setup.exe" -l0x9 -u EPSON File Manager-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}\Setup.exe" -l0x9 UNINST EPSON PERFECTION V200 PHOTO Podręcznik-->C:\Program Files (x86)\EPSON\TPMANUAL\PerfV200\POL\USE_G\DOCUNINS.EXE EPSON Scan Assistant-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x9 -u EPSON Scan-->C:\Program Files (x86)\epson\escndv\setup\setup.exe /r EVEREST Ultimate Edition v5.30-->"C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\unins000.exe" FARO LS 1.1.406.58-->MsiExec.exe /I{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C} FBX Plugin 2006.11.1 for Max 2008 64-->C:\Program Files (x86)\Autodesk\FBX\FbxPlugins\2006.11.1\Max2008_64\Uninstall.exe FBX Plugin 2006.11.1 for Max 2008-->C:\Program Files (x86)\Autodesk\FBX\FbxPlugins\2006.11.1\Max2008\Uninstall.exe Feedback Tool-->MsiExec.exe /I{90024193-9F13-4877-89D5-A1CDF0CBBF28} ffdshow [rev 3255] [2010-02-08]-->"C:\Program Files (x86)\ffdshow\unins000.exe" Free M4a to MP3 Converter 6.1-->"C:\Program Files (x86)\Free M4a to MP3 Converter\unins000.exe" Futuremark SystemInfo-->C:\Program Files (x86)\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe -runfromtemp -l0x0009 -removeonly Gadu-Gadu 10-->C:\Program Files (x86)\Gadu-Gadu 10\Uninstall.exe Gamer HUD Lite-->MsiExec.exe /I{8FE4D086-63BD-44EB-882C-C7EA5A1EF016} Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\7.0.517.44\Installer\setup.exe" --uninstall --system-level Google Earth-->MsiExec.exe /X{4286E640-B5FB-11DF-AC4B-005056C00008} Google SketchUp 7-->MsiExec.exe /X{597E70FF-7C46-4EED-8092-91B7C2E0529D} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)-->C:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)-->C:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)-->C:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)-->C:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)-->C:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" ipla 2.1.5-->C:\Program Files (x86)\ipla\uninst.exe IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF} JMicron JMB36X Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x9 -removeonly K-Lite Codec Pack 6.0.4 (Basic)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe" LG CyberLink PowerBackup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{ADD5DB49-72CF-11D8-9D75-000129760D75}\Setup.exe" -uninstall LG CyberLink PowerProducer-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall LG CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall LG CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall LG ODD Auto Oprogramowanie-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\Setup.exe" LG Power Tools-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall LG Power Tools-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall Macromedia FreeHand MXa-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{939740B5-0064-4779-854A-8C1086181C05}\Setup.exe" -l0x9 UNINSTALL Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" marvell 61xx-->C:\Program Files (x86)\Marvell\61xx\uninst-61xx.exe Marvell Miniport Driver-->C:\Program Files (x86)\Marvell\Miniport Driver\Uninst.exe Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft VC80 Support DLLs-->MsiExec.exe /I{342F5437-C87D-4BB5-89B9-B23E16C6A395} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual Studio Tools for Applications 2.0 - ENU-->MsiExec.exe /X{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} Microsoft Visual Studio Tools for Applications 2.0 Runtime-->MsiExec.exe /X{299C0434-4F4E-341F-A916-4E07AEB35E79} Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25} Microsoft_VC80_ATL_x86-->MsiExec.exe /I{CB07E706-5DD7-4093-83A1-1430D5B6FA75} Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C} Microsoft_VC80_CRT_x86-->MsiExec.exe /I{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A} Microsoft_VC80_MFC_x86-->MsiExec.exe /I{8AE28FB8-B8AE-4B58-A5FE-77F45E462BAE} Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57} Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{7FF0ACFE-4346-4D9D-B822-C69B99AAE1FC} Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7} Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C} Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403} Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A} Mozilla Firefox (3.6.11)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} Narzędzie do przekazywania usługi Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Need for Speed™ SHIFT-->MsiExec.exe /X{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4} Nero 7 Premium-->MsiExec.exe /X{D98C0C51-F9BB-4EE4-B791-22BF6EE31045} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NVIDIA