x-kom hosting

Log z OTL do sprawdzenia

tomczyk
utworzono
utworzono

Przez podwójne kliknięcie do otwarcia pendrive pojawia się okno "otwórz za pomocą". Po przez prawy klawisz myszy to samo. Działa tylko przez "eksploruj". Prosiłbym o pomoc.

Dżakub
komentarz
komentarz

Użyj tego : http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe
Pozdrawiam!

tomczyk
komentarz
komentarz

[quote name='Dżakub' timestamp='1290688888' post='1129006']
Użyj tego : http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe
Pozdrawiam!
[/quote]

Dzięki, na razie pomogło. Zawsze dostawałem jakąś funkcję do OTL. Następnym razem przy takim problemie tylko użyć tego programu?

Dżakub
komentarz
komentarz

Teraz najlepiej było by zrobić pełne skanowanie systemu.

tomczyk
komentarz
komentarz

[quote name='Dżakub' timestamp='1290690439' post='1129015']
Teraz najlepiej było by zrobić pełne skanowanie systemu.
[/quote]

zrobiłem, nic nie wykazało. Zależy jeszcze czym mam skanować? Robiłem to AVG. Coś radzisz jeszcze, albo na przyszłość?

Tomek01
komentarz
komentarz

Samo użycie Flash Disinfector nie załatwia sprawy. ;>
To jest objaw infekcji z pendriv'a.


Autor pokaż zestaw logów OTL i RSIT.

tomczyk
komentarz
komentarz

Wiem, że jest to wina pendriv'a. Dlatego robiłem loga z OTL przy podłączonym pendriv'ie! Jest on na samym początku. Zawsze dawałem tylko z OTL loga, potrzebujesz tego z RSIT? czy OTL Ci w zupełności wystarczy?

Sohei
komentarz
komentarz

załącz nowego loga z OTL: ) tamten jest już przestarzały

tomczyk
komentarz
komentarz

Proszę Cię bardzo :)

[log]OTL logfile created on: 2010-11-26 11:49:03 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = E:\Programy
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 014,00 Mb Total Physical Memory | 222,00 Mb Available Physical Memory | 22,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 57,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34,18 Gb Total Space | 3,53 Gb Free Space | 10,34% Space Free | Partition Type: NTFS
Drive D: | 9,78 Gb Total Space | 9,53 Gb Free Space | 97,46% Space Free | Partition Type: NTFS
Drive E: | 99,74 Gb Total Space | 3,48 Gb Free Space | 3,49% Space Free | Partition Type: NTFS
Drive G: | 34,18 Gb Total Space | 10,86 Gb Free Space | 31,79% Space Free | Partition Type: NTFS
Drive H: | 965,57 Mb Total Space | 879,80 Mb Free Space | 91,12% Space Free | Partition Type: FAT32
Drive P: | 232,88 Gb Total Space | 208,68 Gb Free Space | 89,61% Space Free | Partition Type: NTFS
Drive T: | 232,88 Gb Total Space | 208,68 Gb Free Space | 89,61% Space Free | Partition Type: NTFS

