suetownsend utworzono 8 stycznia 2011 utworzono 8 stycznia 2011 Witam serdecznie, to mój pierwszy post tutaj. Mam pewien problem, z którym borykam się już od dawna, ale dopiero teraz znalazłam siły (i czas), żeby się z nim zmierzyć. A szlag trafia mnie już konkretnie... Otóż posiadam laptopa (hp pavilion dv5 z angielską Vistą). Od początku mam z nim (lub z Vistą) jakieś problemy. Zaczęło się od tego, że nie działała Opera i Firefox. Teraz Firefox działa, ale gdy go uruchamiam, muszę czekać ok. 1 minuty. Znalazłam jakieś info, że może to być spowodowane pozostałością Norton Sercurity. Wyczyściłam więc do końca jakimś Norton Cleanerem, ale sytuacja się nie zmieniła. Poza tym mam problem z aktualizacją niektórych antywirusów. Praktycznie żaden poza Spybotem oraz Microsoft Security Essentials nie chce się aktualizować (mimo dodania procesów do wyjątku firewalla Windows). Próbowałam w trybie awaryjnym, ale nie mam wtedy Internetu (nawet w trybie z obsługą sieci). Ponadto komp strasznie muli, długo się włącza, występują przeskoki przy surfowaniu w necie. Tak więc obawiam się, że mam jakieś śmieci w systemie. Jestem raczej zielona jeśli chodzi o te sprawy (powiedzmy, że wiem co nieco). Przeskanowałam system prawie wszystkim, co wpadło mi w ręce (Spybot, Superantispyware, Spyware Terminator, Malwearebytes Antimalware i chyba jeszcze kilkoma - na pewno nie dało rady Spyware Doctorem, gdyż nie zaktualizował bazy). Każdy z nich znalazł kilka śmieci, które usunęłam, ale ciągle jest tak samo. Aha, jeszcze jedna dość ważna informacja (przynajmniej tak mi się wydaje). Za każdym razem, gdy włączam kompa, przed uruchomieniem Windowsa wyskakuje błąd i mam 2 możliwości, "start Windows normally" i uruchomienie jakiegos rozwiazywania problemow. Gdy wybiore to drugie, w połowie dostaję komunikat, że nie jest w stanie naprawić błędów. Gdy uruchamiam "start Windows normally", wchodzę do systemu. Przepraszam za przydługi wykład, ale nie wiem, które z tych informacji są ważne. Z komputera od zawsze korzystało kilka osób, więc nie do końca wiem, co się na nim dzieje. Gdyby były potrzebne jeszcze jakieś informacje, proszę dać znać - odpowiem o ile będę umiała [log]OTL Extras logfile created on: 2011-01-08 02:34:28 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\chudzix\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 52,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 70,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 289,95 Gb Total Space | 44,74 Gb Free Space | 15,43% Space Free | Partition Type: NTFS Drive D: | 8,14 Gb Total Space | 1,55 Gb Free Space | 19,11% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: CHUDZIX-PC | User Name: chudzix | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Opera\opera.exe" File not found https [open] -- "C:\Program Files\Opera\opera.exe" File not found inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 1 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{14E12705-AB91-42A8-91B7-3170DD616DD6}" = rport=445 | protocol=6 | dir=out | app=system | "{64830E5D-3B6B-4E45-AD7E-0CA00C281E6D}" = lport=137 | protocol=17 | dir=in | app=system | "{70DA0EB6-0B44-439F-9FBD-01599CC9F1AE}" = lport=138 | protocol=17 | dir=in | app=system | "{AB097C01-9F88-4364-B2B7-BA6444513F83}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{BA1AC295-3439-4838-826A-6D55889DF48F}" = rport=137 | protocol=17 | dir=out | app=system | "{BE1F6FEB-8DEA-4A4B-9A13-541285849C18}" = lport=139 | protocol=6 | dir=in | app=system | "{D391C8D0-7C13-45E9-BB94-42E46686D102}" = lport=445 | protocol=6 | dir=in | app=system | "{D3EF6CA8-3506-46C3-B09E-33C269705937}" = lport=2869 | protocol=6 | dir=in | app=system | "{D50BDDD5-BEC2-4A73-A48A-D3FCC4792F4F}" = rport=139 | protocol=6 | dir=out | app=system | "{F029166C-4D03-4A08-AA32-361C6049BE75}" = rport=138 | protocol=17 | dir=out | app=system | "{F0580AEF-31E1-4EBB-BF5D-9FA29835AABE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{F073FE79-B79D-42C6-BF2C-91CC51915BD9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{005D6AC9-A1B6-4F10-9E83-5918FEF2679F}" = protocol=17 | dir=in | app=c:\program files\webroot\webrootsecurity\spysweeperui.exe | "{09C8F4CF-5AB0-4EC1-95D4-415AC4BAC485}" = protocol=17 | dir=in | app=c:\program files\pc tools security\pctssvc.exe | "{0F5500CA-6C9C-4F80-8DBE-B4A4C188BEC7}" = protocol=6 | dir=in | app=c:\program files\webroot\webrootsecurity\spysweeperui.exe | "{14B679F6-E03A-4CB7-89BB-169A5FFED2B4}" = protocol=6 | dir=in | app=c:\users\chudzix\appdata\local\temp\7zs6a27.tmp\symnrt.exe | "{1A8381B9-37C2-4BF8-831D-1530F9209428}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{1B0BED20-3E9D-4C82-828B-98C1565B9BAC}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "{1CC71376-0985-478A-82DA-10C8AEE0A6B9}" = protocol=6 | dir=in | app=c:\program files\emsisoft anti-malware\a2guard.exe | "{1DD37FDA-5468-49FB-9947-04EC0B956B5D}" = protocol=17 | dir=in | app=c:\program files\superantispyware\runsas.exe | "{229BD2B5-8CA9-44E2-B746-0344BF9130E2}" = protocol=6 | dir=in | app=c:\program files\pc tools security\update.exe | "{2AAF3F76-5486-48CA-8CA1-CCD5BF6181E6}" = protocol=6 | dir=in | app=c:\program files\emsisoft anti-malware\a2start.exe | "{369B53CD-DC93-459C-A98E-A784C5A90EAB}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{3741BBEA-498E-411B-B460-DAA443BB2488}" = protocol=17 | dir=in | app=c:\program files\emsisoft anti-malware\a2guard.exe | "{37F87317-05B4-4EEB-8F81-21D4B61398B5}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | "{38BAB2E6-ED7C-4415-B55F-538865D1007A}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxcgpswx.exe | "{3EB420B4-F6B4-4064-B7E0-7A5C0E39DFC4}" = dir=in | app=c:\program files\msn messenger\livecall.exe | "{439A446B-D76F-4CE6-BD33-4C19135FB385}" = protocol=6 | dir=in | app=c:\program files\superantispyware\runsas.exe | "{4DB4D787-35A5-499B-9F68-9398E0DD408B}" = protocol=17 | dir=in | app=c:\program files\pc tools security\update.exe | "{50F68EE7-7AD8-4F4E-99B4-CAED5BA45C3D}" = protocol=17 | dir=in | app=c:\program files\norton antivirus\engine\18.1.0.33\uistub.exe | "{537874AF-CEEC-487E-BE28-19F71C6F25B4}" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "{5C84596A-62A4-4DFF-8518-4B9F3520CBA4}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{60DBE6CD-C77D-4A22-A5F3-83A949425500}" = protocol=17 | dir=in | app=c:\program files\superantispyware\superantispyware.exe | "{6194BD83-ECF2-4007-8F6B-9AA1841F4A3F}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{6246DC1D-97CD-47DC-870B-9F47B46E1FE1}" = protocol=17 | dir=in | app=c:\program files\pc tools registry tool\pcttregtool.exe | "{6E06CC4E-FB5D-4282-8EFF-015D12CBFB39}" = protocol=6 | dir=in | app=c:\program files\pc tools registry tool\pcttregtool.exe | "{70E15C6F-F34B-48CA-BBBE-11E2763AAC6A}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | "{7EBC2A28-FF26-4505-9D8E-D74191809CB2}" = protocol=6 | dir=in | app=c:\program files\pc tools security\pctsgui.exe | "{80CB5FFC-714D-4D19-99B2-D60AD67C26F9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{81B1283B-E9C4-4906-A508-C312E709B230}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{86A88DA5-8C52-409E-A7F2-014402925583}" = protocol=17 | dir=in | app=c:\program files\spybot - search & destroy\spybotsd.exe | "{877125F1-6B28-4DD4-B069-BE1F4F0A7587}" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "{8993622F-DC65-437C-9916-1AA4CD9E0479}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{949BF13A-BFC6-4A31-8F72-1D93480182BC}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "{97D70102-0218-4AAF-BB86-4412765E7C7B}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | "{98612FC1-C166-41A4-A1E9-BBE58C41BC87}" = protocol=6 | dir=in | app=c:\program files\pc tools security\upgrade.exe | "{9AC073CA-8238-42E2-B560-4B68F3AEE3D6}" = protocol=17 | dir=in | app=c:\program files\pc tools security\upgrade.exe | "{B47A5885-676C-44C3-8EB1-96CF21127E9A}" = protocol=6 | dir=in | app=c:\program files\pc tools security\pctssvc.exe | "{B52C3FEE-2183-4392-965E-7E210A7C0263}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "{C37B1E1A-7DD4-477B-A222-F2B045D5F262}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "{C460AC67-3968-46E7-91FB-2CC238E7C371}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{C890562B-F37D-4EA1-8373-B3BF795FA2B3}" = protocol=6 | dir=in | app=c:\program files\norton antivirus\engine\18.1.0.33\uistub.exe | "{CC97508F-B53F-4C73-BB53-3969E838A48B}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | "{D5B8026A-AB2C-45AC-96FE-D9BA12CC25D5}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxcgpswx.exe | "{DD1137DA-4AD6-4314-BDE5-DF23B7D35590}" = protocol=17 | dir=in | app=c:\program files\pc tools security\pctsgui.exe | "{DD32E737-6A85-471A-8CBE-3CA7AA4A43F8}" = protocol=6 | dir=in | app=c:\program files\spybot - search & destroy\spybotsd.exe | "{FBAFA3F2-E339-43D1-93C4-D50D6EB84279}" = protocol=17 | dir=in | app=c:\program files\emsisoft anti-malware\a2start.exe | "{FE37112B-DEC0-4372-971B-05DF604A7106}" = protocol=17 | dir=in | app=c:\users\chudzix\appdata\local\temp\7zs6a27.tmp\symnrt.exe | "{FE62B35E-BCFD-4DA1-88BE-66DC55DCCED2}" = protocol=6 | dir=in | app=c:\program files\superantispyware\superantispyware.exe | "TCP Query User{7F34505D-98DD-4860-9A9E-2A1D06955A4B}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{C24C384B-BE00-4874-AEBD-5FDB878BD20C}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{E492A7A1-23DC-44D2-80FF-855A4E85FA97}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{EB0D99D8-D257-4A47-9A6B-D22D5383C11C}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{ECBEA648-1AA5-4C59-9DCC-A5B5B77AD70C}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe | "UDP Query User{3FC3181D-68CC-4D85-9300-6DA5CA0F9885}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe | "UDP Query User{453468AD-BE31-4D54-9AB1-CDC1E1196780}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{B3E39E49-46D9-4684-8D29-B626BE1142CC}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{C72B07D8-A469-46EA-B4F9-0C03BCD88826}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{F1B5B63C-FE98-4EC5-A2AF-58BAFE0C71D4}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support "{005A00DD-F955-CAF8-8DB4-C15C3A1E715F}" = Catalyst Control Center Graphics Previews Vista "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6204 "{0446A460-E8E8-4387-9D1F-4BE9C9824F7B}" = Microsoft Antimalware Service PL-PL Language Pack "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer "{0A795E81-7E99-4574-923D-8A0AF1F11CA1}" = ScanSoft PaperPort 11 "{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox "{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10 "{150586B4-E85A-4B8B-4C60-CADA9121FA08}" = Catalyst Control Center Graphics Previews Common "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{167F938F-5AD3-40e2-B05D-2B7C6F0FDE48}" = HP Deskjet D1500 Printer Driver 10.0 Rel .3 "{187817E2-6407-461C-B59B-56CE73363D34}" = Catalyst Control Center - Branding "{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant "{25049BA9-E395-283F-8B6A-F2D78BC96BB5}" = Skins "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 22 "{280235E3-D1FB-408A-A1D5-C77BA584FBBA}" = BlService Web Update "{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010 "{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer "{2c557f98-ef74-4a1e-a856-9df2f633b41f}" = Sophos confic-a Cleanup Tool "{300FB2C5-1328-A7F1-DBB3-925452E7D763}" = Catalyst Control Center Graphics Light "{305468A6-DE2D-43ba-A168-2F45A97A89DA}" = DJ_SF_03_D1500_Software_Min "{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2 "{31BFEC6C-1F27-45B5-839C-BCBAE327993A}" = OpenOffice.org 3.0 "{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D3 "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4BFA6EEB-AAED-4334-8E98-A907DE4DD5CF}" = AMD Driver Support for HP 3D DriverGuard "{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}" = HP Easy Setup - Frontend "{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software "{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software 1.12.33.2 "{58CAA96F-E8EC-539E-6C62-3E5519BCFA52}" = ccc-utility "{65F878A3-0032-6276-7909-3FE5B451C966}" = Catalyst Control Center Graphics Full New "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware "{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client "{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module "{859B9BCA-5376-4566-9F88-C6C9DAA7A925}" = Microsoft Security Client PL-PL Language Pack "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6 "{96BC4472-AB51-50BD-93D9-37B5CE88D3A2}" = Catalyst Control Center Core Implementation "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant "{A7D837CD-C485-B501-6033-993FC68335FC}" = CCC Help English "{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.5 "{AE72E414-0935-4AC8-B7D6-12E3039BEC13}" = DigitalPersona Personal 3.0.1 "{AF862EC3-CA8A-EC26-4F05-1FFA5241E520}" = ATI Catalyst Install Manager "{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}" = HP Customer Experience Enhancements "{B39B02E2-F711-BE47-E2D3-76F458F14CF6}" = Catalyst Control Center Graphics Full Existing "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{C084BC61-E537-11DE-8616-005056806466}" = Google Earth "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D286752E-1AE7-3FA1-1306-E6DC0C4F13BA}" = ccc-core-static "{DD876490-252F-4EEF-B205-2E8F5A6E523B}" = ProtectSmart Hard Drive Protection "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5 "{F2B5A2A7-2DF9-4361-8BD5-362714528B51}" = NHL® 09 "{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}" = HP User Guides 0102 "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner "{FE250486-0A4C-9689-FDCD-D8C82EDE989E}" = Catalyst Control Center InstallProxy "7DE39862CC26DCE2446838AAF7CD5C163F835A57" = Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Audacity_is1" = Audacity 1.2.6 "Browser Defender_is1" = Browser Defender 3.0 "Cool Edit Pro 2.1" = Cool Edit Pro 2.1 "Cool Record Edit Pro" = Cool Record Edit Pro "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "Free CD to MP3 Converter" = Free CD to MP3 Converter "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "KLiteCodecPack_is1" = K-Lite Codec Pack 4.6.2 (Full) "Lexicon 4.0" = Collins COBUILD on CD-ROM "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Security Client" = Microsoft Security Essentials "Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12) "MP3 Audio Converter_is1" = MP3 Audio Converter 4.50 "MP4 Player" = MP4 Player "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "Native Instruments Traktor DJ Studio 3" = Native Instruments Traktor DJ Studio 3 "NeroMultiInstaller!UninstallKey" = Nero Suite "PC Tools File and Registry Tool_is1" = PC Tools Registry Tool "PE Builder_is1" = PE Builder 3.1.10a "PLAY ONLINE" = PLAY ONLINE "RealAlt_is1" = Real Alternative 2.0.1 "SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6 "SopCast" = SopCast 3.2.9 "Spyware Doctor" = Spyware Doctor z modulem Antivirus 8.0 "SubEdit-Player_is1" = SubEdit-Player "SynTPDeinstKey" = Synaptics Pointing Device Driver "System TL+ - angielsko-polski, prawniczy, wyd.2" = System TL+ - angielsko-polski, prawniczy, wyd.2 "Veetle TV" = Veetle TV 0.9.16 "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions "VLC media player" = VLC media player 1.1.4 "Wave 2 Mp3_is1" = Wave 2 Mp3 1.1 "WebSTAR DPC2100 Uninstall" = Scientific-Atlanta WebSTAR 2000 series Cable Modem "WinDjView" = WinDjView 1.0.3 "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1721191239-3645763191-1225645796-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BankBrowser" = BankBrowser "KFD" = The New Kosciuszko Foundation Dictionary "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-01-01 11:23:41 | Computer Name = chudzix-PC | Source = WinMgmt | ID = 10 Description = Error - 2011-01-01 23:35:43 | Computer Name = chudzix-PC | Source = EventSystem | ID = 4621 Description = Error - 2011-01-02 00:07:52 | Computer Name = chudzix-PC | Source = WinMgmt | ID = 10 Description = Error - 2011-01-02 09:41:41 | Computer Name = chudzix-PC | Source = WinMgmt | ID = 10 Description = Error - 2011-01-03 10:36:30 | Computer Name = chudzix-PC | Source = WinMgmt | ID = 10 Description = Error - 2011-01-03 13:31:43 | Computer Name = chudzix-PC | Source = WinMgmt | ID = 10 Description = Error - 2011-01-03 18:17:22 | Computer Name = chudzix-PC | Source = WinMgmt | ID = 10 Description = Error - 2011-01-03 20:10:08 | Computer Name = chudzix-PC | Source = WinMgmt | ID = 10 Description = Error - 2011-01-04 11:06:38 | Computer Name = chudzix-PC | Source = WinMgmt | ID = 10 Description = Error - 2011-01-04 12:15:09 | Computer Name = chudzix-PC | Source = WinMgmt | ID = 10 Description = [ DigitalPersona Pro Events ] Error - 2009-02-01 13:02:57 | Computer Name = chudzix-PC | Source = DigitalPersona Pro | ID = 17827841 Description = One-to-one fingerprint match failed. Error - 2009-03-10 06:38:17 | Computer Name = chudzix-PC | Source = DigitalPersona Pro | ID = 17827841 Description = One-to-one fingerprint match failed. Error - 2009-03-11 08:11:26 | Computer Name = chudzix-PC | Source = DigitalPersona Pro | ID = 17827841 Description = One-to-one fingerprint match failed. Error - 2010-08-17 05:00:52 | Computer Name = chudzix-PC | Source = DigitalPersona Pro | ID = 17827841 Description = One-to-one fingerprint match failed. [ System Events ] Error - 2011-01-06 23:01:54 | Computer Name = chudzix-PC | Source = Service Control Manager | ID = 7011 Description = Error - 2011-01-07 00:17:38 | Computer Name = chudzix-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2011-01-07 00:32:23 | Computer Name = chudzix-PC | Source = ssidrv | ID = 131098 Description = Error - 2011-01-07 00:32:40 | Computer Name = chudzix-PC | Source = Service Control Manager | ID = 7034 Description = Error - 2011-01-07 00:33:44 | Computer Name = chudzix-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003 Description = Error - 2011-01-07 02:36:51 | Computer Name = chudzix-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2011-01-07 02:37:03 | Computer Name = chudzix-PC | Source = Microsoft Antimalware | ID = 3002 Description = %%860 Real-Time Protection feature has encountered an error and failed. Feature: %%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842 Error - 2011-01-07 02:41:46 | Computer Name = chudzix-PC | Source = Service Control Manager | ID = 7011 Description = Error - 2011-01-07 02:41:46 | Computer Name = chudzix-PC | Source = Service Control Manager | ID = 7022 Description = Error - 2011-01-07 02:52:40 | Computer Name = chudzix-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003 Description = < End of report > [/log] [log]OTL logfile created on: 2011-01-08 02:34:28 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\chudzix\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 52,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 70,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 289,95 Gb Total Space | 44,74 Gb Free Space | 15,43% Space Free | Partition Type: NTFS Drive D: | 8,14 Gb Total Space | 1,55 Gb Free Space | 19,11% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: CHUDZIX-PC | User Name: chudzix | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-01-08 02:30:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\chudzix\Desktop\OTL.exe PRC - [2011-01-07 07:50:01 | 002,424,560 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\35b2a0b1-1cc8-4835-bfae-b6c9f0aed839.com PRC - [2010-12-07 21:52:37 | 000,233,936 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe PRC - [2010-11-30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2010-11-11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe PRC - [2010-11-11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe PRC - [2010-11-04 17:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2010-11-02 07:03:13 | 000,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2010-09-24 12:19:08 | 000,108,496 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\FGuard.exe PRC - [2010-09-24 12:19:06 | 000,235,472 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe PRC - [2010-08-17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-05-14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2009-06-15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-04-11 07:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-04-11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-04-11 07:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-04-11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-04-11 07:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 07:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-03-31 12:40:44 | 000,700,152 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2009-03-05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe PRC - [2008-12-10 00:03:50 | 000,724,992 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe PRC - [2008-12-08 15:50:04 | 000,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe PRC - [2008-11-06 18:23:16 | 000,772,096 | ---- | M] () -- C:\Program Files\MP4 Player\Mp4Player.exe PRC - [2008-09-02 10:48:12 | 000,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe PRC - [2008-09-02 10:40:46 | 000,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe PRC - [2008-08-22 14:32:06 | 000,361,808 | ---- | M] () -- C:\Windows\SMINST\BLService.exe PRC - [2008-06-19 12:17:36 | 001,624,616 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe PRC - [2008-06-19 12:17:36 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2008-05-14 21:56:58 | 000,116,112 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe PRC - [2008-05-14 21:56:54 | 000,292,248 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe PRC - [2008-05-14 21:56:38 | 000,468,264 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe PRC - [2008-04-16 19:55:02 | 000,221,239 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\stacsv.exe PRC - [2008-04-16 19:52:28 | 000,442,433 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe PRC - [2008-04-15 12:40:10 | 000,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe PRC - [2008-04-11 08:04:54 | 000,685,360 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe PRC - [2008-04-03 10:33:26 | 000,193,840 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe PRC - [2008-03-26 17:27:52 | 000,595,248 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe PRC - [2008-03-18 15:24:58 | 000,019,456 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\hpservice.exe PRC - [2008-03-14 07:45:10 | 000,202,032 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe PRC - [2008-03-12 18:24:52 | 000,699,456 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe PRC - [2008-03-12 18:24:52 | 000,302,144 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe PRC - [2008-02-26 13:13:22 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2008-02-12 06:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe PRC - [2008-01-25 17:05:30 | 000,148,832 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe PRC - [2008-01-21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2008-01-21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008-01-21 03:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe PRC - [2008-01-21 03:25:11 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe PRC - [2008-01-21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 03:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-21 03:23:29 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe PRC - [2008-01-17 20:31:32 | 000,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe PRC - [2008-01-17 20:31:22 | 001,033,512 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2007-11-20 06:44:58 | 000,488,752 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe PRC - [2007-11-01 17:42:38 | 000,554,288 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe PRC - [2007-10-11 19:03:10 