PhysX-->MsiExec.exe /X{8A809006-C25A-4A3A-9DAB-94659BCDB107} NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask Opera 10.63-->MsiExec.exe /X{87CC8013-56D1-43E1-A0A5-AD406B4EBA95} OSRAM Lamp PlugIn 1.7.0.0-->"C:\Program Files (x86)\InstallShield Installation Information\{567EA4E4-B799-4F1C-BFE0-D0381BD8651A}\setup.exe" -runfromtemp -l0x0009 -removeonly OVH MoM-->"C:\Program Files (x86)\OVH\MoM\uninst-MoM.exe" PC Probe II-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\setup.exe" -l0x9 PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392} PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe Pen Tablet-->C:\Program Files (x86)\Tablet\Pen\Remove.exe /u Philips Product Selector 5.2.4.0-->C:\Program Files (x86)\InstallShield Installation Information\{81AD9228-21AC-4DBD-AE33-98146A88BAA8}\setup.exe -runfromtemp -l0x0409 PhotoDlx-->"C:\Program Files (x86)\InstallShield Installation Information\{4086DF3D-B6CB-4AA5-BF7F-EF1BC0A63BD4}\setup.exe" -runfromtemp -l0x0009anything -uninst Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe" Podstawowe programy Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Podstawowe programy Windows Live-->MsiExec.exe /I{9862473C-E063-4C68-A161-2CDE0E8048A5} Pontifex II-->C:\Program Files (x86)\Pontifex II\uninstall.exe POV-Ray for Windows v3.6.0-->C:\PROGRA~2\POV-RA~1.6\unwise.exe C:\PROGRA~2\POV-RA~1.6\install.log PowerDVD-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe" PPS max plugin 1.5.0-->"C:\Program Files (x86)\Philips Lighting\VIZProxy\unins000.exe" PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u PxMergeModule-->MsiExec.exe /I{024521CF-C07E-4F8E-8481-0D75695E03AF} QuickTime-->MsiExec.exe /I{E7004147-2CCA-431C-AA05-2AB166B9785D} RealPlayer-->C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0 RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F} Rhino RDK-->C:\PROGRA~2\COMMON~1\MCNEEL~1\RDK\UNWISE.EXE C:\PROGRA~2\COMMON~1\MCNEEL~1\RDK\INSTALL.LOG Rhinoceros 4.0 SR3-->MsiExec.exe /I{D7960C39-E3FD-4B46-8E97-A1E9D128F913} Rhinoceros 4.0 SR4b-->MsiExec.exe /I{CCBC3666-5199-4702-B052-2C58FCA6EFF9} Rhinoceros 4.0-->MsiExec.exe /I{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87} RocketDock 1.3.5-->"C:\Program Files (x86)\RocketDock\unins000.exe" Safari-->MsiExec.exe /I{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43} Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A} Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} SopCast 3.2.9-->C:\Program Files (x86)\SopCast\uninst.exe Sound Blaster X-Fi MB-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{818690C7-8DA5-4623-BBA8-A73CFBD44077}\setup.exe" -l0x9 /remove SoundMAX-->C:\Program Files (x86)\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe -runfromtemp -l0x0015 -removeonly Speeding HDD-->MsiExec.exe /I{BDD11F42-6F08-4BB6-B4CA-3258BB58CDD5} Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004} Spotify-->"C:\Program Files (x86)\Spotify\uninstall.exe" STAL EXPONENT 1.0.2-->MsiExec.exe /I{90AA5CE4-3517-4A50-95BF-B2C88EC41795} System Requirements Lab for Intel-->MsiExec.exe /I{F7FC9307-374E-4017-8E9D-DE1154780480} Terragen-->MsiExec.exe /I{CCEB53A5-A252-4CF3-8602-429AB06BF0AE} Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe Trust 100K Series Webcam-->C:\Program Files (x86)\InstallShield Installation Information\{C679F9B9-C65D-4C65-BD6C-BF90B859E281}\setup.exe -runfromtemp -l0x0009 -removeonly Turbo Squid Tentacles 3ds Max 2008-->MsiExec.exe /X{72019134-3A61-4C39-A540-245600C4CDFA} TweakIt-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{922A36F5-6663-45C0-A515-B63C4E585195}\setup.exe" -l0x9 VDownloader 1.12-->"C:\Program Files (x86)\VDOWNLOADER\unins000.exe" Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\SysWOW64\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" Visual Studio 2008 x64 Redistributables-->MsiExec.exe /I{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49} VLC media player 1.0.5-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe V-Ray for Rhinoceros 4.0-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{54DBAF71-635A-45CB-A7DD-7EAB60F5C460}\setup.exe" -l0x9 -removeonly V-Ray for Rhinoceros-->"C:\Program Files (x86)\InstallShield Installation Information\{40625DE4-DCDB-44FE-84B5-E65F1365BF44}\setup.exe" -runfromtemp -l0x0009 -removeonly WapSter AQQ-->C:\Program Files (x86)\WapSter\WapSter AQQ\uninstall.exe Wielki słownik angielsko-polski i polsko-angielski PWN-OXFORD-->C:\Windows\IsUn0415.exe -f"C:\Program Files (x86)\PWN\WSPWNOUP2006\Uninst.isu" Windows Internet Explorer Platform Preview-->MsiExec.exe /I{39316EDC-804F-4081-9974-0A13BA77E5EF} Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956} Windows Live Messenger-->MsiExec.exe /X{D1803CD4-0CE7-4484-98E3-88D7A2D629A4} Worms World Party-->C:\Windows\IsUn0415.exe -f"C:\Team17\Worms World Party\Uninst.isu" ======Hosts File====== 127.0.0.1 activate.adobe.com 127.0.0.1 preactivate.adobe.com 127.0.0.1 adobeereg.