Computer Name: TOMCZYK | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-11-25 12:59:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- E:\Programy\OTL.exe
PRC - [2010-11-25 10:03:48 | 002,069,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010-11-25 10:02:49 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010-11-19 09:21:00 | 007,965,696 | ---- | M] (Creative Team S.A.) -- C:\Program Files\WapSter\WapSter AQQ\AQQ.exe
PRC - [2010-11-08 12:43:19 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-11-08 12:43:18 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-10-28 08:50:31 | 012,487,856 | ---- | M] (Mozilla Messaging) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2010-09-23 09:12:24 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010-07-21 08:40:07 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010-07-17 18:25:13 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010-07-17 18:25:09 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010-07-17 18:24:51 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010-06-23 13:54:51 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-06-10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-05-21 00:16:26 | 000,305,152 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\scalc.exe
PRC - [2010-05-21 00:16:24 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010-05-21 00:16:22 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2010-05-18 15:35:14 | 000,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2010-04-29 15:43:38 | 001,782,272 | ---- | M] () -- C:\Program Files\foobar2000\foobar2000.exe
PRC - [2010-02-05 15:13:54 | 000,250,392 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2010-02-05 15:13:50 | 000,142,360 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2010-02-05 15:13:42 | 000,173,592 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2009-09-24 06:50:10 | 003,520,256 | ---- | M] (Ghisler Software GmbH) -- C:\totalcmd\TOTALCMD.EXE
PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-09-29 12:44:48 | 000,274,432 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe
PRC - [2008-08-04 14:52:42 | 001,412,096 | ---- | M] (Era) -- C:\Program Files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe
PRC - [2008-05-26 21:18:44 | 000,439,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\searchindexer.exe
PRC - [2008-04-14 18:21:49 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 18:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 18:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 18:21:10 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 18:21:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 18:21:02 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-12-18 11:48:40 | 000,196,704 | ---- | M] (OptionNV) -- C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe
PRC - [2007-04-16 18:09:56 | 000,114,688 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
PRC - [2007-04-16 18:09:14 | 000,180,224 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
PRC - [2007-04-16 18:09:08 | 000,065,536 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
PRC - [2007-03-09 06:49:42 | 000,066,176 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
PRC - [2007-03-08 05:16:48 | 000,073,776 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2007-03-06 15:55:42 | 000,643,072 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2007-03-06 15:43:52 | 000,983,040 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2007-03-06 15:37:04 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2007-03-02 16:49:00 | 000,037,680 | ---- | M] (Lenovo.) -- C:\WINDOWS\system32\TPHDEXLG.exe
PRC - [2007-02-27 16:35:04 | 000,266,295 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
PRC - [2007-02-27 11:09:06 | 000,036,400 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\ibmpmsvc.exe
PRC - [2007-02-08 12:19:36 | 001,118,208 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
PRC - [2007-02-08 12:11:32 | 000,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
PRC - [2007-02-08 12:09:58 | 000,950,272 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
PRC - [2007-02-08 12:00:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
PRC - [2007-02-08 10:40:16 | 000,045,056 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
PRC - [2007-01-30 17:45:42 | 000,722,496 | ---- | M] (IBM) -- C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
PRC - [2007-01-30 17:37:50 | 000,644,672 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007-01-30 04:05:02 | 000,108,080 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\system32\IPSSVC.EXE
PRC - [2006-12-15 15:50:52 | 000,011,776 | ---- | M] ( ) -- c:\Program Files\Lenovo\System Update\SUService.exe
PRC - [2006-09-06 08:39:10 | 000,091,688 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ZOOM\TpScrex.exe
PRC - [2006-05-23 20:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2006-05-18 15:24:06 | 000,196,696 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
PRC - [2006-02-02 04:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-11-25 12:59:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- E:\Programy\OTL.exe
MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-07-27 07:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 18:21:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 18:20:57 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 18:20:56 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 18:20:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 18:20:56 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 18:20:44 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 18:20:44 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 18:20:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 18:20:39 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 18:20:36 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 18:20:32 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 18:20:31 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 18:20:14 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 18:20:13 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 18:20:11 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 18:19:59 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 18:16:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 18:12:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\reset.exe -- (.EsetTrialReset)
SRV - [2010-07-21 08:40:07 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010-07-17 18:25:09 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010-06-25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010-06-10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008-10-15 16:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [On_Demand | Stopped] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)
SRV - [2007-12-18 11:48:40 | 000,196,704 | ---- | M] (OptionNV) [Auto | Running] -- C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe -- (GtDetectSc)
SRV - [2007-04-16 18:09:14 | 000,180,224 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2007-04-16 18:09:08 | 000,065,536 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2007-03-06 15:55:42 | 000,643,072 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2007-03-06 15:43:52 | 000,983,040 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2007-03-06 15:37:04 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2007-03-02 16:49:00 | 000,037,680 | ---- | M] (Lenovo.) [Auto | Running] -- C:\WINDOWS\system32\TPHDEXLG.exe -- (TPHDEXLGSVC)
SRV - [2007-02-27 16:35:04 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2007-02-27 11:09:06 | 000,036,400 | ---- | M] (Lenovo) [Auto | Running] -- C:\WINDOWS\system32\ibmpmsvc.exe -- (IBMPMSVC)
SRV - [2007-02-08 12:19:36 | 001,118,208 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2007-02-08 12:11:32 | 000,569,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2007-02-08 12:09:58 | 000,950,272 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe -- (TVT Backup Service)
SRV - [2007-02-08 10:40:16 | 000,045,056 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe -- (tvtnetwk)
SRV - [2007-01-30 17:45:42 | 000,722,496 | ---- | M] (IBM) [Auto | Running] -- C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe -- (TSSCoreService)
SRV - [2007-01-30 17:37:50 | 000,644,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007-01-30 04:05:02 | 000,108,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\WINDOWS\system32\IPSSVC.EXE -- (IPSSVC)
SRV - [2006-12-15 15:50:52 | 000,011,776 | ---- | M] ( ) [Auto | Running] -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2006-05-23 20:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2005-11-14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-07-17 18:25:14 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010-07-17 18:24:58 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010-06-25 18:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2010-06-07 14:42:51 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010-06-02 01:14:54 | 000,033,536 | ---- | M] (Lenovo) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tvtfilter.sys -- (tvtfilter)
DRV - [2010-06-02 01:14:11 | 000,007,012 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pmemnt.sys -- (pmem)
DRV - [2010-04-19 19:29:20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010-01-13 11:18:34 | 001,730,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2009-12-18 09:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2008-04-13 19:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008-04-13 19:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008-04-13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-02-18 15:14:38 | 000,106,624 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Gt51Ip.sys -- (GT72NDISIPXP)
DRV - [2008-02-08 14:39:06 | 000,004,864 | ---- | M] (Option N.V.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\GtTdiFltr.sys -- (GtTdiFltr)
DRV - [2008-02-08 11:00:22 | 000,059,648 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt72ubus.sys -- (GT72UBUS)
DRV - [2007-08-06 12:30:18 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2007-05-02 03:34:32 | 000,161,792 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007-04-27 08:00:58 | 000,666,112 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAudN.sys -- (HdAudAddService)
DRV - [2007-04-12 17:15:00 | 000,004,442 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS -- (TPPWRIF)
DRV - [2007-04-09 19:03:00 | 000,012,848 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)
DRV - [2007-04-02 10:24:08 | 000,004,224 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\IBMBLDID.sys -- (IBMTPCHK)
DRV - [2007-03-30 11:38:14 | 000,008,064 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtptser.sys -- (GTPTSER)
DRV - [2007-03-28 04:22:58 | 002,204,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Sterownik karty Intel(R)
DRV - [2007-03-25 14:43:00 | 000,988,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007-03-25 14:43:00 | 000,210,688 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007-03-25 14:42:00 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007-03-02 16:49:00 | 000,100,656 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys -- (Shockprf)
DRV - [2007-03-02 16:47:00 | 000,019,760 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN)
DRV - [2007-02-27 11:08:32 | 000,021,040 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV - [2007-02-27 10:02:00 | 000,868,042 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007-02-21 11:16:12 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007-02-16 14:09:06 | 009,598,080 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007-02-12 18:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007-02-08 11:30:28 | 000,017,664 | ---- | M] (Lenovo Group Limited) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tvtpktfilter.sys -- (TVTPktFilter)
DRV - [2007-01-24 10:27:00 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006-11-15 09:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006-11-15 04:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006-11-15 02:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006-11-06 09:24:56 | 000,012,080 | ---- | M] (Lenovo Group Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PROCDD.SYS -- (PROCDD)
DRV - [2006-10-23 02:23:28 | 000,017,778 | ---- | M] (IBM Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPHKDRV.sys -- (TPHKDRV)
DRV - [2006-09-13 11:42:44 | 000,035,264 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2006-09-13 06:42:18 | 000,028,224 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2006-03-01 02:30:00 | 000,089,472 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2006-02-02 04:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006-02-02 04:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006-02-02 04:20:00 | 000,086,652 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006-02-02 04:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006-02-02 04:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006-02-02 04:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006-02-02 04:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005-11-18 11:02:50 | 000,005,660 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005-11-18 11:02:10 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005-11-18 04:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005-11-08 08:27:20 | 000,011,520 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ANC.sys -- (ANC)
DRV - [2005-07-14 04:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys -- (risdptsk)
DRV - [2005-07-12 19:55:00 | 000,013,840 | ---- | M] (Lenovo Group Limited) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tp4track.sys -- (Tp4Track)
DRV - [2005-05-17 09:20:08 | 000,015,872 | ---- | M] (Atmel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atmeltpm.sys -- (atmeltpm)
DRV - [2004-08-03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003-09-10 22:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
DRV - [2001-10-26 17:00:44 | 000,322,432 | ---- | M] (Matrox Graphics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\G400m.sys -- (G400)
DRV - [2001-10-26 16:58:28 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001-08-17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001-08-17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001-08-17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001-08-17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001-08-17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001-08-17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001-08-17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001-08-17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001-08-17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001-08-17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001-08-17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001-08-17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001-08-17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001-08-17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001-08-17 21:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Usługa instalacyjna sterownika audio Intel(r) 82801 (WDM)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-936243105-3892831707-2462436517-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-936243105-3892831707-2462436517-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-936243105-3892831707-2462436517-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-936243105-3892831707-2462436517-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe41}:1.0.9
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: {582195F5-92E7-40a0-A127-DB71295901D7}:0.6
FF - prefs.js..extensions.enabledItems: {eaf8a4ef-d221-45ca-9deb-d0934b45fa34}:1.3.0.3
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {B347DFB4-AC21-11DD-9016-B77D55D89593}:1.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: mil@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..network.proxy.http: "174.142.24.201"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010-11-25 10:06:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-11-08 12:43:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-11-08 12:43:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010-10-28 08:50:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010-07-02 11:55:21 | 000,000,000 | ---D | M]

