pulsar1993 utworzono 25 listopada 2010 utworzono 25 listopada 2010 (edytowane) Witam, od niedawna internet strasznie wolno mi chodzi, czasem nie chca sie wczytywac stronki. Posiadam internet 1 MB. Polecono mi przeskanować komputer HiJackThis. Przeskanowalem. Poniżej zamieszczam Log: [log]Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:38:27, on 2010-11-25 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18975) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\hp\support\hpsysdrv.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\ehome\ehtray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\Windows\ehome\ehmsas.exe C:\Users\Magnum\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\hp\kbd\kbd.exe C:\Program Files\Opera\opera.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cndt R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wyborcza.pl/0,0.html?p=015 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cndt R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cndt R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - (no file) O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Magnum\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: &Wyszukiwarka na pasku narzędzi AOL - C:\ProgramData\AOL\ieToolbar\resources\pl-PL\local\search.html O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O16 - DPF: {063F7D71-5E0B-48F2-87D5-F63C5917947E} - http://ahnlabdownload.nefficient.co.kr/aos/plugin/aosmgr.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C510C9D3-DD01-45D1-AB83-1DE139433497}: NameServer = 192.168.1.1,85.255.114.110 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- End of file - 9705 bytes[/log] Prosze o jak najszybszą pomoc. Dziękuję. EDIT: Zaraz wrzuce logi z programu OTL. Log OTL: [log]OTL logfile created on: 2010-11-25 17:55:13 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Magnum\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free 7,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 457,38 Gb Total Space | 342,18 Gb Free Space | 74,81% Space Free | Partition Type: NTFS Drive D: | 8,38 Gb Total Space | 1,10 Gb Free Space | 13,08% Space Free | Partition Type: NTFS Computer Name: MAGNUM-PC | User Name: Magnum | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-11-25 17:53:24 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Magnum\Desktop\OTL.exe PRC - [2010-10-18 20:40:01 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Users\Magnum\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe PRC - [2010-10-08 13:00:10 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2010-09-22 11:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2010-09-21 13:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2010-09-21 13:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2010-09-15 03:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe PRC - [2010-09-13 14:56:02 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe PRC - [2010-08-17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-06-30 12:25:23 | 000,075,064 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2010-05-14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-03-30 10:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2010-03-25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe PRC - [2009-06-15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-04-11 07:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-04-11 07:28:08 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe PRC - [2009-04-11 07:28:07 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2009-04-11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-04-11 07:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-04-11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-04-11 07:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 07:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2008-12-08 14:50:04 | 000,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe PRC - [2008-10-16 19:11:26 | 000,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe PRC - [2008-10-16 19:11:26 | 000,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe PRC - [2008-10-16 18:23:30 | 000,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2008-10-16 18:15:38 | 000,344,064 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe PRC - [2008-07-03 11:27:12 | 006,266,880 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008-04-17 13:21:00 | 000,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2008-03-17 17:07:02 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2008-03-14 17:31:38 | 000,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe PRC - [2008-01-21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2008-01-21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008-01-21 03:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe PRC - [2008-01-21 03:25:11 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe PRC - [2008-01-21 03:24:59 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe PRC - [2008-01-21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 03:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2007-12-27 15:39:30 | 000,166,520 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe PRC - [2007-12-27 15:39:20 | 000,051,816 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe PRC - [2007-05-16 16:56:44 | 000,067,128 | ---- | M] (Hewlett-Packard Company) -- C:\hp\KBD\kbd.exe PRC - [2007-04-30 18:43:54 | 003,450,608 | ---- | M] (Stardock) -- C:\Program Files\Stardock\ObjectDock\ObjectDock.exe PRC - [2007-04-18 16:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe PRC - [2006-11-02 10:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-11-25 17:53:24 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Magnum\Desktop\OTL.exe MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2010-07-26 16:51:48 | 011,584,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-06-28 18:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-04-16 17:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-09-24 23:54:55 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2009-07-17 14:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-06-15 15:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-06-15 15:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-04-23 13:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-04-11 07:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-04-11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-04-11 07:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-04-11 07:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-04-11 07:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-04-11 07:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-04-11 07:28:24 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2009-04-11 07:28:24 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2009-04-11 07:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-04-11 07:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-04-11 07:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-04-11 07:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009-04-11 07:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2009-04-11 07:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-04-11 07:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-04-11 07:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-04-11 07:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009-04-11 07:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-04-11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-04-11 07:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-04-11 07:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-04-11 07:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-04-11 07:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-04-11 07:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-04-11 07:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-04-11 07:27:49 | 001,202,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2008-01-21 03:25:29 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 03:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 03:24:37 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-21 03:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008-01-21 03:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 03:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 03:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (NMSAccessU) SRV - [2010-09-22 23:21:24 | 001,493,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2010-09-22 15:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010-09-22 11:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2010-03-30 10:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010-03-25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc) SRV - [2010-03-18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state) SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-03-18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2010-03-18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpActivator) SRV - [2010-03-18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetPipeActivator) SRV - [2010-03-18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetMsmqActivator) SRV - [2009-09-25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-12-27 15:39:30 | 000,166,520 | ---- | M] () [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service) SRV - [2007-12-27 15:39:20 | 000,051,816 | ---- | M] () [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\ZDPSp60.sys -- (ZDPSp60) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\pcdrndisuio.sys -- (PcdrNdisuio) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2010-09-22 23:21:24 | 000,039,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr) DRV - [2010-04-12 09:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu) DRV - [2010-03-25 20:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon) DRV - [2010-02-03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2009-10-13 09:50:00 | 000,133,632 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Mkd2kfNT.sys -- (Mkd2kfNt) DRV - [2009-08-14 11:44:10 | 000,023,096 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DrmRAudio.sys -- (DrmRAudio) DRV - [2009-07-13 09:37:00 | 000,079,360 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Mkd2Nadr.sys -- (Mkd2Nadr) DRV - [2009-02-05 21:49:30 | 000,032,000 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stppp.sys -- (stppp) DRV - [2009-02-04 17:22:31 | 000,040,320 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\steth.sys -- (STETH) DRV - [2009-02-04 17:22:31 | 000,030,464 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\st330.sys -- (ST330) DRV - [2009-02-04 17:22:31 | 000,012,672 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stbus.sys -- (STBUS) DRV - [2009-01-29 16:03:51 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2008-07-29 03:45:00 | 000,904,192 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb) DRV - [2008-07-03 17:03:48 | 002,152,088 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-04-17 13:21:00 | 007,436,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008-01-25 20:02:04 | 000,132,128 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32) DRV - [2008-01-25 20:02:02 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32) DRV - [2008-01-21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008-01-21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008-01-21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008-01-21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008-01-21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008-01-21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008-01-21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008-01-21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008-01-21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008-01-21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008-01-21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008-01-21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008-01-21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008-01-21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008-01-21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008-01-21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008-01-21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008-01-21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008-01-21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008-01-21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008-01-21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008-01-21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008-01-21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007-10-12 16:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvsmu.sys -- (nvsmu) DRV - [2007-06-24 21:56:54 | 000,038,920 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb) DRV - [2007-06-24 21:56:40 | 000,027,656 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV - [2007-06-24 21:56:34 | 000,034,312 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio) DRV - [2007-03-05 20:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT) DRV - [2007-03-05 20:57:14 | 000,019,472 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VHIDMini.sys -- (VHidMinidrv) DRV - [2007-03-05 20:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BTHidMgr.sys -- (BTHidMgr) DRV - [2007-03-05 20:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\vbtenum.sys -- (BTHidEnum) DRV - [2007-03-05 20:53:18 | 000,044,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VCommMgr.sys -- (VcommMgr) DRV - [2007-03-05 20:52:18 | 000,034,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm) DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 08:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2005-12-12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2) DRV - [2005-06-04 20:07:56 | 000,319,104 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rt61.sys -- (RT61) DRV - [2005-04-07 17:18:34 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\Drivers\BANTExt.sys -- (BANTExt) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cndt IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cndt IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2512262181-1095973835-1943787894-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cndt IE - HKU\S-1-5-21-2512262181-1095973835-1943787894-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wyborcza.pl/0,0.html?p=015 IE - HKU\S-1-5-21-2512262181-1095973835-1943787894-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2512262181-1095973835-1943787894-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-07-30 11:10:59 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-09-26 21:07:36 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-11-11 13:03:35 | 000,000,000 | ---D | M] [2010-11-11 13:03:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-11-11 13:03:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-09-15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-09-14 22:29:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-09-14 22:29:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-09-14 22:29:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-09-14 22:29:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-09-14 22:29:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-09-14 22:29:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-04-09 19:38:21 | 000,001,050 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 orbitservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com) O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com) O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found. O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O3 - HKU\S-1-5-21-2512262181-1095973835-1943787894-1001\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKU\S-1-5-21-2512262181-1095973835-1943787894-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-21-2512262181-1095973835-1943787894-1001\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [HP Health Check Scheduler] File not found O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe () O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-2512262181-1095973835-1943787894-1001..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks) O4 - Startup: C:\Users\All Users\Adobe [2008-12-09 15:26:02 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\ALLPlayer [2010-10-09 16:10:10 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Alwil Software [2010-08-11 09:43:02 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\AOL [2008-07-21 11:18:11 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Application Data [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Bluetooth [2008-12-24 20:34:28 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\CyberLink [2009-01-06 22:58:43 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\DAEMON Tools Lite [2009-01-29 16:10:13 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Dane aplikacji [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Desktop [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Documents [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Dokumenty [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\eBay.ico () O4 - Startup: C:\Users\All Users\Electronic Arts [2010-05-18 22:12:40 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\ezsidmv.dat () O4 - Startup: C:\Users\All Users\Favorites [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Gadu-Gadu 10 [2010-09-02 15:03:00 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Hewlett-Packard [2009-10-15 18:24:52 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\HP [2009-07-30 11:15:05 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\HP Product Assistant [2009-07-30 11:06:22 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\hpzinstall.log () O4 - Startup: C:\Users\All Users\ipla [2010-09-02 15:07:01 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\LightScribe [2008-12-26 16:35:45 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Menu Start [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Microsoft [2010-11-22 17:57:49 | 000,000,000 | --SD | M] O4 - Startup: C:\Users\All Users\Microsoft Help [2010-11-12 11:36:56 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\muvee Technologies [2008-07-21 11:12:31 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Nero [2010-09-15 17:11:38 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\NVIDIA [2009-07-05 14:18:05 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\OpenFM [2010-03-01 17:07:07 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\PC-Doctor [2008-07-21 11:17:13 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\PC-Doctor 5 for Windows [2008-07-21 11:17:13 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Pulpit [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\QuickStores.ico () O4 - Startup: C:\Users\All Users\Skype [2010-11-07 17:52:35 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Start Menu [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Sun [2010-04-21 16:22:24 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Symantec [2009-02-24 10:59:41 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Systweak [2010-06-04 08:14:20 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Szablony [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Templates [2006-11-02 14:02:04 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Ubisoft [2010-10-15 16:47:59 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Ulubione [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\WEBREG [2009-07-30 11:16:22 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\WindowsSearch [2010-05-18 21:20:05 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\asd\AppData [2008-12-09 15:24:04 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\asd\Contacts [2008-12-09 15:28:00 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\Cookies [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Dane aplikacji [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Desktop [2008-12-09 15:28:09 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\Documents [2008-12-09 15:28:09 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\Downloads [2008-12-09 15:28:09 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\Favorites [2008-12-09 15:28:13 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\Links [2010-09-15 16:55:59 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\Menu Start [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Moje dokumenty [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Music [2008-12-09 15:28:09 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\NetHood [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\NTUSER.DAT () O4 - Startup: C:\Users\asd\ntuser.dat.LOG1 () O4 - Startup: C:\Users\asd\ntuser.dat.LOG2 () O4 - Startup: C:\Users\asd\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf () O4 - Startup: C:\Users\asd\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\asd\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\asd\NTUSER.DAT{4a459610-a4b2-11df-9c82-00158310bb1b}.TM.blf () O4 - Startup: C:\Users\asd\NTUSER.DAT{4a459610-a4b2-11df-9c82-00158310bb1b}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\asd\NTUSER.DAT{4a459610-a4b2-11df-9c82-00158310bb1b}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\asd\NTUSER.DAT{bf9abbb8-e29c-11df-a9b3-00158310bb1b}.TM.blf () O4 - Startup: C:\Users\asd\NTUSER.DAT{bf9abbb8-e29c-11df-a9b3-00158310bb1b}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\asd\NTUSER.DAT{bf9abbb8-e29c-11df-a9b3-00158310bb1b}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\asd\ntuser.ini () O4 - Startup: C:\Users\asd\Pictures [2008-12-09 15:28:09 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\PrintHood [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Recent [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Saved Games [2008-12-09 15:28:09 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\Searches [2008-12-09 15:28:09 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\SendTo [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Szablony [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Ustawienia lokalne [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Videos [2008-12-09 15:28:09 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\AppData [2006-11-02 12:18:34 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\Default\Application Data [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Cookies [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Dane aplikacji [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Desktop [2006-11-02 11:23:35 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Documents [2008-12-09 15:25:55 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Downloads [2006-11-02 11:23:35 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Favorites [2006-11-02 11:23:35 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Links [2006-11-02 11:23:35 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Local Settings [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Menu Start [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Moje