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 192.150.18.108 127.0.0.1 activate.adobe.com:443 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com ======System event log====== Computer Name: scorpion Event Code: 7036 Message: Usługa Host urządzenia UPnP weszła w stan uruchomienia. Record Number: 65978 Source Name: Service Control Manager Time Written: 20100615072235.593910-000 Event Type: Informacje User: Computer Name: scorpion Event Code: 14206 Message: Serwer multimediów „SCORPION: Michał:” został zainicjowany pomyślnie i udostępnia multimedia urządzeniom multimediów sieciowych. Record Number: 65977 Source Name: Microsoft-Windows-WMPNSS-Service Time Written: 20100615072235.000000-000 Event Type: Informacje User: Computer Name: scorpion Event Code: 7036 Message: Usługa Usługa udostępniania w sieci programu Windows Media Player weszła w stan uruchomienia. Record Number: 65976 Source Name: Service Control Manager Time Written: 20100615072234.720308-000 Event Type: Informacje User: Computer Name: scorpion Event Code: 7036 Message: Usługa Połączenia sieciowe weszła w stan uruchomienia. Record Number: 65975 Source Name: Service Control Manager Time Written: 20100615072233.799906-000 Event Type: Informacje User: Computer Name: scorpion Event Code: 14204 Message: Usługa "WMPNetworkSvc" została uruchomiona. Record Number: 65974 Source Name: Microsoft-Windows-WMPNSS-Service Time Written: 20100615072234.000000-000 Event Type: Informacje User: =====Application event log===== Computer Name: scorpion Event Code: 900 Message: Usługa ochrony oprogramowania jest uruchamiana. Record Number: 5502 Source Name: Microsoft-Windows-Security-SPP Time Written: 20100228003152.000000-000 Event Type: Informacje User: Computer Name: scorpion Event Code: 1040 Message: Rozpoczynanie transakcji Instalatora Windows: {63E5CDBF-8214-4F03-84F8-CD3CE48639AD}. ID procesu klienta: 4388. Record Number: 5501 Source Name: MsiInstaller Time Written: 20100228003152.000000-000 Event Type: Informacje User: scorpion\Michał Computer Name: scorpion Event Code: 1042 Message: Kończenie transakcji Instalatora Windows: {820D3F45-F6EE-4AAF-81EF-CE21FF21D230}. ID procesu klienta: 4388. Record Number: 5500 Source Name: MsiInstaller Time Written: 20100228003151.000000-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: scorpion Event Code: 1034 Message: Instalator Windows usunął produkt. Nazwa produktu: Adobe Type Support CS4. Wersja produktu: 9.0. Język produktu: 0. Producent: Adobe Systems Incorporated. Stan powodzenia lub błędu usuwania: 0. Record Number: 5499 Source Name: MsiInstaller Time Written: 20100228003151.000000-000 Event Type: Informacje User: scorpion\Michał Computer Name: scorpion Event Code: 11724 Message: Product: Adobe Type Support CS4 -- Usunięcie zakończyło się pomyślnie. Record Number: 5498 Source Name: MsiInstaller Time Written: 20100228003151.000000-000 Event Type: Informacje User: scorpion\Michał =====Security event log===== Computer Name: scorpion Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Uprawnienia: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 10953 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100420131609.940308-000 Event Type: Sukcesy inspekcji User: Computer Name: scorpion Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SCORPION$ Domena konta: DOM52 Identyfikator logowania: 0x3e7 Typ logowania: 5 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x2e8 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Nazwa stacji roboczej: Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: Advapi Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 10952 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100420131609.940308-000 Event Type: Sukcesy inspekcji User: Computer Name: scorpion Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Uprawnienia: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 10951 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100420100247.940712-000 Event Type: Sukcesy inspekcji User: Computer Name: scorpion Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SCORPION$ Domena konta: DOM52 Identyfikator logowania: 0x3e7 Typ logowania: 5 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x2e8 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Nazwa stacji roboczej: Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: Advapi Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 10950 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100420100247.940712-000 Event Type: Sukcesy inspekcji User: Computer Name: scorpion Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Uprawnienia: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 10949 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100420075346.608933-000 Event Type: Sukcesy inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=c:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Autodesk\Backburner\;C:\Program Files (x86)\Common Files\Autodesk Shared\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files (x86)\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=8 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 26 Stepping 5, GenuineIntel "PROCESSOR_REVISION"=1a05 "CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip "asl.log"=Destination=file -----------------EOF----------------- [/log] Malwarebytes Anti-Malware log: [log] Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Wersja bazy: 5102 Windows 6.1.7600 Internet Explorer 9.0.7930.16406 2010-11-12 22:13:14 mbam-log-2010-11-12 (22-13-14).txt Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|F:\|G:\|) Przeskanowano obiektów: 556714 Upłynęło: 56 minut(y), 26 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 0 Zainfekowanych wartości rejestru: 3 Zainfekowane informacje rejestru systemowego: 1 Zainfekowanych folderów: 0 Zainfekowanych plików: 18 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: (Nie znaleziono zagrożeń) Zainfekowanych wartości rejestru: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files (x86)\pdfforge Toolbar\FF\components\pdfforgeToolbarFF.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost (Trojan.Agent) -> Quarantined and deleted successfully. Zainfekowane informacje rejestru systemowego: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (explorer.exe,C:\Users\Michał\AppData\Roaming\Microsoft\Windows\shell.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully. Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: C:\Program Files (x86)\pdfforge Toolbar\WidgiHelper.exe (Adware.WidgiToolbar) -> Quarantined and deleted successfully. C:\Program Files (x86)\pdfforge Toolbar\FF\components\pdfforgeToolbarFF.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully. C:\Program Files (x86)\Trend Micro\HiJackThis\backups\backup-20101025-040848-431.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully. C:\Users\Michał\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\1000000a00003i\imjppdmg.exe (Rootkit.Dropper) -> Quarantined and deleted successfully. C:\Users\Michał\AppData\Roaming\Thinstall\Microsoft Office Professional Edition 2003\11300002i\splwow64.exe (Rootkit.Dropper) -> Quarantined and deleted successfully. G:\Maciek\maciek\USB_MultiBoot6\MULTI_CONTENT\wintools\othertools\ProduKey.exe (PUP.PSWTool.ProductKey) -> Quarantined and deleted successfully. G:\UTORRENT\3DSMAX2010\Crack\xf-a2010.exe (Trojan.Agent.CK) -> Not selected for removal. G:\UTORRENT\3DSMAX2010\Crack\xf-a2010-64bits\xf-a2010.exe (Trojan.Agent.CK) -> Not selected for removal. G:\UTORRENT\Adobe CS5 Master Collection PL - Melkor\Adobe_CS5_Activator.exe (RiskWare.Tool.CK) -> Not selected for removal. G:\UTORRENT\Adobe CS5 Master Collection PL - Melkor\keygen.exe (RiskWare.Tool.CK) -> Not selected for removal. G:\UTORRENT\Autocad 2011 KeyGen\KeyGen-32bit.exe (RiskWare.Tool.CK) -> Not selected for removal. G:\UTORRENT\Autocad 2011 KeyGen\KeyGen-64bit.exe (RiskWare.Tool.CK) -> Not selected for removal. G:\UTORRENT\Autodesk AutoCAD 2010 - with Keygens (X-FORCE 32-64bits) [RH]\AAC2010_Keygen-32bits.exe (Trojan.Agent) -> Not selected for removal. G:\UTORRENT\Autodesk AutoCAD 2010 - with Keygens (X-FORCE 32-64bits) [RH]\AAC2010_Keygen-64bits.exe (Trojan.Agent.CK) -> Not selected for removal. G:\UTORRENT\Nero 8.2.8.0 PL\Nero 8x.exe (RiskWare.Tool.CK) -> Not selected for removal. C:\Users\Michał\AppData\Roaming\Microsoft\stor.cfg (Malware.Trace) -> Quarantined and deleted successfully. C:\Program Files\Common Files\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Sysvxd.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. [/log]
Tomek01 komentarz 25 listopada 2010 komentarz 25 listopada 2010 OTL usunęło co chciałem. Mbam usunął trochę syfu. Wygląda, że jest czysto. Dla pewności, Wykonaj jeszcze pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url]
qbikk89 komentarz 25 listopada 2010 Autor komentarz 25 listopada 2010 ok, skan się już robi, po jego wykonaniu wstawić jeszcze jakieś logi? po zeskanowaniu internet powinien mi już działać w przeglądarkach?