[2010-06-02 21:09:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions
[2010-06-02 21:09:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010-12-16 08:32:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions
[2010-09-24 17:40:09 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2010-10-22 14:33:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010-06-02 20:54:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe41}
[2010-06-02 20:54:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-11-13 09:34:16 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2010-10-15 07:57:20 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010-08-11 07:09:29 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010-06-02 20:53:57 | 000,000,000 | ---D | M] (Gmail Manager) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2010-06-02 20:53:56 | 000,000,000 | ---D | M] (HideTab) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{B347DFB4-AC21-11DD-9016-B77D55D89593}
[2010-11-04 09:40:11 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-06-02 20:53:55 | 000,000,000 | ---D | M] (OggX (powered by TIME S.A.)) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{eaf8a4ef-d221-45ca-9deb-d0934b45fa34}
[2010-06-02 20:53:55 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010-06-02 20:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\firegestures@xuldev.org
[2010-08-25 20:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\mil@toolbar
[2010-09-12 20:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\personas@christopher.beard
[2010-09-28 20:38:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\vshare@toolbar
[2010-12-16 08:32:31 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-06-23 13:55:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-06-23 13:54:52 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-06-07 08:49:44 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010-04-01 18:33:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-04-01 18:33:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-04-01 18:33:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-04-01 18:33:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-04-01 18:33:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-04-01 18:33:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2004-08-04 22:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-936243105-3892831707-2462436517-1005\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKU\S-1-5-21-936243105-3892831707-2462436517-1005\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CardDetectorHUAWEI160] C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe (France Telecom SA)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
O4 - HKU\S-1-5-21-936243105-3892831707-2462436517-1005..\Run: [usxxxxxxxx.exe] C:\usxxxxxxxx.exe\usxxxxxxxx.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GlobeTrotter Connect.lnk = C:\Program Files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe (Era)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-936243105-3892831707-2462436517-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-936243105-3892831707-2462436517-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-936243105-3892831707-2462436517-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {108D3206-846A-4A93-BACB-F0572D043ED7} http://86.111.207.38:8010/webrec.cab (DHSurveillanceCtrl Control)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ACNotify: DllName - ACNotify.dll - C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo )
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\tpfnf2: DllName - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - C:\Program Files\Lenovo\HOTKEY\tphklock.dll - C:\Program Files\Lenovo\HOTKEY\tphklock.dll ()
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-03-02 05:00:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-11-25 13:36:38 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-11-08 10:50:28 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-11-08 10:50:28 | 000,000,000 | ---D | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006-03-02 05:00:48 | 000,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009-11-08 10:50:28 | 000,000,000 | RHSD | M] - G:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-10-18 10:06:34 | 000,000,051 | RHS- | M] () - H:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{0bbc0071-9f29-11df-81fc-001c25928682}\Shell - "" = AutoRun
O33 - MountPoints2\{0bbc0071-9f29-11df-81fc-001c25928682}\Shell\AutoRun\command - "" = H:\MicroLauncher.exe -- File not found
O33 - MountPoints2\{41fc088e-7ac0-11df-818e-001c25928682}\Shell\AutoRun\command - "" = wq.exe
O33 - MountPoints2\{41fc088e-7ac0-11df-818e-001c25928682}\Shell\open\Command - "" = wq.exe
O33 - MountPoints2\{9d238a6f-c611-11df-8269-001c25928682}\Shell\AutoRun\command - "" = io3yalc.exe
O33 - MountPoints2\{9d238a6f-c611-11df-8269-001c25928682}\Shell\open\Command - "" = io3yalc.exe
O33 - MountPoints2\{a4b551ac-f882-11df-8305-001c25928682}\Shell - "" = AutoRun
O33 - MountPoints2\{a4b551ac-f882-11df-8305-001c25928682}\Shell\AutoRun\command - "" = H:\AutoRunCardDetector.exe -- File not found
O33 - MountPoints2\{a96bacc4-c81b-11df-8271-00215c2b0cbf}\Shell - "" = AutoRun
O33 - MountPoints2\{a96bacc4-c81b-11df-8271-00215c2b0cbf}\Shell\AutoRun\command - "" = H:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BTTray.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe - (Avanquest Software )
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe - (Microsoft Corporation)
MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]AwaySch[/b] - hkey= - key= - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
MsConfig - StartUpReg: [b]BLOG[/b] - hkey= - key= - C:\Program Files\ThinkPad\Utilities\BATLOGEX.DLL ()
MsConfig - StartUpReg: [b]cssauth[/b] - hkey= - key= - C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
MsConfig - StartUpReg: [b]EZEJMNAP[/b] - hkey= - key= - C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.)
MsConfig - StartUpReg: [b]ISUSPM Startup[/b] - hkey= - key= - C:\Program Files\Common Files\Installshield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: [b]ISUSScheduler[/b] - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: [b]iTunesHelper[/b] - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: [b]LPManager[/b] - hkey= - key= - C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)
MsConfig - StartUpReg: [b]PWRMGRTR[/b] - hkey= - key= - C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: [b]RayV[/b] - hkey= - key= - C:\Program Files\RayV\RayV\RayV.exe (RayV)
MsConfig - StartUpReg: [b]snp2uvc[/b] - hkey= - key= - C:\WINDOWS\vsnp2uvc.exe (Sonix)
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: [b]TPFNF7[/b] - hkey= - key= - C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
MsConfig - StartUpReg: [b]TpShocks[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]TrackPointSrv[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]TVT Scheduler Proxy[/b] - hkey= - key= - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
MsConfig - StartUpReg: [b]WMPNSCFG[/b] - hkey= - key= - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-11-25 13:36:38 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010-11-25 11:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\CardDetector
[2010-11-18 21:33:03 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010-10-31 08:14:32 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle
[2010-10-22 08:24:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Wireshark
[2010-10-22 08:01:04 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2010-10-22 07:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark
[2010-10-20 10:16:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\McAfee
[2010-10-20 10:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee
[2010-09-30 21:04:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\vShare
[2010-09-30 21:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\vShare
[2010-06-02 00:57:32 | 000,167,936 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2010-06-02 00:57:32 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-12-16 08:29:45 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{4088FF0D-EF0B-4396-9971-BAF7B1D937D1}.job
[2010-11-26 11:04:00 | 000,000,254 | ---- | M] () -- C:\WINDOWS\tasks\Sprawdź aktualizacje paska narzędzi Windows Live Toolbar.job
[2010-11-26 10:58:00 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-11-26 10:35:51 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\raport usł 16.11.09-28.10.10.xls
[2010-11-26 10:35:50 | 000,000,118 | -H-- | M] () -- C:\Documents and Settings\admin\Pulpit\.~lock.raport usł 16.11.09-28.10.10.xls#
[2010-11-26 09:27:02 | 068,125,028 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010-11-26 09:20:41 | 000,001,768 | -H-- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\Default.rdp
[2010-11-26 08:13:05 | 000,002,380 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010-11-26 08:10:41 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-11-26 08:10:39 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-11-26 08:10:32 | 000,025,269 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI
[2010-11-26 08:10:17 | 000,000,480 | ---- | M] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2010-11-26 08:10:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-11-26 08:10:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-11-26 08:10:06 | 1063,563,264 | -HS- | M] () -- C:\hiberfil.sys
[2010-11-26 01:15:19 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\admin\NTUSER.DAT
[2010-11-26 01:14:49 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\admin\ntuser.ini
[2010-11-25 16:20:54 | 005,323,434 | -H-- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-11-25 09:57:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-11-17 15:36:57 | 000,014,767 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\padziernik1.ods
[2010-11-12 09:33:48 | 000,015,872 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-09 08:20:33 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Programer Faktura.lnk
[2010-10-25 19:35:46 | 000,002,191 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\MSO_Plus.lnk
[2010-10-22 08:01:06 | 000,000,065 | ---- | M] () -- C:\WINDOWS\System32\-1
[2010-10-13 11:44:30 | 000,122,136 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-10-13 11:40:28 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-10-08 02:04:39 | 001,103,738 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-10-08 02:04:39 | 000,522,708 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-10-08 02:04:39 | 000,441,610 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-10-08 02:04:39 | 000,098,046 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-10-08 02:04:39 | 000,071,546 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-11-26 08:48:08 | 000,000,118 | -H-- | C] () -- C:\Documents and Settings\admin\Pulpit\.~lock.raport usł 16.11.09-28.10.10.xls#