dokumenty [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Music [2006-11-02 11:23:35 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\My Documents [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\NetHood [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\NTUSER.DAT () O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG () O4 - Startup: C:\Users\Default\ntuser.dat.LOG1 () O4 - Startup: C:\Users\Default\ntuser.dat.LOG2 () O4 - Startup: C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf () O4 - Startup: C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Default\Pictures [2006-11-02 11:23:35 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\PrintHood [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Recent [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Saved Games [2006-11-02 11:23:35 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Default\SendTo [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Start Menu [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Szablony [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Templates [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Ustawienia lokalne [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Videos [2006-11-02 11:23:35 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\.gstreamer-0.10 [2009-05-04 19:45:57 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Magnum\AppData [2008-12-24 20:13:59 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\Magnum\Application Data [2009-01-12 14:53:37 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Magnum\Contacts [2010-06-04 19:33:04 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\Cookies [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\Dane aplikacji [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\dbghelp.dll () O4 - Startup: C:\Users\Magnum\Desktop [2010-11-25 17:52:23 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\Documents [2010-11-22 17:57:49 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\Downloads [2010-10-27 16:25:44 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\Favorites [2009-10-18 16:16:31 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\Gadu-Gadu [2009-01-06 20:56:57 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Magnum\Links [2006-11-02 11:23:35 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\Menu Start [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\Moje dokumenty [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\Music [2010-11-06 23:10:44 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\NetHood [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\NOTICE.TXT () O4 - Startup: C:\Users\Magnum\ntuser.dat () O4 - Startup: C:\Users\Magnum\ntuser.dat.bak () O4 - Startup: C:\Users\Magnum\ntuser.dat.LOG1 () O4 - Startup: C:\Users\Magnum\ntuser.dat.LOG2 () O4 - Startup: C:\Users\Magnum\ntuser.dat.sav.LOG1 () O4 - Startup: C:\Users\Magnum\ntuser.dat.sav.LOG2 () O4 - Startup: C:\Users\Magnum\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf () O4 - Startup: C:\Users\Magnum\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Magnum\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Magnum\ntuser.dat{5ee53ab4-6f11-11df-9c31-806e6f6e6963}.TM.blf () O4 - Startup: C:\Users\Magnum\ntuser.dat{5ee53ab4-6f11-11df-9c31-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Magnum\ntuser.dat{5ee53ab4-6f11-11df-9c31-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Magnum\ntuser.dat{62b62e7f-55b7-11de-b913-00158310bb1b}.TM.blf () O4 - Startup: C:\Users\Magnum\ntuser.dat{62b62e7f-55b7-11de-b913-00158310bb1b}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Magnum\ntuser.dat{62b62e7f-55b7-11de-b913-00158310bb1b}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Magnum\ntuser.ini () O4 - Startup: C:\Users\Magnum\Pictures [2010-11-07 18:02:55 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\Pomoc i wsparcie techniczne.lnk = File not found O4 - Startup: C:\Users\Magnum\PrintHood [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\Recent [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\Saved Games [2010-06-24 13:55:32 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Magnum\Searches [2008-12-25 15:26:17 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\SendTo [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\Szablony [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\Tracing [2010-08-01 20:06:54 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Magnum\Ustawienia lokalne [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\Videos [2010-11-13 19:51:30 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\CyberLink [2010-07-23 11:19:52 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Public\Desktop [2010-11-15 20:08:16 | 000,000,000 | RH-D | M] O4 - Startup: C:\Users\Public\Documents [2010-03-28 19:56:52 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Downloads [2006-11-02 13:50:50 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Favorites [2006-11-02 11:23:35 | 000,000,000 | RH-D | M] O4 - Startup: C:\Users\Public\Music [2006-11-02 13:50:50 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Pictures [2006-11-02 13:50:50 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Recorded TV [2010-02-02 22:16:16 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Videos [2006-11-02 13:50:50 | 000,000,000 | R--D | M] O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-21-2512262181-1095973835-1943787894-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM () O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM () O8 - Extra context menu item: &Wyszukiwarka na pasku narzędzi AOL - C:\ProgramData\AOL\ieToolbar\resources\pl-PL\local\search.html () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O9 - Extra Button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O13 - gopher Prefix: missing O16 - DPF: {063F7D71-5E0B-48F2-87D5-F63C5917947E} http://ahnlabdownload.nefficient.co.kr/aos/plugin/aosmgr.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Magnum\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\Magnum\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-07-21 11:12:45 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{6cfa5a0c-01f7-11df-b2ac-00158310bb1b}\Shell\AUtoplAY\CommaNd - "" = jgrj.cmd O33 - MountPoints2\{6cfa5a0c-01f7-11df-b2ac-00158310bb1b}\Shell\AutoRun\command - "" = jgrj.cmd O33 - MountPoints2\{6cfa5a0c-01f7-11df-b2ac-00158310bb1b}\Shell\eXPlore\ComMAnD - "" = jgrj.cmd O33 - MountPoints2\{6cfa5a0c-01f7-11df-b2ac-00158310bb1b}\Shell\opEN\commAnd - "" = jgrj.cmd O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found O33 - MountPoints2\J\Shell - "" = AutoRun O33 - MountPoints2\K\Shell - "" = AutoRun O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\autorun.exe -- File not found O33 - MountPoints2\L\Shell - "" = AutoRun O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (sasnative32) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\gprs.exe - (IVT Corporation.) MsConfig - StartUpReg: [b]LogMeIn Hamachi Ui[/b] - hkey= - key= - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) MsConfig - StartUpReg: [b]MsnMsgr[/b] - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]PWRISOVM.EXE[/b] - hkey= - key= - C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) MsConfig - State: "services" - 0 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation) SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation) SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-11-25 17:36:25 | 000,000,000 | ---D | C] -- C:\Program Files\HiJackThis [2010-11-22 17:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2010-11-22 17:55:34 | 000,000,000 | ---D | C] -- C:\Windows\symbols [2010-11-22 17:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0 [2010-11-22 17:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs [2010-11-22 17:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer [2010-11-22 17:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Merge Modules [2010-11-07 19:41:20 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client [2010-11-07 17:52:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010-11-07 17:52:38 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2010-10-28 16:14:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2010-10-28 16:14:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE [2010-10-26 21:38:00 | 000,000,000 | ---D | C] -- C:\Program Files\ZhyperMU [2010-10-26 15:56:15 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment [2010-10-26 15:56:15 | 000,000,000 | ---D | C] -- \Perfect World Entertainment [2010-10-25 19:19:33 | 000,000,000 | ---D | C] -- C:\Program Files\GameSpy Arcade [2010-10-25 15:34:30 | 000,000,000 | ---D | C] -- C:\Windows\pl [2010-10-25 15:34:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2010-10-25 15:33:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2010-10-25 15:31:28 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar [2010-10-25 15:31:10 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer [2010-10-25 15:29:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010-10-13 15:57:48 | 000,000,000 | ---D | C] -- C:\Program Files\IObit [2010-09-26 21:07:34 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-11-25 17:57:34 | 003,932,160 | ---- | M] () -- C:\Users\Magnum\ntuser.dat [2010-11-25 17:45:04 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2512262181-1095973835-1943787894-1001UA.job [2010-11-25 16:52:49 | 001,606,800 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010-11-25 16:52:49 | 000,711,470 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2010-11-25 16:52:49 | 000,631,438 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010-11-25 16:52:49 | 000,149,456 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2010-11-25 16:52:49 | 000,118,064 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010-11-25 16:50:20 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{818EED1D-D359-4C9B-ABF9-375D97E505F2}.job [2010-11-25 16:46:37 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010-11-25 16:46:37 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010-11-25 16:46:34 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-11-25 16:46:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-11-25 16:46:25 | 3488,022,528 | -HS- | M] () -- C:\hiberfil.sys [2010-11-25 00:18:29 | 000,524,288 | -HS- | M] () -- C:\Users\Magnum\ntuser.dat{5ee53ab4-6f11-11df-9c31-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [2010-11-25 00:18:29 | 000,065,536 | -HS- | M] () -- C:\Users\Magnum\ntuser.dat{5ee53ab4-6f11-11df-9c31-806e6f6e6963}.TM.blf [2010-11-24 21:45:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2512262181-1095973835-1943787894-1001Core.job [2010-11-07 17:54:11 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2010-11-04 00:02:00 | 000,157,007 | ---- | M] () -- C:\Windows\hpoins34.dat [2010-11-04 00:01:21 | 000,000,179 | ---- | M] () -- C:\Windows\win.ini [2010-10-26 11:30:16 | 000,334,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010-10-14 01:36:44 | 000,179,263 | ---- | M] () -- C:\Windows\System32\xlive.dll.cat [2010-10-10 15:51:13 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-10-14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2010-09-25 19:04:19 | 000,007,070 | ---- | C] () -- \NetworkCfg.xml [2010-09-15 15:14:50 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010-09-15 15:14:50 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2010-07-22 10:28:05 | 000,000,003 | ---- | C] () -- C:\Windows\treeskp.sys [2010-06-17 23:05:14 | 000,026,694 | ---- | C] () -- C:\ProgramData\eBay.ico [2010-06-17 23:05:14 | 000,025,214 | ---- | C] () -- C:\ProgramData\QuickStores.ico [2010-01-27 12:33:52 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-01-26 12:00:00 | 000,000,000 | ---- | C] () -- \asNetDbg.txt [2010-01-26 12:00:00 | 000,000,000 | ---- | C] () -- \asMsgDbg.txt [2010-01-26 12:00:00 | 000,000,000 | ---- | C] () -- \asErrlog.txt [2010-01-26 12:00:00 | 000,000,000 | ---- | C] () -- \asDbg.txt [2009-10-15 18:25:54 | 000,000,125 | ---- | C] () -- \FINIS_IT.TXT [2009-10-05 16:03:14 | 000,000,241 | ---- | C] () -- C:\Windows\SIERRA.INI [2009-07-30 10:59:31 | 000,001,595 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2009-07-05 14:00:06 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009-07-05 13:59:49 | 000,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll [2009-02-10 15:32:36 | 000,000,909 | ---- | C] () -- \updatedatfix.log [2009-02-10 15:29:15 | 000,000,574 | ---- | C] () -- \RHDSetup.log [2009-02-06 18:40:41 | 000,028,672 | ---- | C] () -- C:\Windows\System32\InsDrvZD.dll [2009-02-06 18:40:41 | 000,015,872 | ---- | C] () -- C:\Windows\System32\InsDrvZD64.DLL [2009-01-29 16:03:51 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2009-01-21 15:57:29 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS [2009-01-21 15:57:29 | 000,000,000 | RHS- | C] () -- \IO.SYS [2009-01-07 15:22:37 | 000,138,464 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2008-12-25 12:44:57 | 000,000,418 | ---- | C] () -- C:\Windows\ODBC.INI [2008-12-25 12:44:53 | 000,000,035 | ---- | C] () -- C:\Windows\vbaddin.ini [2008-12-24 20:38:10 | 000,003,840 | ---- | C] () -- C:\Windows\System32\drivers\BANTExt.sys [2008-07-21 20:46:54 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK [2008-07-21 20:46:52 | 000,333,257 | RHS- | C] () -- \bootmgr [2008-07-21 10:56:23 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll [2008-07-21 10:56:23 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll [2008-07-21 10:54:03 | 3488,022,528 | -HS- | C] () -- [2008-07-21 10:50:10 | 3801,690,112 | -HS- | C] () -- [2008-01-21 03:24:38 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini [2006-11-02 13:50:50 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 11:33:01 | 001,606,800 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI [2006-11-02 11:24:31 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2006-11-02 11:23:31 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini [2006-11-02 11:23:31 | 000,000,179 | ---- | C] () -- C:\Windows\win.ini [2006-11-02 11:23:09 | 000,000,074 | ---- | C] () -- \autoexec.bat [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-11-02 08:09:45 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys [2006-11-02 08:09:44 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS [2006-11-02 08:09:44 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS [2006-11-02 08:09:42 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS [2006-11-02 08:09:41 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS [2006-11-02 08:09:40 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS [2006-11-02 08:09:38 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS [2006-11-02 08:09:35 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS [2006-11-02 08:09:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS [2006-11-02 08:09:29 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS [2006-11-02 08:09:26 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS [2006-11-02 08:09:24 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS [2006-11-02 08:09:23 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS [2006-11-02 08:09:22 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS [2006-11-02 08:09:20 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS [2006-11-02 07:25:08 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll [2006-11-02 07:25:08 | 000,000,010 | ---- | C] () -- \config.sys [1999-01-22 17:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL [color=#E56717]========== LOP Check ==========[/color] [2010-10-09 16:10:10 | 000,000,000 | ---D | M] -- C:\Users\All Users\ALLPlayer [2010-08-11 09:43:02 | 000,000,000 | ---D | M] -- C:\Users\All Users\Alwil Software [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Application Data [2008-12-24 20:34:28 | 000,000,000 | ---D | M] -- C:\Users\All Users\Bluetooth [2009-01-29 16:10:13 | 000,000,000 | ---D | M] -- C:\Users\All Users\DAEMON Tools Lite [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dane aplikacji [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Documents [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumenty [2010-05-18 22:12:40 | 000,000,000 | ---D | M] -- C:\Users\All Users\Electronic Arts [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favorites [2010-09-02 15:03:00 | 000,000,000 | ---D | M] -- C:\Users\All Users\Gadu-Gadu 10 [2010-09-02 15:07:01 | 000,000,000 | ---D | M] -- C:\Users\All Users\ipla [2008-12-26 16:35:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\LightScribe [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Menu Start [2008-07-21 11:12:31 | 000,000,000 | ---D | M] -- C:\Users\All Users\muvee Technologies [2010-03-01 17:07:07 | 000,000,000 | ---D | M] -- C:\Users\All Users\OpenFM [2008-07-21 11:17:13 | 000,000,000 | ---D | M] -- C:\Users\All Users\PC-Doctor [2008-07-21 11:17:13 | 000,000,000 | ---D | M] -- C:\Users\All Users\PC-Doctor 5 for Windows [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Pulpit [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Start Menu [2010-06-04 08:14:20 | 000,000,000 | ---D | M] -- C:\Users\All Users\Systweak [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Szablony [2006-11-02 14:02:04 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Templates [2010-10-15 16:47:59 | 000,000,000 | ---D | M] -- C:\Users\All Users\Ubisoft [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Ulubione [2010-05-18 21:20:05 | 000,000,000 | ---D | M] -- C:\Users\All Users\WindowsSearch [2008-12-09 15:24:04 | 000,000,000 | -H-D | M] -- C:\Users\asd\AppData [2008-12-09 15:28:00 | 000,000,000 | R--D | M] -- C:\Users\asd\Contacts [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] -- C:\Users\asd\Cookies [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] -- C:\Users\asd\Dane aplikacji [2008-12-09 15:28:09 | 000,000,000 | R--D | M] -- C:\Users\asd\Desktop [2008-12-09 15:28:09 | 000,000,000 | R--D | M] -- C:\Users\asd\Documents [2008-12-09 15:28:09 | 000,000,000 | R--D | M] -- C:\Users\asd\Downloads [2008-12-09 15:28:13 | 000,000,000 | R--D | M] -- C:\Users\asd\Favorites [2010-09-15 16:55:59 | 000,000,000 | R--D | M] -- C:\Users\asd\Links [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] -- C:\Users\asd\Menu Start [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] -- C:\Users\asd\Moje dokumenty [2008-12-09 15:28:09 | 000,000,000 | R--D | M] -- C:\Users\asd\Music [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] -- C:\Users\asd\NetHood [2008-12-09 15:28:09 | 000,000,000 | R--D | M] -- C:\Users\asd\Pictures [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] -- C:\Users\asd\PrintHood [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] -- C:\Users\asd\Recent [2008-12-09 15:28:09 | 000,000,000 | R--D | M] -- C:\Users\asd\Saved Games [2008-12-09 15:28:09 | 000,000,000 | R--D | M] -- C:\Users\asd\Searches [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] -- C:\Users\asd\SendTo [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] -- C:\Users\asd\Szablony [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] -- C:\Users\asd\Ustawienia lokalne [2008-12-09 15:28:09 | 000,000,000 | R--D | M] -- C:\Users\asd\Videos [2006-11-02 12:18:34 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\Default\Application Data [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\Default\Cookies [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Dane aplikacji [2006-11-02 11:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Desktop [2008-12-09 15:25:55 | 000,000,000 | R--D | M] -- C:\Users\Default\Documents [2006-11-02 11:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Downloads [2006-11-02 11:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Favorites [2006-11-02 11:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Links [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\Default\Local Settings [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Menu Start [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Moje dokumenty [2006-11-02 11:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Music [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\Default\My Documents [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\Default\NetHood [2006-11-02 11:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Pictures [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\Default\PrintHood [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\Default\Recent [2006-11-02 11:23:35 | 000,000,000 | ---D | M] -- C:\Users\Default\Saved Games [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\Default\SendTo [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\Default\Start Menu [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Szablony [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\Default\Templates [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Ustawienia lokalne [2006-11-02 11:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Videos [2009-05-04 19:45:57 | 000,000,000 | ---D | M] -- C:\Users\Magnum\.gstreamer-0.10 [2008-12-24 20:13:59 | 000,000,000 | -H-D | M] -- C:\Users\Magnum\AppData [2009-01-12 14:53:37 | 000,000,000 | ---D | M] -- C:\Users\Magnum\Application Data [2010-06-04 19:33:04 | 000,000,000 | R--D | M] -- C:\Users\Magnum\Contacts [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] -- C:\Users\Magnum\Cookies [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] -- C:\Users\Magnum\Dane aplikacji [2010-11-25 17:52:23 | 000,000,000 | R--D | M] -- C:\Users\Magnum\Desktop [2010-11-22 17:57:49 | 000,000,000 | R--D | M] -- C:\Users\Magnum\Documents [2010-10-27 16:25:44 | 000,000,000 | R--D | M] -- C:\Users\Magnum\Downloads [2009-10-18 16:16:31 | 000,000,000 | R--D | M] -- C:\Users\Magnum\Favorites [2009-01-06 20:56:57 | 000,000,000 | ---D | M] -- C:\Users\Magnum\Gadu-Gadu [2006-11-02 11:23:35 | 000,000,000 | R--D | M] -- C:\Users\Magnum\Links [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] -- C:\Users\Magnum\Menu Start [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] -- C:\Users\Magnum\Moje dokumenty [2010-11-06 23:10:44 | 000,000,000 | R--D | M] -- C:\Users\Magnum\Music [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] -- C:\Users\Magnum\NetHood [2010-11-07 18:02:55 | 000,000,000 | R--D | M] -- C:\Users\Magnum\Pictures [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] -- C:\Users\Magnum\PrintHood [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] -- C:\Users\Magnum\Recent [2010-06-24 13:55:32 | 000,000,000 | ---D | M] -- C:\Users\Magnum\Saved Games [2008-12-25 15:26:17 | 000,000,000 | R--D | M] -- C:\Users\Magnum\Searches [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] -- C:\Users\Magnum\SendTo [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] -- C:\Users\Magnum\Szablony [2010-08-01 20:06:54 | 000,000,000 | ---D | M] -- C:\Users\Magnum\Tracing [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] -- C:\Users\Magnum\Ustawienia lokalne [2010-11-13 19:51:30 | 000,000,000 | R--D | M] -- C:\Users\Magnum\Videos [2010-11-15 20:08:16 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop [2010-03-28 19:56:52 | 000,000,000 | R--D | M] -- C:\Users\Public\Documents [2006-11-02 13:50:50 | 000,000,000 | R--D | M] -- C:\Users\Public\Downloads [2006-11-02 11:23:35 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites [2006-11-02 13:50:50 | 000,000,000 | R--D | M] -- C:\Users\Public\Music [2006-11-02 13:50:50 | 000,000,000 | R--D | M] -- C:\Users\Public\Pictures [2010-02-02 22:16:16 | 000,000,000 | R--D | M] -- C:\Users\Public\Recorded TV [2006-11-02 13:50:50 | 000,000,000 | R--D | M] -- C:\Users\Public\Videos [2010-11-25 00:18:16 | 000,032,546 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010-11-25 16:50:20 | 000,000,434 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{818EED1D-D359-4C9B-ABF9-375D97E505F2}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-01-26 12:00:00 | 000,000,000 | ---- | M] () -- C:\asDbg.txt [2010-01-26 12:00:00 | 000,000,000 | ---- | M] () -- C:\asErrlog.txt [2010-01-26 12:00:00 | 000,000,000 | ---- | M] () -- C:\asMsgDbg.txt [2010-01-26 12:00:00 | 000,000,000 | ---- | M] () -- C:\asNetDbg.txt [2008-07-21 11:12:45 | 000,000,074 | ---- | M] () -- C:\autoexec.bat [2009-04-11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2008-07-21 20:46:54 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006-09-18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2009-10-15 18:25:54 | 000,000,125 | ---- | M] () -- C:\FINIS_IT.TXT [2010-11-25 16:46:25 | 3488,022,528 | -HS- | M] () -- C:\hiberfil.sys [2009-01-21 15:57:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009-01-21 15:57:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-09-25 19:00:36 | 000,007,070 | ---- | M] () -- C:\NetworkCfg.xml [2010-11-25 16:46:24 | 3801,690,112 | -HS- | M] () -- C:\pagefile.sys [2009-02-10 15:30:24 | 000,000,574 | ---- | M] () -- C:\RHDSetup.log [2009-09-03 14:47:23 | 000,000,909 | ---- | M] () -- C:\updatedatfix.