Tomek01 komentarz 25 listopada 2010 komentarz 25 listopada 2010 Możemy jeszcze wyczyścić HOSTS. Otwierasz notatnik, wklepujesz C:\windows\System32\drivers\etc\Hosts - enter. Usuwasz wszystko poza prawidłowym wpisem 127.0.0.1 localhost. Zapisujesz zmiany. Pamiętaj aby nie skojarzyć go na stałe z Notatnikiem ! Skan z DrWeba też pokaż, chyba że będzie czysto.
qbikk89 komentarz 25 listopada 2010 Autor komentarz 25 listopada 2010 skan DrWeb'em nic nie wykrył, zmieniłem tego HOSTSa, tak, że teraz mam tylko to: [code] # Copyright (c) 1993-1999 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # This HOSTS file created by Dr.Web Scanner for Windows # 127.0.0.1 localhost [/code] ale neta jak nie było w przeglądarkach tak dalej nie ma;/
qbikk89 komentarz 25 listopada 2010 Autor komentarz 25 listopada 2010 no ok, dzięki wielkie za pomoc w usunięciu wszelkiego rodzaju syfu. a co jest powodem, że internet mi ciągle nie działa?
qbikk89 komentarz 26 listopada 2010 Autor komentarz 26 listopada 2010 [quote name='Tomek01' timestamp='1290721604' post='1129421'] Interweniowałeś u swojego dostawcy ? [/quote] o to chodzi, że gg, skype, utorrent, radia internetowe - to wszystko mi działa, czyli połączenie z netem jest, nie mam jedynie internetu w przeglądarkach internetowych...coś blokuje! nie znam się na tym, ale wydaje mi się, że problem nie jest u dostawcy... próbowałem firefoxa, chrome, opery, explorera 9...i neta nie ma tylko w przeglądarkach. Kiedyś, zaraz po usunięciu plików przez Ad-Aware, jak napisałem w pierwszym poście, dałem przywracanie systemu i internet mi wtedy wrócił w przeglądarkach. Jednak Ad-Aware ciągle mi usuwał te pliki, po każdym przywracaniu systemu, po czym ponownie internet blokował mi się w przeglądarce, więc uznałem, że bez sensu jest robić ciągłe przywracanie systemu (a skoro Ad-Aware usuwa takie pliki jak svchost.exe z folderu: [code]Quarantined items: Description: c:\users\michał\appdata\roaming\microsoft\windows\shell.exe Family Name: Win32.Trojan.FakeAV/B Engine: 1 Clean status: Success Item ID: 0 Family ID: 0 Description: c:\users\michał\appdata\roaming\microsoft\svchost.exe Family Name: Win32.Trojan.FakeAV/B Engine: 1 Clean status: Success Item ID: 0 Family ID: 0 Description: c:\users\micha~1\appdata\local\temp\dwm.exe Family Name: Win32.Trojan.FakeAV/B Engine: 1 Clean status: Success Item ID: 0 Family ID: 0[/code], to chyba ok, bo nie wydaje mi się żeby jakieś pliki svchost.exe miały być w tym folderze, mylę się?) dlatego napisałem też tutaj na forum z nadzieją rozwiązania problemu. Jednak próby z OTL niestety nie pomogły w dalszym ciągu i teraz gdy chciałem przywrócić system (2x) zakończyło się to niepowodzeniem....
Tomek01 komentarz 26 listopada 2010 komentarz 26 listopada 2010 Rzeczywiście to co zostało usunięte jest szkodliwe. Pliki umiejscowione nie w tych lokalizacjach co trzeba. Tutaj masz prawdopodobne rozwiązanie: http://www.searchengines.pl/Nie-dzialaja-przegladarki-t125832.html/page__pid__549604#entry549604
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.