[2010-11-26 08:48:03 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\raport usł 16.11.09-28.10.10.xls
[2010-11-17 15:36:57 | 000,014,767 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\padziernik1.ods
[2010-10-22 08:01:06 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\-1
[2010-09-24 21:43:14 | 000,090,069 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Optimizer.txt
[2010-06-25 18:03:12 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010-06-07 18:46:07 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-06-07 18:46:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010-06-07 18:46:05 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-06-07 18:46:05 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-06-07 18:46:05 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-06-07 18:46:05 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010-06-07 08:52:15 | 000,002,380 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010-06-02 21:42:05 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-02 08:44:44 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2010-06-02 01:40:22 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2010-06-02 01:40:22 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2010-06-02 01:40:22 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2010-06-02 01:40:22 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2010-06-02 01:40:22 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2010-06-02 01:40:22 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2010-06-02 01:40:22 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2010-06-02 01:40:22 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2010-06-02 01:40:22 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2010-06-02 01:40:22 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2010-06-02 01:40:22 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2010-06-02 01:40:22 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2010-06-02 01:40:22 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2010-06-02 01:40:22 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2010-06-02 01:40:22 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2010-06-02 01:40:09 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2010-06-02 01:40:08 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2010-06-02 01:40:03 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2010-06-02 01:40:03 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2010-06-02 01:40:02 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2010-06-02 01:40:01 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2010-06-02 01:39:58 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2010-06-02 01:39:56 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2010-06-02 01:39:56 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2010-06-02 01:39:52 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2010-06-02 01:39:50 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2010-06-02 01:39:47 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll
[2010-06-02 01:39:46 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2010-06-02 01:39:31 | 001,103,738 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-02 01:39:31 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2010-06-02 01:39:31 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2010-06-02 01:39:31 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2010-06-02 01:39:31 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2010-06-02 01:39:31 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2010-06-02 01:39:31 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2010-06-02 01:39:31 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2010-06-02 01:39:31 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-06-02 01:39:31 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2010-06-02 01:39:31 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2010-06-02 01:39:31 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2010-06-02 01:39:31 | 000,002,035 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2010-06-02 01:39:31 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2010-06-02 01:39:31 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2010-06-02 01:39:31 | 000,000,565 | ---- | C] () -- C:\WINDOWS\win.ini
[2010-06-02 01:39:31 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2010-06-02 01:39:31 | 000,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2010-06-02 01:39:31 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2010-06-02 01:39:31 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2010-06-02 01:39:31 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2010-06-02 01:39:26 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2010-06-02 01:39:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2010-06-02 01:29:43 | 005,323,434 | -H-- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-06-02 01:29:43 | 000,012,328 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-02 01:29:43 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2010-06-02 01:29:43 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\desktop.ini
[2010-06-02 01:22:52 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010-06-02 01:13:12 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys
[2010-06-02 01:08:07 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010-06-02 01:06:37 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2010-06-02 01:06:37 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2010-06-02 01:06:37 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2010-06-02 01:06:37 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2010-06-02 01:06:37 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2010-06-02 01:06:37 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2010-06-02 01:01:00 | 000,910,464 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2010-06-02 01:01:00 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4785.dll
[2010-06-02 00:59:08 | 000,012,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2010-06-02 00:58:11 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS
[2010-06-02 00:57:32 | 009,598,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010-06-02 00:57:32 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2010-06-02 00:46:19 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\tp4uires.dll
[2008-05-26 21:22:36 | 000,016,222 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008-05-26 21:22:34 | 000,021,728 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008-05-26 21:22:32 | 000,016,164 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007-08-09 16:43:16 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4860.dll
[2007-03-02 13:15:36 | 000,025,269 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI
[2007-03-02 13:15:25 | 000,000,480 | ---- | C] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2007-02-27 16:48:38 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007-02-27 16:29:32 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2007-01-16 16:12:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006-09-05 13:20:36 | 000,079,400 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL
[2005-02-17 10:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005-02-17 10:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001-11-14 11:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-06-07 14:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\AVG9
[2010-06-07 09:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ESET
[2010-10-21 09:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\EurekaLog
[2010-11-26 08:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\foobar2000
[2010-06-17 12:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Foxit Software
[2010-08-27 18:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\InterVideo
[2010-06-28 13:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Leadertech
[2010-06-02 01:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Lenovo
[2010-06-07 07:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\OpenOffice.org
[2010-06-08 12:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\PDF Writer
[2010-07-30 19:25:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\RayV
[2010-06-02 21:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Thunderbird
[2010-11-26 10:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\uTorrent
[2010-09-30 21:04:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\vShare
[2010-06-07 12:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Windows Desktop Search
[2010-06-07 12:53:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Windows Search
[2010-10-22 08:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Wireshark
[2010-06-02 01:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Lenovo
[2010-06-07 14:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9
[2010-06-09 19:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm
[2010-06-02 01:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Lenovo
[2010-06-02 01:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC-Doctor
[2010-06-08 12:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PDF Writer
[2010-06-09 15:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010-06-02 01:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\Lenovo
[2010-06-02 01:51:49 | 000,000,316 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job
[2010-11-26 11:04:00 | 000,000,254 | ---- | M] () -- C:\WINDOWS\Tasks\Sprawdź aktualizacje paska narzędzi Windows Live Toolbar.job
[2010-12-16 08:29:45 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{4088FF0D-EF0B-4396-9971-BAF7B1D937D1}.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-06-16 09:30:16 | 000,000,193 | ---- | M] () -- C:\06161030.PRN
[2006-03-02 05:00:48 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-07-29 09:17:46 | 000,000,401 | RHS- | M] () -- C:\boot.ini
[2004-08-04 22:00:00 | 000,004,952 | RHS- | M] () -- C:\bootfont.bin
[2006-03-02 05:00:48 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-06-02 01:07:41 | 000,002,656 | ---- | M] () -- C:\drivez.log
[2006-04-14 06:55:44 | 000,000,529 | ---- | M] () -- C:\dsbHSM.inf
[2010-07-30 16:26:38 | 000,001,985 | ---- | M] () -- C:\FlashDOM.sh
[2010-11-26 08:10:06 | 1063,563,264 | -HS- | M] () -- C:\hiberfil.sys
[2006-03-02 05:00:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-06-25 13:07:44 | 000,007,532 | ---- | M] () -- C:\mksbasel.cpp.log
[2006-03-02 05:00:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-04 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010-06-02 21:59:21 | 000,251,152 | RHS- | M] () -- C:\NTLDR
[2010-11-26 08:10:05 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2008-06-16 10:59:44 | 000,036,580 | ---- | M] () -- C:\setkey
[2010-06-02 08:44:46 | 000,000,093 | ---- | M] () -- C:\syslevel.lgl
[2010-11-26 08:10:10 | 000,005,388 | ---- | M] () -- C:\TPHKLOCK.TXT