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008-01-21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008-01-21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-01-21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008-01-21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2007-01-12 21:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2008-01-21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008-01-21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < End of report >[/log] LOG z RSIT: [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Magnum at 2010-11-25 18:19:51 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 350 GB (75%) free of 468 GB Total RAM: 3326 MB (51% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:20:00, on 2010-11-25 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18975) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\hp\support\hpsysdrv.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\ehome\ehtray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\Windows\ehome\ehmsas.exe C:\Users\Magnum\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\hp\kbd\kbd.exe C:\Program Files\Opera\opera.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Magnum\Desktop\RSIT.exe C:\Program Files\trend micro\Magnum.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cndt R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wyborcza.pl/0,0.html?p=015 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cndt R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cndt R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - (no file) O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Magnum\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: &Wyszukiwarka na pasku narzędzi AOL - C:\ProgramData\AOL\ieToolbar\resources\pl-PL\local\search.html O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O16 - DPF: {063F7D71-5E0B-48F2-87D5-F63C5917947E} - http://ahnlabdownload.nefficient.co.kr/aos/plugin/aosmgr.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C510C9D3-DD01-45D1-AB83-1DE139433497}: NameServer = 192.168.1.1,85.255.114.110 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- End of file - 10074 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2512262181-1095973835-1943787894-1001Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2512262181-1095973835-1943787894-1001UA.job C:\Windows\tasks\User_Feed_Synchronization-{818EED1D-D359-4C9B-ABF9-375D97E505F2}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}] FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}] AOL Toolbar BHO - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll [2008-02-03 1185120] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-22 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}] FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-10-16 505136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll [2008-02-03 1185120] {8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536] "KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-04-17 13535776] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-04-17 92704] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-07-03 6266880] "HP Health Check Scheduler"=[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048] "NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] "MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-09-15 1094224] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"=C:\Windows\SMINST\launcher.exe [2008-02-29 46416] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952] "Google Update"=C:\Users\Magnum\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-22 136176] "ALLUpdate"=C:\Program Files\ALLPlayer\ALLUpdate.exe [2010-03-24 1432064] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-09-22 4240760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE [2010-04-12 180224] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BlueSoleil.lnk] C:\PROGRA~1\IVTCOR~1\BLUESO~1\gprs.exe [2007-12-27 43608] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE C:\Users\Magnum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2007-04-24 122880] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=149 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* .reg - open - "regedit.exe" "%1" ======List of files/folders created in the last 1 months====== 2010-11-25 18:12:16 ----D---- C:\rsit 2010-11-25 18:12:16 ----D---- C:\Program Files\trend micro 2010-11-22 17:58:15 ----D---- C:\Program Files\Microsoft Synchronization Services 2010-11-22 17:55:34 ----D---- C:\Windows\symbols 2010-11-22 17:55:29 ----D---- C:\Program Files\Microsoft Visual Studio 10.0 2010-11-22 17:55:29 ----D---- C:\Program Files\Microsoft SDKs 2010-11-22 17:55:29 ----D---- C:\Program Files\Microsoft Help Viewer 2010-11-22 17:55:29 ----D---- C:\Program Files\Common Files\Merge Modules 2010-11-22 16:31:38 ----D---- C:\Users\Magnum\AppData\Roaming\Dev-Cpp 2010-11-11 13:03:35 ----A---- C:\Windows\system32\javaws.exe 2010-11-11 13:03:35 ----A---- C:\Windows\system32\javaw.exe 2010-11-11 13:03:35 ----A---- C:\Windows\system32\java.exe 2010-11-07 19:41:55 ----D---- C:\Users\Magnum\AppData\Roaming\TS3Client 2010-11-07 19:41:20 ----D---- C:\Program Files\TeamSpeak 3 Client 2010-11-07 17:59:24 ----D---- C:\Users\Magnum\AppData\Roaming\Ventrilo 2010-11-07 17:52:44 ----D---- C:\Program Files\Common Files\Skype 2010-11-07 17:52:38 ----RD---- C:\Program Files\Skype 2010-11-07 17:52:38 ----D---- C:\Users\Magnum\AppData\Roaming\Skype 2010-10-31 11:58:46 ----A---- C:\Windows\system32\d3dx10_42.dll 2010-10-31 11:58:43 ----A---- C:\Windows\system32\D3DX9_42.dll 2010-10-28 16:14:20 ----D---- C:\Windows\system32\xlive 2010-10-28 16:14:19 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE 2010-10-27 15:04:16 ----A---- C:\Windows\system32\gameux.dll 2010-10-27 15:04:14 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll 2010-10-27 15:04:14 ----A---- C:\Windows\system32\Apphlpdm.dll 2010-10-26 21:38:00 ----D---- C:\Program Files\ZhyperMU 2010-10-26 15:56:15 ----D---- C:\Perfect World Entertainment 2010-10-26 15:20:48 ----D---- C:\Users\Magnum\AppData\Roaming\Windows Live Writer ======List of files/folders modified in the last 1 months====== 2010-11-25 18:19:50 ----D---- C:\Windows\Temp 2010-11-25 18:12:16 ----RD---- C:\Program Files 2010-11-25 18:11:59 ----D---- C:\Windows\Prefetch 2010-11-25 18:11:44 ----D---- C:\Program Files\Electronic Arts 2010-11-25 18:11:15 ----SHD---- C:\Windows\Installer 2010-11-25 18:11:15 ----SD---- C:\Users\Magnum\AppData\Roaming\Microsoft 2010-11-25 18:11:15 ----HD---- C:\Config.Msi 2010-11-25 18:11:10 ----SHD---- C:\System Volume Information 2010-11-25 16:52:49 ----D---- C:\Windows\System32 2010-11-25 16:52:49 ----D---- C:\Windows\inf 2010-11-25 16:52:49 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-11-25 16:46:53 ----D---- C:\Windows\SMINST 2010-11-24 18:31:24 ----D---- C:\Windows 2010-11-24 15:50:23 ----D---- C:\Windows\winsxs 2010-11-24 15:50:23 ----D---- C:\Program Files\Internet Explorer 2010-11-24 15:43:35 ----D---- C:\Downloads 2010-11-24 15:33:55 ----D---- C:\Windows\system32\drivers 2010-11-24 09:50:04 ----RSD---- C:\Windows\assembly 2010-11-24 09:50:04 ----D---- C:\Windows\Microsoft.NET 2010-11-24 08:55:32 ----D---- C:\Windows\system32\catroot 2010-11-22 17:58:15 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition 2010-11-22 17:57:49 ----SD---- C:\ProgramData\Microsoft 2010-11-22 17:56:32 ----D---- C:\Program Files\Common Files\microsoft shared 2010-11-22 17:55:29 ----D---- C:\Program Files\MSBuild 2010-11-22 17:55:29 ----D---- C:\Program Files\Common Files 2010-11-22 17:51:07 ----D---- C:\Windows\system32\en-US 2010-11-22 17:51:04 ----D---- C:\Program Files\Microsoft.NET 2010-11-22 17:50:44 ----D---- C:\Windows\SoftwareDistribution 2010-11-21 19:43:12 ----D---- C:\Windows\system32\catroot2 2010-11-15 22:30:57 ----D---- C:\Users\Magnum\AppData\Roaming\Gadu-Gadu 10 2010-11-13 17:51:10 ----D---- C:\Windows\Debug 2010-11-12 11:36:56 ----D---- C:\ProgramData\Microsoft Help 2010-11-12 11:36:27 ----D---- C:\Program Files\Windows Mail 2010-11-12 11:32:54 ----A---- C:\Windows\system32\mrt.exe 2010-11-11 13:03:34 ----D---- C:\Program Files\Java 2010-11-07 17:52:50 ----D---- C:\Windows\system32\Tasks 2010-11-07 17:52:35 ----D---- C:\ProgramData\Skype 2010-11-04 00:01:21 ----A---- C:\Windows\win.ini 2010-11-04 00:01:09 ----D---- C:\Windows\twain_32 2010-11-03 19:06:48 ----D---- C:\Program Files\sswc 2010-11-02 22:13:00 ----D---- C:\Program Files\Silkroad 2010-10-29 14:51:07 ----D---- C:\Program Files\Rockstar Games 2010-10-28 18:02:48 ----HD---- C:\Program Files\InstallShield Installation Information 2010-10-28 16:20:43 ----HD---- C:\ProgramData 2010-10-28 06:34:45 ----D---- C:\Windows\AppPatch 2010-10-28 06:14:49 ----D---- C:\Program Files\Microsoft Silverlight 2010-10-26 13:19:04 ----D---- C:\Users\Magnum\AppData\Roaming\GetRightToGo ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys [2007-03-05 20880] R0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys [2007-03-05 35600] R0 nvstor32;nvstor32; C:\Windows\system32\drivers\nvstor32.sys [2008-01-25 140832] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-01-29 717296] R1 BANTExt;Belarc SMBios Access; C:\Windows\System32\Drivers\BANTExt.sys [2005-04-07 3840] R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216] R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 59388] R3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrusb.sys [2008-07-29 904192] R3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2007-06-24 34312] R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-06-24 27656] R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320] R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-06-24 38920] R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-07-03 2152088] R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368] R3 NVENETFD;Sterownik kontrolera sieci NVIDIA nForce; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-04-17 7436384] R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192] R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 34448] R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2007-03-05 44304] R3 VHidMinidrv;Bluetooth HID Device Service; C:\Windows\system32\drivers\VHIDMini.sys [2007-03-05 19472] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S3 ADASPROT;SYSTWEAKASO; C:\Windows\system32\drivers\ADASPROT.sys [] S3 BthEnum;Usługa wyliczania Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528] S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-01-21 219648] S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-01-21 29184] S3 Dot4;Sterownik MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584] S3 Dot4Print;Sterownik klasy drukowania dla IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 DrmRAudio;DrmRAudio; C:\Windows\system32\drivers\DrmRAudio.sys [2009-08-14 23096] S3 EagleNT;EagleNT; C:\Windows\system32\drivers\EagleNT.