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:agp440.sys
[2004-08-04 22:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2010-06-02 21:50:49 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2010-06-02 21:50:49 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004-08-04 22:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010-06-02 21:50:49 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010-06-02 21:50:49 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2004-08-04 22:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys
[2004-08-04 22:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010-06-02 21:50:49 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2010-06-02 21:50:49 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2009-12-22 19:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

< End of report >
[/log]

[color="#FF0000"]//Logi wstawiamy w tagi
//Zmieniam
//Tom01[/color]

Tomek01
komentarz
komentarz

Odinstaluj: vshare_toolbar, mil@toolbar, Windows Live Toolbar.


Teraz też podepnij pamięci USB.
W OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe

:OTL
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\reset.exe -- (.EsetTrialReset)
FF - prefs.js..extensions.enabledItems: mil@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
[2010-08-25 20:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\mil@toolbar
[2010-09-28 20:38:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\vshare@toolbar
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-936243105-3892831707-2462436517-1005\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKU\S-1-5-21-936243105-3892831707-2462436517-1005\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-936243105-3892831707-2462436517-1005..\Run: [usxxxxxxxx.exe] C:\usxxxxxxxx.exe\usxxxxxxxx.exe File not found
O32 - AutoRun File - [2009-11-08 10:50:28 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-11-08 10:50:28 | 000,000,000 | ---D | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-10-18 10:06:34 | 000,000,051 | RHS- | M] () - H:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{41fc088e-7ac0-11df-818e-001c25928682}\Shell\AutoRun\command - "" = wq.exe
O33 - MountPoints2\{41fc088e-7ac0-11df-818e-001c25928682}\Shell\open\Command - "" = wq.exe
O33 - MountPoints2\{9d238a6f-c611-11df-8269-001c25928682}\Shell\AutoRun\command - "" = io3yalc.exe
O33 - MountPoints2\{9d238a6f-c611-11df-8269-001c25928682}\Shell\open\Command - "" = io3yalc.exe

:Files
C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
C:\Documents and Settings\admin\Dane aplikacji\desktop.ini
C:\Documents and Settings\admin\Dane aplikacji\EurekaLog
C:\usxxxxxxxx.exe\usxxxxxxxx.exe
wq.exe\alldrivers
io3yalc.exe\alldrivers


:Services
.EsetTrialReset
usxxxxxxxx.exe

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Klikasz run fix, komputer uruchamia się ponownie.
Wrzuć log z usuwania oraz nowe logi: OTL i RSIT.

tomczyk
komentarz
komentarz

Logi zamieszczę jutro lub w niedzielę bo pena zostawiłem w pracy :/ odinstalowałem te rzeczy. Vshare był to plugin, używałem go do oglądania transmisji sportowych lub informacyjnych na żywo. Przy ponownym oglądaniu będzie chciał się znowu zainstalować.

Tomek01
komentarz
komentarz

Ok, jak korzystasz to zostawiam. Toolbara usuwamy.

tomczyk
komentarz
komentarz

Log z usuwania

[log]All processes killed
========== PROCESSES ==========
No active process named Explorer.exe was found!
========== OTL ==========
Service .EsetTrialReset stopped successfully!
Service .EsetTrialReset deleted successfully!
File C:\WINDOWS\reset.exe not found.
Prefs.js: mil@toolbar:1.0.0 removed from extensions.enabledItems
Prefs.js: vshare@toolbar:1.0.0 removed from extensions.enabledItems
Folder C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\mil@toolbar\ not found.
Folder C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\vshare@toolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found.
File C:\Program Files\Windows Live Toolbar\msntb.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{043C5167-00BB-4324-AF7E-62013FAEDACF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ deleted successfully.
C:\Program Files\vShare\vshare_toolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found.
File C:\Program Files\Windows Live Toolbar\msntb.dll not found.
Registry value HKEY_USERS\S-1-5-21-936243105-3892831707-2462436517-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{043C5167-00BB-4324-AF7E-62013FAEDACF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ not found.
File C:\Program Files\vShare\vshare_toolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-936243105-3892831707-2462436517-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found.
File C:\Program Files\Windows Live Toolbar\msntb.dll not found.
Registry value HKEY_USERS\S-1-5-21-936243105-3892831707-2462436517-1005\Software\Microsoft\Windows\CurrentVersion\Run\\usxxxxxxxx.exe deleted successfully.
File not found.
File not found.
H:\autorun.inf moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{41fc088e-7ac0-11df-818e-001c25928682}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41fc088e-7ac0-11df-818e-001c25928682}\ not found.
File wq.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{41fc088e-7ac0-11df-818e-001c25928682}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41fc088e-7ac0-11df-818e-001c25928682}\ not found.
File wq.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d238a6f-c611-11df-8269-001c25928682}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d238a6f-c611-11df-8269-001c25928682}\ not found.
File io3yalc.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d238a6f-c611-11df-8269-001c25928682}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d238a6f-c611-11df-8269-001c25928682}\ not found.
File io3yalc.exe not found.
========== FILES ==========
C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini moved successfully.
C:\Documents and Settings\admin\Dane aplikacji\desktop.ini moved successfully.
C:\Documents and Settings\admin\Dane aplikacji\EurekaLog folder moved successfully.
File\Folder C:\usxxxxxxxx.exe\usxxxxxxxx.exe not found.
File\Folder wq.exe\alldrivers not found.
File\Folder io3yalc.exe\alldrivers not found.
========== SERVICES/DRIVERS ==========
Error: No service named .EsetTrialReset was found to stop!
Service\Driver key .EsetTrialReset not found.
Error: No service named usxxxxxxxx.exe was found to stop!
Service\Driver key usxxxxxxxx.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: admin
->Temp folder emptied: 650861049 bytes
->Temporary Internet Files folder emptied: 710865680 bytes
->Java cache emptied: 1950150 bytes
->FireFox cache emptied: 74358509 bytes
->Flash cache emptied: 12633654 bytes

User: Administrator
->Temp folder emptied: 49152 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: All Users

User: Default User
->Temp folder emptied: 49152 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 342265 bytes

User: NetworkService
->Temp folder emptied: 279008 bytes
->Temporary Internet Files folder emptied: 86511685 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 996988 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 468,00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 11292010_115528

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
[/log]

Log z OTL zrobiony po usunięciu:
[log]OTL logfile created on: 2010-11-29 12:13:44 - Run 3
OTL by OldTimer - Version 3.2.17.3 Folder = E:\Programy
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 014,00 Mb Total Physical Memory | 287,00 Mb Available Physical Memory | 28,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34,18 Gb Total Space | 5,29 Gb Free Space | 15,48% Space Free | Partition Type: NTFS
Drive D: | 9,78 Gb Total Space | 9,53 Gb Free Space | 97,46% Space Free | Partition Type: NTFS
Drive E: | 99,74 Gb Total Space | 3,37 Gb Free Space | 3,38% Space Free | Partition Type: NTFS
Drive G: | 34,18 Gb Total Space | 10,86 Gb Free Space | 31,79% Space Free | Partition Type: NTFS
Drive H: | 965,57 Mb Total Space | 879,80 Mb Free Space | 91,12% Space Free | Partition Type: FAT32

Computer Name: TOMCZYK | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-11-25 12:59:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- E:\Programy\OTL.exe
PRC - [2010-11-25 10:03:48 | 002,069,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010-11-25 10:02:49 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010-09-23 09:12:24 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010-07-21 08:40:07 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010-07-17 18:25:13 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010-07-17 18:25:09 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010-07-17 18:24:51 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010-06-23 13:54:51 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-06-10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-02-05 15:13:54 | 000,250,392 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2010-02-05 15:13:50 | 000,142,360 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2010-02-05 15:13:42 | 000,173,592 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-05-26 21:18:44 | 000,439,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\searchindexer.exe
PRC - [2008-04-14 18:21:49 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 18:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 18:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 18:21:10 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 18:21:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 18:21:02 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-04-16 18:09:56 | 000,114,688 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
PRC - [2007-04-16 18:09:14 | 000,180,224 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
PRC - [2007-04-16 18:09:08 | 000,065,536 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
PRC - [2007-03-09 06:49:42 | 000,066,176 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
PRC - [2007-03-08 05:16:48 | 000,073,776 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2007-03-06 15:55:42 | 000,643,072 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2007-03-06 15:43:52 | 000,983,040 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2007-03-06 15:37:04 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2007-03-02 16:49:00 | 000,037,680 | ---- | M] (Lenovo.) -- C:\WINDOWS\system32\TPHDEXLG.exe
PRC - [2007-02-27 16:35:04 | 000,266,295 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
PRC - [2007-02-27 11:09:06 | 000,036,400 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\ibmpmsvc.exe
PRC - [2007-02-08 12:19:36 | 001,118,208 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
PRC - [2007-02-08 12:11:32 | 000,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
PRC - [2007-02-08 12:09:58 | 000,950,272 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
PRC - [2007-02-08 12:00:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
PRC - [2007-02-08 10:40:16 | 000,045,056 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
PRC - [2007-01-30 17:45:42 | 000,722,496 | ---- | M] (IBM) -- C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
PRC - [2007-01-30 17:37:50 | 000,644,672 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007-01-30 04:05:02 | 000,108,080 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\system32\IPSSVC.EXE
PRC - [2006-12-15 15:50:52 | 000,011,776 | ---- | M] ( ) -- c:\Program Files\Lenovo\System Update\SUService.exe
PRC - [2006-09-06 08:39:10 | 000,091,688 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ZOOM\TpScrex.exe
PRC - [2006-05-23 20:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2006-05-18 15:24:06 | 000,196,696 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
PRC - [2006-02-02 04:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-11-25 12:59:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- E:\Programy\OTL.exe
MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-07-27 07:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 18:21:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 18:20:57 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 18:20:56 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 18:20:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 18:20:56 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 18:20:44 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 18:20:44 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 18:20:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 18:20:39 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 18:20:36 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 18:20:32 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 18:20:31 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 18:20:14 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 18:20:13 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 18:20:11 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 18:19:59 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 18:16:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 18:12:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2007-01-25 07:25:52 | 000,069,720 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\HKVOLKEY.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010-07-21 08:40:07 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010-07-17 18:25:09 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010-06-25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010-06-10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008-10-15 16:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [On_Demand | Stopped] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)
SRV - [2007-04-16 18:09:14 | 000,180,224 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2007-04-16 18:09:08 | 000,065,536 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2007-03-06 15:55:42 | 000,643,072 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2007-03-06 15:43:52 | 000,983,040 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2007-03-06 15:37:04 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2007-03-02 16:49:00 | 000,037,680 | ---- | M] (Lenovo.) [Auto | Running] -- C:\WINDOWS\system32\TPHDEXLG.exe -- (TPHDEXLGSVC)
SRV - [2007-02-27 16:35:04 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2007-02-27 11:09:06 | 000,036,400 | ---- | M] (Lenovo) [Auto | Running] -- C:\WINDOWS\system32\ibmpmsvc.exe -- (IBMPMSVC)
SRV - [2007-02-08 12:19:36 | 001,118,208 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2007-02-08 12:11:32 | 000,569,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2007-02-08 12:09:58 | 000,950,272 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe -- (TVT Backup Service)
SRV - [2007-02-08 10:40:16 | 000,045,056 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe -- (tvtnetwk)
SRV - [2007-01-30 17:45:42 | 000,722,496 | ---- | M] (IBM) [Auto | Running] -- C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe -- (TSSCoreService)
SRV - [2007-01-30 17:37:50 | 000,644,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007-01-30 04:05:02 | 000,108,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\WINDOWS\system32\IPSSVC.EXE -- (IPSSVC)
SRV - [2006-12-15 15:50:52 | 000,011,776 | ---- | M] ( ) [Auto | Running] -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2006-05-23 20:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2005-11-14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-07-17 18:25:14 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010-07-17 18:24:58 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010-06-25 18:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2010-06-07 14:42:51 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010-06-02 01:14:54 | 000,033,536 | ---- | M] (Lenovo) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tvtfilter.sys -- (tvtfilter)
DRV - [2010-06-02 01:14:11 | 000,007,012 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pmemnt.sys -- (pmem)
DRV - [2010-04-19 19:29:20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010-01-13 11:18:34 | 001,730,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2009-12-18 09:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2008-04-13 19:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008-04-13 19:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008-04-13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007-05-02 03:34:32 | 000,161,792 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007-04-27 08:00:58 | 000,666,112 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAudN.sys -- (HdAudAddService)
DRV - [2007-04-12 17:15:00 | 000,004,442 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS -- (TPPWRIF)
DRV - [2007-04-09 19:03:00 | 000,012,848 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)
DRV - [2007-04-02 10:24:08 | 000,004,224 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\IBMBLDID.sys -- (IBMTPCHK)
DRV - [2007-03-28 04:22:58 | 002,204,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Sterownik karty Intel(R)
DRV - [2007-03-25 14:43:00 | 000,988,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007-03-25 14:43:00 | 000,210,688 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007-03-25 14:42:00 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007-03-02 16:49:00 | 000,100,656 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys -- (Shockprf)
DRV - [2007-03-02 16:47:00 | 000,019,760 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN)
DRV - [2007-02-27 11:08:32 | 000,021,040 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV - [2007-02-27 10:02:00 | 000,868,042 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007-02-21 11:16:12 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007-02-16 14:09:06 | 009,598,080 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007-02-12 18:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007-02-08 11:30:28 | 000,017,664 | ---- | M] (Lenovo Group Limited) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tvtpktfilter.sys -- (TVTPktFilter)
DRV - [2007-01-24 10:27:00 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006-11-15 09:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006-11-15 04:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006-11-15 02:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006-11-06 09:24:56 | 000,012,080 | ---- | M] (Lenovo Group Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PROCDD.SYS -- (PROCDD)
DRV - [2006-10-23 02:23:28 | 000,017,778 | ---- | M] (IBM Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPHKDRV.sys -- (TPHKDRV)
DRV - [2006-09-13 11:42:44 | 000,035,264 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2006-09-13 06:42:18 | 000,028,224 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2006-03-01 02:30:00 | 000,089,472 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2006-02-02 04:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006-02-02 04:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006-02-02 04:20:00 | 000,086,652 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006-02-02 04:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006-02-02 04:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006-02-02 04:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006-02-02 04:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005-11-18 11:02:50 | 000,005,660 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005-11-18 11:02:10 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005-11-18 04:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005-11-08 08:27:20 | 000,011,520 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ANC.sys -- (ANC)
DRV - [2005-07-14 04:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys -- (risdptsk)
DRV - [2005-07-12 19:55:00 | 000,013,840 | ---- | M] (Lenovo Group Limited) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tp4track.sys -- (Tp4Track)
DRV - [2005-05-17 09:20:08 | 000,015,872 | ---- | M] (Atmel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atmeltpm.sys -- (atmeltpm)
DRV - [2004-08-03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003-09-10 22:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
DRV - [2001-10-26 17:00:44 | 000,322,432 | ---- | M] (Matrox Graphics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\G400m.sys -- (G400)
DRV - [2001-10-26 16:58:28 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001-08-17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001-08-17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001-08-17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001-08-17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001-08-17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001-08-17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001-08-17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001-08-17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001-08-17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001-08-17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001-08-17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001-08-17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001-08-17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001-08-17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001-08-17 21:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Usługa instalacyjna sterownika audio Intel(r) 82801 (WDM)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-936243105-3892831707-2462436517-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-936243105-3892831707-2462436517-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-936243105-3892831707-2462436517-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe41}:1.0.9
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: {582195F5-92E7-40a0-A127-DB71295901D7}:0.6
FF - prefs.js..extensions.enabledItems: {eaf8a4ef-d221-45ca-9deb-d0934b45fa34}:1.3.0.3
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {B347DFB4-AC21-11DD-9016-B77D55D89593}:1.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..network.proxy.http: "174.142.24.201"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010-11-25 10:06:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-11-27 19:13:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-11-08 12:43:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010-10-28 08:50:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010-07-02 11:55:21 | 000,000,000 | ---D | M]