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272] S3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [] S3 Mkd2kfNt;Mkd2kfNt; C:\Windows\system32\drivers\Mkd2kfNt.sys [2009-10-13 133632] S3 Mkd2Nadr;Mkd2Nadr; C:\Windows\system32\drivers\Mkd2Nadr.sys [2009-07-13 79360] S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 PcdrNdisuio;PCDRNDISUIO Usermode I/O Protocol; C:\Windows\system32\DRIVERS\pcdrndisuio.sys [] S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992] S3 RT61;D-Link Wireless Driver; C:\Windows\system32\DRIVERS\RT61.sys [2005-06-04 319104] S3 ST330;ST330; C:\Windows\system32\drivers\st330.sys [2009-02-04 30464] S3 STBUS;STBUS; C:\Windows\system32\drivers\stbus.sys [2009-02-04 12672] S3 STETH;SpeedTouch Ethernet Adapter NT Driver; C:\Windows\system32\DRIVERS\steth.sys [2009-02-04 40320] S3 stppp;Speedtouch PPP Adapter Adapter; C:\Windows\system32\DRIVERS\stppp.sys [2009-02-05 32000] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 ZDPSp60;ZDPSp60 NDIS Protocol Driver; C:\Windows\System32\Drivers\ZDPSp60.sys [] S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [] S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [] S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 nvrd32;NVIDIA nForce RAID Driver; C:\Windows\system32\drivers\nvrd32.sys [2008-01-25 132128] S4 nvsmu;nvsmu; C:\Windows\system32\drivers\nvsmu.sys [2007-10-12 13312] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2007-12-27 166520] R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336] R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-03-14 94208] R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-17 73728] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-04-17 196608] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-06-30 75064] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136] R2 Start BT in service;Start BT in service; C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-12-27 51816] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-21 21504] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S4 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] -----------------EOF-----------------[/log] Zapomnialem jeszcze info: [log]info.txt logfile of random's system information tool 1.08 2010-11-25 18:12:30 ======Uninstall list====== 32 Bit HP CIO Components Installer-->MsiExec.exe /I{47ECCB1F-2811-49C0-B6A7-26778639ABA0} Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin Adobe Reader 8.1.0 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A81000000003} Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {04E205D6-88B1-4652-B162-42DF2C3B1228} Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86} Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {128A36ED-21BE-4547-9FFE-5B85AEC735DD} ALLPlayer V4.X-->"C:\Program Files\ALLPlayer\unins000.exe" AMR to MP3 Converter 1.4-->"C:\Program Files\AMR to MP3 Converter\unins000.exe" Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe Assassin's Creed II-->"C:\Program Files\InstallShield Installation Information\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}\setup.exe" -runfromtemp -l0x0009 -removeonly AudibleManager-->C:\Program Files\Audible\Bin\Upgrade.exe /Uninstall Belarc Advisor 7.2-->C:\PROGRA~1\Belarc\Advisor\Uninstall.exe C:\PROGRA~1\Belarc\Advisor\INSTALL.LOG Bing Bar Platform-->MsiExec.exe /I{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39} Bing Bar-->C:\Program Files\Bing Bar Installer\InstallManager.exe /UNINSTALL Bluesoleil2.7.0.13 VoIP Release 071227-->MsiExec.exe /X{8F85CC2C-4B26-4CF6-B835-DC59BCEDD287} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}\Setup.exe" -l0x9 CyberLink DVD Suite Deluxe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" -uninstall CyberLink PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} Dzielenie i łączenie plików v1.2.2-->"C:\Program Files\Dzielenie i laczenie plikow\unins000.exe" EasyClicker Pro 1.3v-->C:\Program Files\Master\EasyClicker\Uninstal.exe FL Studio 9-->C:\Program Files\Image-Line\FL Studio 9\uninstall.exe FlashGet 1.9.6.1073-->C:\Program Files\FlashGet\uninst.exe Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych-->MsiExec.exe /I{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7} Gadu-Gadu 10-->C:\Program Files\Gadu-Gadu 10\Uninstall.exe Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431} Game Booster-->"C:\Program Files\IObit\Game Booster\unins000.exe" Global MU Online-->C:\Program Files\InstallShield Installation Information\{4F763B06-A014-481B-951A-11AFCD667010}\setup.exe -runfromtemp -l0x0009 -removeonly Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000B8301} Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000B8302} Hardware Diagnostic Tools-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe Hewlett-Packard Active Check for Health Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E} Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367} Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{E0810CC2-4B5B-4439-B1D0-452306AF2D64}\setup.exe -runfromtemp -l0x0409 HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}\setup.exe" -l0x9 -removeonly HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC} HP Customer Participation Program 12.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot HP Demo-->"C:\Windows\unins000.exe" HP Deskjet F735 All-in-one Driver Software 12.0 Rel .4-->C:\Program Files\HP\Digital Imaging\{7BE02706-B038-4844-8FE0-E7A7C0597023}\setup\hpzscr01.exe -datfile hposcr34.dat -onestop -forcereboot HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E1476612-02D6-42A3-BDC1-E292B4115738}\setup.exe" -l0x9 -removeonly HP Imaging Device Functions 12.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Picasso Media Center Add-In-->MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B} HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat HP Solution Center 12.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot HP Update-->MsiExec.exe /X{818ABC3C-635C-4651-8183-D0E9640B7DD1} IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe Java(TM) 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF} Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} Kaspersky Online Scanner-->C:\Windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall LightScribe System Software 1.12.37.1-->MsiExec.exe /X{004C5DA2-2051-4D25-94BA-51CF810C91EB} LogMeIn Hamachi-->C:\Windows\system32\\msiexec.exe /i {8A74DEFD-A224-49CC-AB80-4E88BC730125} REMOVE=ALL LogMeIn Hamachi-->MsiExec.exe /I{8A74DEFD-A224-49CC-AB80-4E88BC730125} Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E} Microsoft .NET Framework 3.5 Language Pack SP1 - plk-->MsiExec.exe /I{9EFDFBA8-9174-3C61-8645-28376C5CA994} Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6} Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702} Microsoft .NET Framework 4 Multi-Targeting Pack-->MsiExec.exe /I{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE} Microsoft Antimalware Service PL-PL Language Pack-->MsiExec.exe /X{3C2F83D3-3F75-4920-8E23-23A9FBADB35D} Microsoft Antimalware-->MsiExec.exe /X{E62A1F01-07B7-4541-A835-EE5B0BF064C2} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{1FDA5A37-B22D-43FF-B582-B8964050DC13} Microsoft Games for Windows - LIVE-->MsiExec.exe /X{86A4C6D9-29EE-4719-AFA1-BA3341862B83} Microsoft Help Viewer 1.0-->C:\Program Files\Microsoft Help Viewer\v1.0\Microsoft Help Viewer 1.0\install.exe Microsoft Help Viewer 1.0-->MsiExec.exe /X{47C39E4A-28F2-33B1-B9B7-97F24E52D917} Microsoft Office 2000 Premium-->MsiExec.exe /I{00000415-78E1-11D2-B60F-006097C998E7} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0415-0000-0000000FF1CE} /uninstall {D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE} Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE} Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE} Microsoft Office PowerPoint Viewer 2007 (Polish)-->MsiExec.exe /X{95120000-00AF-0415-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE} Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0415-0000-0000000FF1CE} /uninstall {E9EA2604-8AC9-47D2-8F4B-6BF60787A357} Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE} Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80} Microsoft Security Essentials-->C:\Program Files\Microsoft Security Essentials\setup.exe /x Microsoft Security Essentials-->MsiExec.exe /I{EF98A02A-1748-4762-9B7D-5ED1600520D5} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft SQL Server Compact 3.5 SP2 ENU-->MsiExec.exe /I{3A9FC03D-C685-4831-94CF-4EDFD3749497} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974-->MsiExec.exe /X{B7E38540-E355-3503-AFD7-635B2F2F76E1} Microsoft Visual C++ 2010 Express - ENU-->C:\Program Files\Microsoft Visual Studio 10.0\Microsoft Visual C++ 2010 Express - ENU\setup.exe Microsoft Visual C++ 2010 Express - ENU-->MsiExec.exe /X{46F8CF66-AB83-38A7-99B2-A5BE507EE472} Microsoft Works-->MsiExec.exe /I{306B39C9-3AB1-4161-8567-9C7E50B41AE3} Mozilla Firefox (3.6.