[2010-06-02 21:09:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions
[2010-06-02 21:09:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010-11-26 21:36:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions
[2010-09-24 17:40:09 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2010-10-22 14:33:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010-06-02 20:54:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe41}
[2010-06-02 20:54:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-11-13 09:34:16 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2010-10-15 07:57:20 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010-08-11 07:09:29 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010-06-02 20:53:57 | 000,000,000 | ---D | M] (Gmail Manager) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2010-06-02 20:53:56 | 000,000,000 | ---D | M] (HideTab) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{B347DFB4-AC21-11DD-9016-B77D55D89593}
[2010-11-04 09:40:11 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-06-02 20:53:55 | 000,000,000 | ---D | M] (OggX (powered by TIME S.A.)) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{eaf8a4ef-d221-45ca-9deb-d0934b45fa34}
[2010-06-02 20:53:55 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010-06-02 20:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\firegestures@xuldev.org
[2010-09-12 20:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tl27vutp.default\extensions\personas@christopher.beard
[2010-11-26 21:03:02 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-06-23 13:55:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-06-23 13:54:52 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-06-07 08:49:44 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010-04-01 18:33:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-04-01 18:33:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-04-01 18:33:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-04-01 18:33:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-04-01 18:33:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-04-01 18:33:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2004-08-04 22:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-936243105-3892831707-2462436517-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-936243105-3892831707-2462436517-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-936243105-3892831707-2462436517-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O16 - DPF: {108D3206-846A-4A93-BACB-F0572D043ED7} http://86.111.207.38:8010/webrec.cab (DHSurveillanceCtrl Control)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.17.34.10 86.111.200.10
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ACNotify: DllName - ACNotify.dll - C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo )
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\tpfnf2: DllName - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - C:\Program Files\Lenovo\HOTKEY\tphklock.dll - C:\Program Files\Lenovo\HOTKEY\tphklock.dll ()
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-03-02 05:00:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-11-25 13:36:38 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-11-08 10:50:28 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-11-08 10:50:28 | 000,000,000 | ---D | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006-03-02 05:00:48 | 000,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009-11-08 10:50:28 | 000,000,000 | RHSD | M] - G:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{0bbc0071-9f29-11df-81fc-001c25928682}\Shell - "" = AutoRun
O33 - MountPoints2\{0bbc0071-9f29-11df-81fc-001c25928682}\Shell\AutoRun\command - "" = H:\MicroLauncher.exe -- File not found
O33 - MountPoints2\{a4b551ac-f882-11df-8305-001c25928682}\Shell - "" = AutoRun
O33 - MountPoints2\{a4b551ac-f882-11df-8305-001c25928682}\Shell\AutoRun\command - "" = H:\AutoRunCardDetector.exe -- File not found
O33 - MountPoints2\{a96bacc4-c81b-11df-8271-00215c2b0cbf}\Shell - "" = AutoRun
O33 - MountPoints2\{a96bacc4-c81b-11df-8271-00215c2b0cbf}\Shell\AutoRun\command - "" = H:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BTTray.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe - (Avanquest Software )
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe - (Microsoft Corporation)
MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]AwaySch[/b] - hkey= - key= - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
MsConfig - StartUpReg: [b]BLOG[/b] - hkey= - key= - C:\Program Files\ThinkPad\Utilities\BATLOGEX.DLL ()
MsConfig - StartUpReg: [b]cssauth[/b] - hkey= - key= - C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
MsConfig - StartUpReg: [b]EZEJMNAP[/b] - hkey= - key= - C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.)
MsConfig - StartUpReg: [b]ISUSPM Startup[/b] - hkey= - key= - C:\Program Files\Common Files\Installshield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: [b]ISUSScheduler[/b] - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: [b]iTunesHelper[/b] - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: [b]LPManager[/b] - hkey= - key= - C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)
MsConfig - StartUpReg: [b]PWRMGRTR[/b] - hkey= - key= - C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: [b]RayV[/b] - hkey= - key= - C:\Program Files\RayV\RayV\RayV.exe (RayV)
MsConfig - StartUpReg: [b]snp2uvc[/b] - hkey= - key= - C:\WINDOWS\vsnp2uvc.exe (Sonix)
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: [b]TPFNF7[/b] - hkey= - key= - C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
MsConfig - StartUpReg: [b]TpShocks[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]TrackPointSrv[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]TVT Scheduler Proxy[/b] - hkey= - key= - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
MsConfig - StartUpReg: [b]WMPNSCFG[/b] - hkey= - key= - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-11-26 20:45:26 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010-11-25 13:36:38 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010-11-18 21:33:03 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010-10-31 08:14:32 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle
[2010-10-22 08:24:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Wireshark
[2010-10-22 08:01:04 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2010-10-22 07:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark
[2010-10-20 10:16:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\McAfee
[2010-10-20 10:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee
[2010-09-30 21:04:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\vShare
[2010-09-30 21:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\vShare
[2010-06-02 00:57:32 | 000,167,936 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2010-06-02 00:57:32 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-12-16 08:29:45 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{4088FF0D-EF0B-4396-9971-BAF7B1D937D1}.job
[2010-11-29 12:13:41 | 000,002,934 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010-11-29 12:04:25 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-11-29 12:04:22 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-11-29 12:02:17 | 000,025,269 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI
[2010-11-29 12:02:03 | 000,000,480 | ---- | M] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2010-11-29 12:02:01 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-11-29 12:02:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-11-29 12:01:58 | 1063,563,264 | -HS- | M] () -- C:\hiberfil.sys
[2010-11-29 12:00:59 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\admin\NTUSER.DAT
[2010-11-29 12:00:43 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\admin\ntuser.ini
[2010-11-29 11:58:01 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-11-29 11:55:59 | 000,523,078 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-11-29 11:55:59 | 000,441,772 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-11-29 11:55:59 | 000,098,292 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-11-29 11:55:59 | 000,071,708 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-11-29 11:55:58 | 001,148,872 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-11-29 09:17:23 | 068,246,503 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010-11-26 16:03:28 | 006,382,154 | -H-- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-11-26 10:35:51 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\raport usł 16.11.09-28.10.10.xls
[2010-11-26 09:20:41 | 000,001,768 | -H-- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\Default.rdp
[2010-11-25 09:57:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-11-17 15:36:57 | 000,014,767 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\padziernik1.ods
[2010-11-12 09:33:48 | 000,015,872 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-09 08:20:33 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Programer Faktura.lnk
[2010-10-25 19:35:46 | 000,002,191 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\MSO_Plus.lnk
[2010-10-22 08:01:06 | 000,000,065 | ---- | M] () -- C:\WINDOWS\System32\-1
[2010-10-13 11:44:30 | 000,122,136 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-10-13 11:40:28 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-11-26 08:48:03 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\raport usł 16.11.09-28.10.10.xls
[2010-11-17 15:36:57 | 000,014,767 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\padziernik1.ods
[2010-10-22 08:01:06 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\-1
[2010-09-24 21:43:14 | 000,091,741 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Optimizer.txt