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} muvee autoProducer 6.1-->C:\Program Files\InstallShield Installation Information\{FDDB69BB-2F9A-4830-A579-ABBB7C5AF9A8}\muveesetup.exe -removeonly -runfromtemp Nero 7 Lite-->"C:\Program Files\Nero\unins000.exe" NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI ObjectDock-->C:\PROGRA~1\Stardock\OBJECT~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\INSTALL.LOG Opera 10.63-->MsiExec.exe /X{87CC8013-56D1-43E1-A0A5-AD406B4EBA95} Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - plk\setup.exe Pakiet zgodności dla systemu Office 2007-->MsiExec.exe /X{90120000-0020-0415-0000-0000000FF1CE} Pasek narzędzi AOL 5.0-->"C:\Program Files\AOL\Pasek narzędzi AOL 5.0\uninstall.exe" Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe" PITy 2008 dla Windows kompilacja:1.0.2.0-->"C:\Program Files\PITy\PITy2008NG\unins000.exe" Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1} Podstawowe programy Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383} PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe Pomocnik Messenger-->MsiExec.exe /I{BD8DA595-F501-4ABE-85A0-5C23E82472A0} Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" -uninstall PowerISO-->"C:\Program Files\PowerISO\uninstall.exe" PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u Python 2.5-->MsiExec.exe /I{0A2C5854-557E-48C8-835A-3B9F074BDCAA} Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709 Rozszerzona klawiatura multimedialna-->C:\HP\KBD\Install.exe /u Sakura-->C:\Program Files\Image-Line\Sakura\uninstall.exe Sawer-->C:\Program Files\Image-Line\Sawer\uninstall.exe Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D} Security Update for 2007 Microsoft Office System (KB2289158)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {210B16C0-CEBD-4DE9-B474-04A7E8735E16} Security Update for 2007 Microsoft Office System (KB2344875)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F} Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A} Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT="" Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7A2C18A1-D2A2-3177-82F1-5FE9CC08ECB0} /parameterfolder Extended Security Update for Microsoft Office Excel 2007 (KB2345035)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B23002DD-34EC-4988-B810-A5E2A0BF04F1} Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46} Security Update for Microsoft Office PowerPoint Viewer (KB2413381)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3DED0A62-44C8-4E00-A785-5212F297A9D9} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} Segoe UI-->MsiExec.exe /I{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA} Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat Silkroad-->C:\Program Files\Silkroad\Remove.Exe Skype™ 5.0-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8} TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe" Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe Ubisoft Game Launcher-->"C:\Program Files\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF} VDownloader 2.8.387-->"C:\Program Files\VDownloader123\unins000.exe" Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066} Windows Live Family Safety-->MsiExec.exe /I{0C6994E1-3AE1-4CDD-A760-1628E6B8CD03} Windows Live Family Safety-->MsiExec.exe /X{F53D678E-238F-4A71-9742-08BB6774E9DC} Windows Live ID Sign-in Assistant-->MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429} Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917} Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30} Windows Live Mesh-->MsiExec.exe /I{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A} Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48} Windows Live Messenger Companion Core-->MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9} Windows Live Messenger-->MsiExec.exe /X{2C7E8AA1-9C03-4606-BF34-5D99D07964DA} Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90} Windows Live MIME IFilter-->MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E} Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38} Windows Live Movie Maker-->MsiExec.exe /X{F80E5450-3EF3-4270-B26C-6AC53BEC5E76} Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81} Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3} Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1} Windows Live PIMT Platform-->MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A} Windows Live Remote Client Resources-->MsiExec.exe /I{C30628D8-D3A0-4F23-90F0-F145808087B6} Windows Live Remote Client-->MsiExec.exe /I{19A4A990-5343-4FF7-B3B5-6F046C091EDF} Windows Live Remote Service Resources-->MsiExec.exe /I{201B5096-AF6E-423E-B987-023E040D9B42} Windows Live Remote Service-->MsiExec.exe /I{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0} Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F} Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4} Windows Live UX Platform Language Pack-->MsiExec.exe /I{543E6ACA-51B7-4283-82F2-57C0582A53C5} Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16} Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04} Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF} Windows Live Writer-->MsiExec.exe /X{E55E0C35-AC3C-4683-BA2F-834348577B80} ======Hosts File====== 127.0.0.1 static3.cdn.ubi.com 127.0.0.1 ubisoft-orbit.s3.amazonaws.com 127.0.0.1 onlineconfigservice.ubi.com 127.0.0.1 orbitservice.ubi.com 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com ======Security center information====== AV: Spy Emergency (disabled) AS: Spy Emergency (disabled) AS: Windows Defender ======System event log====== Computer Name: Magnum-PC Event Code: 7036 Message: Usługa Licencjonowanie oprogramowania weszła w stan uruchomienia. Record Number: 232056 Source Name: Service Control Manager Time Written: 20100603075713.000000-000 Event Type: Informacje User: Computer Name: Magnum-PC Event Code: 7036 Message: Usługa Kompozycje weszła w stan uruchomienia. Record Number: 232055 Source Name: Service Control Manager Time Written: 20100603075713.000000-000 Event Type: Informacje User: Computer Name: Magnum-PC Event Code: 7036 Message: Usługa Usługa profilów użytkowników weszła w stan uruchomienia. Record Number: 232054 Source Name: Service Control Manager Time Written: 20100603075713.000000-000 Event Type: Informacje User: Computer Name: Magnum-PC Event Code: 7036 Message: Usługa Windows Audio weszła w stan uruchomienia. Record Number: 232053 Source Name: Service Control Manager Time Written: 20100603075713.000000-000 Event Type: Informacje User: Computer Name: Magnum-PC Event Code: 7036 Message: Usługa Konstruktor punktów końcowych audio systemu Windows weszła w stan uruchomienia. Record Number: 232052 Source Name: Service Control Manager Time Written: 20100603075713.000000-000 Event Type: Informacje User: =====Application event log===== Computer Name: Magnum-PC Event Code: 4101 Message: Sprawdzono poprawność licencji systemu Windows. Record Number: 9071 Source Name: Microsoft-Windows-Winlogon Time Written: 20090224192305.000000-000 Event Type: Informacje User: Computer Name: Magnum-PC Event Code: 4625 Message: System podrzędny EventSystem pomija zduplikowane wpisy dziennika zdarzeń przez okres 86400 sekund. Limit czasu pomijania można kontrolować za pomocą wartości REG_DWORD o nazwie SuppressDuplicateDuration w następującym kluczu rejestru: HKLM\Software\Microsoft\EventSystem\EventLog. Record Number: 9070 Source Name: Microsoft-Windows-EventSystem Time Written: 20090224192303.000000-000 Event Type: Informacje User: Computer Name: Magnum-PC Event Code: 1531 Message: Usługa profilów użytkowników została uruchomiona pomyślnie. Record Number: 9069 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20090224192303.000000-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: Magnum-PC Event Code: 900 Message: Usługa licencjonowania oprogramowania jest uruchamiana. Record Number: 9068 Source Name: Microsoft-Windows-Security-Licensing-SLC Time Written: 20090224192303.000000-000 Event Type: Informacje User: Computer Name: Magnum-PC Event Code: 2 Message: Klient usług certyfikatów został zatrzymany. Record Number: 9067 Source Name: Microsoft-Windows-CertificateServicesClient Time Written: 20090224192201.885800-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM =====Security event log===== Computer Name: Magnum-PC Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Uprawnienia: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 53829 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100425131737.746247-000 Event Type: Sukces inspekcji User: Computer Name: Magnum-PC Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: MAGNUM-PC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Typ logowania: 5 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x2a8 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Nazwa stacji roboczej: Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: Advapi Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 53828 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100425131737.746247-000 Event Type: Sukces inspekcji User: Computer Name: Magnum-PC Event Code: 4648 Message: Podjęto próbę logowania przy użyciu jawnych poświadczeń. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: MAGNUM-PC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Konto, którego poświadczenia zostały użyte: Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Serwer docelowy: Nazwa serwera docelowego: localhost Informacje dodatkowe: localhost Informacje o procesie: Identyfikator procesu: 0x2a8 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Adres sieciowy: - Port: - To zdarzenie jest generowane, gdy proces podejmie próbę zalogowania się na koncie, określając w sposób jawny poświadczenia konta. To zdarzenie najczęściej występuje w konfiguracjach wsadowych, takich jak zaplanowane zadania, lub podczas używania polecenia RUNAS. Record Number: 53827 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100425131737.746247-000 Event Type: Sukces inspekcji User: Computer Name: Magnum-PC Event Code: 5032 Message: Zapora systemu Windows nie może powiadomić użytkownika, że zablokowała aplikacji możliwość akceptowania połączeń przychodzących z sieci. Kod błędu: 2 Record Number: 53826 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100425131737.231447-000 Event Type: Niepowodzenie inspekcji User: Computer Name: Magnum-PC Event Code: 5032 Message: Zapora systemu Windows nie może powiadomić użytkownika, że zablokowała aplikacji możliwość akceptowania połączeń przychodzących z sieci. Kod błędu: 2 Record Number: 53825 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100425131733.518647-000 Event Type: Niepowodzenie inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\hp\bin\Python;C:\Program Files\Windows Live\Shared "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=16 "PROCESSOR_IDENTIFIER"=x86 Family 16 Model 2 Stepping 3, AuthenticAMD "PROCESSOR_REVISION"=0203 "NUMBER_OF_PROCESSORS"=3 "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat "DFSTRACINGON"=FALSE "OnlineServices"=Online Services "Platform"=HPD "PCBRAND"=Pavilion "MSWorksProductCode"={306B39C9-3AB1-4161-8567-9C7E50B41AE3} "VS100COMNTOOLS"=C:\Program Files\Microsoft Visual Studio 10.0\Common7\Tools\ -----------------EOF-----------------[/log]
Tomek01 komentarz 25 listopada 2010 komentarz 25 listopada 2010 Cześć Dziwią mnie te wszystkie wpisy i foldery w dziwnych lokalizacjach. [2010-10-09 16:10:10 | 000,000,000 | ---D | M] -- C:\Users\All Users\ALLPlayer Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB. W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found. O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O3 - HKU\S-1-5-21-2512262181-1095973835-1943787894-1001\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKU\S-1-5-21-2512262181-1095973835-1943787894-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-21-2512262181-1095973835-1943787894-1001\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks) O4 - Startup: C:\Users\All Users\Adobe [2008-12-09 15:26:02 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\ALLPlayer [2010-10-09 16:10:10 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Alwil Software [2010-08-11 09:43:02 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\AOL [2008-07-21 11:18:11 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Application Data [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Bluetooth [2008-12-24 20:34:28 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\CyberLink [2009-01-06 22:58:43 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\DAEMON Tools Lite [2009-01-29 16:10:13 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Dane aplikacji [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Desktop [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Documents [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Dokumenty [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\eBay.ico () O4 - Startup: C:\Users\All Users\Electronic Arts [2010-05-18 22:12:40 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\ezsidmv.dat () O4 - Startup: C:\Users\All Users\Favorites [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Gadu-Gadu 10 [2010-09-02 15:03:00 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Hewlett-Packard [2009-10-15 18:24:52 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\HP [2009-07-30 11:15:05 