[2010-06-25 18:03:12 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010-06-07 18:46:07 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-06-07 18:46:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010-06-07 18:46:05 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-06-07 18:46:05 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-06-07 18:46:05 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-06-07 18:46:05 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010-06-07 08:52:15 | 000,002,934 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010-06-02 21:42:05 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-02 08:44:44 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2010-06-02 01:40:22 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2010-06-02 01:40:22 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2010-06-02 01:40:22 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2010-06-02 01:40:22 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2010-06-02 01:40:22 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2010-06-02 01:40:22 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2010-06-02 01:40:22 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2010-06-02 01:40:22 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2010-06-02 01:40:22 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2010-06-02 01:40:22 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2010-06-02 01:40:22 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2010-06-02 01:40:22 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2010-06-02 01:40:22 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2010-06-02 01:40:22 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2010-06-02 01:40:22 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2010-06-02 01:40:09 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2010-06-02 01:40:08 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2010-06-02 01:40:03 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2010-06-02 01:40:03 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2010-06-02 01:40:02 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2010-06-02 01:40:01 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2010-06-02 01:39:58 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2010-06-02 01:39:56 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2010-06-02 01:39:56 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2010-06-02 01:39:52 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2010-06-02 01:39:50 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2010-06-02 01:39:47 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll
[2010-06-02 01:39:46 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2010-06-02 01:39:31 | 001,148,872 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-02 01:39:31 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2010-06-02 01:39:31 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2010-06-02 01:39:31 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2010-06-02 01:39:31 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2010-06-02 01:39:31 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2010-06-02 01:39:31 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2010-06-02 01:39:31 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2010-06-02 01:39:31 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-06-02 01:39:31 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2010-06-02 01:39:31 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2010-06-02 01:39:31 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2010-06-02 01:39:31 | 000,002,035 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2010-06-02 01:39:31 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2010-06-02 01:39:31 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2010-06-02 01:39:31 | 000,000,565 | ---- | C] () -- C:\WINDOWS\win.ini
[2010-06-02 01:39:31 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2010-06-02 01:39:31 | 000,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2010-06-02 01:39:31 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2010-06-02 01:39:31 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2010-06-02 01:39:26 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2010-06-02 01:39:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2010-06-02 01:29:43 | 006,382,154 | -H-- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-06-02 01:29:43 | 000,012,328 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-02 01:29:43 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2010-06-02 01:22:52 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010-06-02 01:13:12 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys
[2010-06-02 01:08:07 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010-06-02 01:06:37 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2010-06-02 01:06:37 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2010-06-02 01:06:37 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2010-06-02 01:06:37 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2010-06-02 01:06:37 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2010-06-02 01:06:37 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2010-06-02 01:01:00 | 000,910,464 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2010-06-02 01:01:00 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4785.dll
[2010-06-02 00:59:08 | 000,012,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2010-06-02 00:58:11 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS
[2010-06-02 00:57:32 | 009,598,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010-06-02 00:57:32 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2010-06-02 00:46:19 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\tp4uires.dll
[2008-05-26 21:22:36 | 000,016,222 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008-05-26 21:22:34 | 000,021,728 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008-05-26 21:22:32 | 000,016,164 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007-08-09 16:43:16 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4860.dll
[2007-03-02 13:15:36 | 000,025,269 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI
[2007-03-02 13:15:25 | 000,000,480 | ---- | C] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2007-02-27 16:48:38 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007-02-27 16:29:32 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2007-01-16 16:12:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006-09-05 13:20:36 | 000,079,400 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL
[2005-02-17 10:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005-02-17 10:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001-11-14 11:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-06-07 14:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\AVG9
[2010-06-07 09:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ESET
[2010-11-28 15:04:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\foobar2000
[2010-06-17 12:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Foxit Software
[2010-08-27 18:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\InterVideo
[2010-06-28 13:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Leadertech
[2010-06-02 01:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Lenovo
[2010-06-07 07:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\OpenOffice.org
[2010-06-08 12:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\PDF Writer
[2010-07-30 19:25:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\RayV
[2010-06-02 21:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Thunderbird
[2010-11-26 10:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\uTorrent
[2010-09-30 21:04:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\vShare
[2010-06-07 12:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Windows Desktop Search
[2010-06-07 12:53:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Windows Search
[2010-10-22 08:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Wireshark
[2010-06-02 01:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Lenovo
[2010-06-07 14:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9
[2010-06-09 19:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm
[2010-06-02 01:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Lenovo
[2010-06-02 01:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC-Doctor
[2010-06-08 12:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PDF Writer
[2010-06-09 15:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010-06-02 01:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\Lenovo
[2010-06-02 01:51:49 | 000,000,316 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job
[2010-12-16 08:29:45 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{4088FF0D-EF0B-4396-9971-BAF7B1D937D1}.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-06-16 09:30:16 | 000,000,193 | ---- | M] () -- C:\06161030.PRN
[2006-03-02 05:00:48 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-07-29 09:17:46 | 000,000,401 | RHS- | M] () -- C:\boot.ini
[2004-08-04 22:00:00 | 000,004,952 | RHS- | M] () -- C:\bootfont.bin
[2006-03-02 05:00:48 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-06-02 01:07:41 | 000,002,656 | ---- | M] () -- C:\drivez.log
[2006-04-14 06:55:44 | 000,000,529 | ---- | M] () -- C:\dsbHSM.inf
[2010-07-30 16:26:38 | 000,001,985 | ---- | M] () -- C:\FlashDOM.sh
[2010-11-29 12:01:58 | 1063,563,264 | -HS- | M] () -- C:\hiberfil.sys
[2006-03-02 05:00:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-06-25 13:07:44 | 000,007,532 | ---- | M] () -- C:\mksbasel.cpp.log
[2006-03-02 05:00:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-04 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010-06-02 21:59:21 | 000,251,152 | RHS- | M] () -- C:\NTLDR
[2010-11-29 12:01:57 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2008-06-16 10:59:44 | 000,036,580 | ---- | M] () -- C:\setkey
[2010-06-02 08:44:46 | 000,000,093 | ---- | M] () -- C:\syslevel.lgl
[2010-11-29 12:02:01 | 000,005,484 | ---- | M] () -- C:\TPHKLOCK.TXT


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:agp440.sys
[2004-08-04 22:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2010-06-02 21:50:49 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2010-06-02 21:50:49 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004-08-04 22:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010-06-02 21:50:49 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010-06-02 21:50:49 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2004-08-04 22:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys
[2004-08-04 22:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010-06-02 21:50:49 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2010-06-02 21:50:49 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2009-12-22 19:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

< End of report >
[/log]

Potrzebujesz jeszcze log'a z RSIT?
Przy okazji, na E gdzie mam OTL utworzył się katalog z taką samą nazwą jak log z usuwania, gdzie są katalogi i pliki? Co z nim zrobić?

Tomek01
komentarz
komentarz

Nie potrzeba już RSIT.

Wklej do OTL:

W OTL, w oknie Custom scan/fixes wklej:


[code]:OTL
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll File not found
O32 - AutoRun File - [2009-11-08 10:50:28 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-11-08 10:50:28 | 000,000,000 | ---D | M] - E:\autorun.inf -- [ NTFS ]

:Files
C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

:Commands
[emptytemp][/code]


Następnie uruchamiasz ponownie OTL i wciskasz opcję CleanUp.
To w zasadzie wszystko.

W wolnym czasie wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url]

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.