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\HP Product Assistant [2009-07-30 11:06:22 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\hpzinstall.log () O4 - Startup: C:\Users\All Users\ipla [2010-09-02 15:07:01 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\LightScribe [2008-12-26 16:35:45 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Menu Start [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Microsoft [2010-11-22 17:57:49 | 000,000,000 | --SD | M] O4 - Startup: C:\Users\All Users\Microsoft Help [2010-11-12 11:36:56 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\muvee Technologies [2008-07-21 11:12:31 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Nero [2010-09-15 17:11:38 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\NVIDIA [2009-07-05 14:18:05 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\OpenFM [2010-03-01 17:07:07 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\PC-Doctor [2008-07-21 11:17:13 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\PC-Doctor 5 for Windows [2008-07-21 11:17:13 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Pulpit [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\QuickStores.ico () O4 - Startup: C:\Users\All Users\Skype [2010-11-07 17:52:35 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Start Menu [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Sun [2010-04-21 16:22:24 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Symantec [2009-02-24 10:59:41 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Systweak [2010-06-04 08:14:20 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Szablony [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Templates [2006-11-02 14:02:04 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Ubisoft [2010-10-15 16:47:59 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Ulubione [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\WEBREG [2009-07-30 11:16:22 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\WindowsSearch [2010-05-18 21:20:05 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\asd\AppData [2008-12-09 15:24:04 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\asd\Contacts [2008-12-09 15:28:00 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\Cookies [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Dane aplikacji [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Desktop [2008-12-09 15:28:09 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\Documents [2008-12-09 15:28:09 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\Downloads [2008-12-09 15:28:09 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\Favorites [2008-12-09 15:28:13 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\Links [2010-09-15 16:55:59 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\Menu Start [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Moje dokumenty [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Music [2008-12-09 15:28:09 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\NetHood [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\NTUSER.DAT () O4 - Startup: C:\Users\asd\ntuser.dat.LOG1 () O4 - Startup: C:\Users\asd\ntuser.dat.LOG2 () O4 - Startup: C:\Users\asd\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf () O4 - Startup: C:\Users\asd\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\asd\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\asd\NTUSER.DAT{4a459610-a4b2-11df-9c82-00158310bb1b}.TM.blf () O4 - Startup: C:\Users\asd\NTUSER.DAT{4a459610-a4b2-11df-9c82-00158310bb1b}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\asd\NTUSER.DAT{4a459610-a4b2-11df-9c82-00158310bb1b}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\asd\NTUSER.DAT{bf9abbb8-e29c-11df-a9b3-00158310bb1b}.TM.blf () O4 - Startup: C:\Users\asd\NTUSER.DAT{bf9abbb8-e29c-11df-a9b3-00158310bb1b}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\asd\NTUSER.DAT{bf9abbb8-e29c-11df-a9b3-00158310bb1b}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\asd\ntuser.ini () O4 - Startup: C:\Users\asd\Pictures [2008-12-09 15:28:09 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\PrintHood [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Recent [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Saved Games [2008-12-09 15:28:09 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\Searches [2008-12-09 15:28:09 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\asd\SendTo [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Szablony [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Ustawienia lokalne [2008-12-09 15:24:02 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\asd\Videos [2008-12-09 15:28:09 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\AppData [2006-11-02 12:18:34 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\Default\Application Data [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Cookies [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Dane aplikacji [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Desktop [2006-11-02 11:23:35 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Documents [2008-12-09 15:25:55 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Downloads [2006-11-02 11:23:35 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Favorites [2006-11-02 11:23:35 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Links [2006-11-02 11:23:35 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Local Settings [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Menu Start [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Moje dokumenty [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Music [2006-11-02 11:23:35 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\My Documents [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\NetHood [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\NTUSER.DAT () O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG () O4 - Startup: C:\Users\Default\ntuser.dat.LOG1 () O4 - Startup: C:\Users\Default\ntuser.dat.LOG2 () O4 - Startup: C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf () O4 - Startup: C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Default\Pictures [2006-11-02 11:23:35 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\PrintHood [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Recent [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Saved Games [2006-11-02 11:23:35 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Default\SendTo [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Start Menu [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Szablony [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Templates [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Ustawienia lokalne [2008-12-09 15:25:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Videos [2006-11-02 11:23:35 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\.gstreamer-0.10 [2009-05-04 19:45:57 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Magnum\AppData [2008-12-24 20:13:59 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\Magnum\Application Data [2009-01-12 14:53:37 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Magnum\Contacts [2010-06-04 19:33:04 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\Cookies [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\Dane aplikacji [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\dbghelp.dll () O4 - Startup: C:\Users\Magnum\Desktop [2010-11-25 17:52:23 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\Documents [2010-11-22 17:57:49 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\Downloads [2010-10-27 16:25:44 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\Favorites [2009-10-18 16:16:31 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\Gadu-Gadu [2009-01-06 20:56:57 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Magnum\Links [2006-11-02 11:23:35 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\Menu Start [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\Moje dokumenty [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\Music [2010-11-06 23:10:44 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\NetHood [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\NOTICE.TXT () O4 - Startup: C:\Users\Magnum\ntuser.dat () O4 - Startup: C:\Users\Magnum\ntuser.dat.bak () O4 - Startup: C:\Users\Magnum\ntuser.dat.LOG1 () O4 - Startup: C:\Users\Magnum\ntuser.dat.LOG2 () O4 - Startup: C:\Users\Magnum\ntuser.dat.sav.LOG1 () O4 - Startup: C:\Users\Magnum\ntuser.dat.sav.LOG2 () O4 - Startup: C:\Users\Magnum\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf () O4 - Startup: C:\Users\Magnum\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Magnum\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Magnum\ntuser.dat{5ee53ab4-6f11-11df-9c31-806e6f6e6963}.TM.blf () O4 - Startup: C:\Users\Magnum\ntuser.dat{5ee53ab4-6f11-11df-9c31-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Magnum\ntuser.dat{5ee53ab4-6f11-11df-9c31-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Magnum\ntuser.dat{62b62e7f-55b7-11de-b913-00158310bb1b}.TM.blf () O4 - Startup: C:\Users\Magnum\ntuser.dat{62b62e7f-55b7-11de-b913-00158310bb1b}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Magnum\ntuser.dat{62b62e7f-55b7-11de-b913-00158310bb1b}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Magnum\ntuser.ini () O4 - Startup: C:\Users\Magnum\Pictures [2010-11-07 18:02:55 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\Pomoc i wsparcie techniczne.lnk = File not found O4 - Startup: C:\Users\Magnum\PrintHood [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\Recent [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\Saved Games [2010-06-24 13:55:32 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Magnum\Searches [2008-12-25 15:26:17 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Magnum\SendTo [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\Szablony [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\Tracing [2010-08-01 20:06:54 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Magnum\Ustawienia lokalne [2008-12-24 20:13:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Magnum\Videos [2010-11-13 19:51:30 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\CyberLink [2010-07-23 11:19:52 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Public\Desktop [2010-11-15 20:08:16 | 000,000,000 | RH-D | M] O4 - Startup: C:\Users\Public\Documents [2010-03-28 19:56:52 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Downloads [2006-11-02 13:50:50 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Favorites [2006-11-02 11:23:35 | 000,000,000 | RH-D | M] O4 - Startup: C:\Users\Public\Music [2006-11-02 13:50:50 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Pictures [2006-11-02 13:50:50 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Recorded TV [2010-02-02 22:16:16 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Videos [2006-11-02 13:50:50 | 000,000,000 | R--D | M]O8 - Extra context menu item: &Wyszukiwarka na pasku narzędzi AOL - C:\ProgramData\AOL\ieToolbar\resources\pl-PL\local\search.html () O33 - MountPoints2\{6cfa5a0c-01f7-11df-b2ac-00158310bb1b}\Shell\AUtoplAY\CommaNd - "" = jgrj.cmd O33 - MountPoints2\{6cfa5a0c-01f7-11df-b2ac-00158310bb1b}\Shell\AutoRun\command - "" = jgrj.cmd O33 - MountPoints2\{6cfa5a0c-01f7-11df-b2ac-00158310bb1b}\Shell\eXPlore\ComMAnD - "" = jgrj.cmd O33 - MountPoints2\{6cfa5a0c-01f7-11df-b2ac-00158310bb1b}\Shell\opEN\commAnd - "" = jgrj.cmd :Files C:\Program Files\MSN Toolbar C:\Program Files\Bing Bar Installer :Commands [emptytemp] [start explorer] [Reboot][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.