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe PRC - [2007-09-26 05:34:40 | 000,316,720 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe PRC - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2007-01-09 10:25:00 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-01-08 02:30:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\chudzix\Desktop\OTL.exe MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2010-07-26 16:51:48 | 011,584,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-06-28 18:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-04-16 17:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-09-24 23:54:55 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2009-07-17 14:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-06-15 15:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-06-15 15:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-04-23 13:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-04-11 07:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-04-11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-04-11 07:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-04-11 07:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-04-11 07:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-04-11 07:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-04-11 07:28:24 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2009-04-11 07:28:24 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2009-04-11 07:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-04-11 07:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-04-11 07:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-04-11 07:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009-04-11 07:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2009-04-11 07:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-04-11 07:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-04-11 07:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-04-11 07:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009-04-11 07:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-04-11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-04-11 07:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-04-11 07:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-04-11 07:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-04-11 07:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-04-11 07:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-04-11 07:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-04-11 07:27:49 | 001,202,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2009-03-31 12:40:46 | 000,155,384 | ---- | M] () -- C:\Windows\System32\guard32.dll MOD - [2008-01-21 03:25:29 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 03:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 03:24:37 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-21 03:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008-01-21 03:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 03:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 03:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2006-11-02 10:46:04 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fltLib.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-11-11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV - [2010-11-11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV - [2010-09-29 16:00:56 | 001,145,304 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService) SRV - [2010-09-24 12:19:06 | 000,235,472 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service) SRV - [2010-08-26 12:39:46 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\TFEngine\TFService.exe -- (ThreatFire) SRV - [2010-03-15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService) SRV - [2009-09-25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009-09-24 10:59:26 | 001,695,368 | ---- | M] (NanJing Nagasoft Co, LTD.) [Auto | Stopped] -- C:\Windows\System32\nagasoft\vjocx.dll -- (vvdsvc) SRV - [2009-03-31 12:40:44 | 000,700,152 | ---- | M] () [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2008-08-22 14:32:06 | 000,361,808 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008-04-16 19:55:02 | 000,221,239 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\stacsv.exe -- (STacSV) SRV - [2008-03-26 17:27:52 | 000,595,248 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService) SRV - [2008-03-12 18:24:52 | 000,302,144 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV - [2008-02-12 06:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe -- (AESTFilters) SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | Disabled | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [File_System | Unknown | Running] -- -- (DwProt) DRV - [2010-10-24 21:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2010-10-24 21:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon) DRV - [2010-10-05 11:10:56 | 000,249,616 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\System32\drivers\pctgntdi.sys -- (pctgntdi) DRV - [2010-08-27 09:26:40 | 000,070,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pctplsg.sys -- (pctplsg) DRV - [2010-08-26 12:39:46 | 000,068,880 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\TfSysMon.sys -- (TfSysMon) DRV - [2010-08-26 12:39:46 | 000,051,984 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\TfFsMon.sys -- (TfFsMon) DRV - [2010-08-26 12:39:46 | 000,033,552 | --S- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TfNetMon.sys -- (TfNetMon) DRV - [2010-08-18 13:51:26 | 000,237,632 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore) DRV - [2010-07-16 14:59:54 | 000,656,320 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pctEFA.sys -- (pctEFA) DRV - [2010-07-16 14:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\pctDS.sys -- (pctDS) DRV - [2010-05-10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2010-02-17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2009-11-11 12:48:45 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-03-31 12:40:46 | 000,108,560 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard) DRV - [2009-03-31 12:40:46 | 000,068,112 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect) DRV - [2009-03-31 12:40:46 | 000,028,688 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2008-12-10 01:30:58 | 004,172,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008-09-04 17:47:00 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008-06-23 10:54:08 | 000,081,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt) DRV - [2008-06-23 10:54:08 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio) DRV - [2008-06-23 10:54:08 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid) DRV - [2008-04-27 15:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2008-04-27 10:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008-04-16 19:58:24 | 000,379,904 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008-04-14 23:56:18 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ahcix86s.sys -- (ahcix86s) DRV - [2008-04-14 20:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008-04-01 12:14:00 | 000,081,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008-03-27 11:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2008-03-27 11:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2008-03-26 17:28:08 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x) DRV - [2008-03-17 11:05:30 | 000,101,632 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2008-01-21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008-01-21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008-01-21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008-01-21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008-01-21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008-01-21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008-01-21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008-01-21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008-01-21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008-01-21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008-01-21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008-01-21 03:23:23 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf) DRV - [2008-01-21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008-01-21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008-01-21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008-01-21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008-01-21 03:23:22 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV) DRV - [2008-01-21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008-01-21 03:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2008-01-21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008-01-21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008-01-21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008-01-21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008-01-21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008-01-21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008-01-21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2008-01-17 20:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2008-01-07 21:42:04 | 000,015,416 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Amddfltr.sys -- (Amddfltr) DRV - [2007-07-11 09:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid) DRV - [2007-06-18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 08:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2006-11-02 08:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV) DRV - [2004-09-29 21:36:29 | 000,015,360 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NetMotCM.sys -- (ndiscm) DRV - [2004-06-10 09:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sacm2A.sys -- (USBCM) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_pl&c=83&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_pl&c=83&bd=Pavilion&pf=cnnb IE - HKU\.DEFAULT\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1721191239-3645763191-1225645796-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_pl&c=83&bd=Pavilion&pf=cnnb IE - HKU\S-1-5-21-1721191239-3645763191-1225645796-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ IE - HKU\S-1-5-21-1721191239-3645763191-1225645796-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1721191239-3645763191-1225645796-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) IE - HKU\S-1-5-21-1721191239-3645763191-1225645796-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Web Search..." FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://onet.pl/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:2.0.6 FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2010-12-25 02:53:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-07 21:19:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-07 21:19:53 | 000,000,000 | ---D | M] [2009-08-07 12:34:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\chudzix\AppData\Roaming\Mozilla\Extensions [2011-01-07 08:43:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\chudzix\AppData\Roaming\Mozilla\Firefox\Profiles\s1b3b43r.default\extensions [2009-08-07 12:41:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\chudzix\AppData\Roaming\Mozilla\Firefox\Profiles\s1b3b43r.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-12-04 16:46:05 | 000,000,000 | ---D | M] (vShare) -- C:\Users\chudzix\AppData\Roaming\Mozilla\Firefox\Profiles\s1b3b43r.default\extensions\vshare@toolbar [2010-04-06 20:13:39 | 000,002,425 | ---- | M] () -- C:\Users\chudzix\AppData\Roaming\Mozilla\Firefox\Profiles\s1b3b43r.default\searchplugins\askcom.xml [2010-12-04 16:48:19 | 000,001,583 | ---- | M] () -- C:\Users\chudzix\AppData\Roaming\Mozilla\Firefox\Profiles\s1b3b43r.default\searchplugins\web-search.xml [2010-10-28 20:45:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-04-19 19:22:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-07-18 02:27:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-10-28 20:45:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-08-14 02:12:56 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2010-12-25 02:53:49 | 000,000,000 | ---D | M] (Browser Defender Toolbar) -- C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX [2010-09-15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-12-07 21:19:46 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-12-07 21:19:46 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-12-07 21:19:46 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-12-07 21:19:46 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-12-07 21:19:46 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-12-07 21:19:46 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-01-07 05:33:12 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKU\S-1-5-21-1721191239-3645763191-1225645796-1000\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe (DigitalPersona, Inc.) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.) O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1721191239-3645763191-1225645796-1000..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team) O4 - HKU\S-1-5-21-1721191239-3645763191-1225645796-1000..\Run: [MP4 Player] C:\Program Files\MP4 Player\mp4Player.exe () O4 - HKU\S-1-5-21-1721191239-3645763191-1225645796-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKU\S-1-5-21-1721191239-3645763191-1225645796-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O13 - gopher Prefix: missing O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab (Windows Live OneCare safety scanner control) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.vexcast.com/download/vexcast.cab (VodClient Control Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{0518356f-ceba-11de-b905-00238b13638c}\Shell - "" = AutoRun O33 - MountPoints2\{0518356f-ceba-11de-b905-00238b13638c}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found O33 - MountPoints2\{1e61641f-8902-11de-b19d-00238b13638c}\Shell - "" = AutoRun O33 - MountPoints2\{1e61641f-8902-11de-b19d-00238b13638c}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{1e61643d-8902-11de-b19d-00238b13638c}\Shell - "" = AutoRun O33 - MountPoints2\{1e61643d-8902-11de-b19d-00238b13638c}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{e506f7ff-1621-11de-a2fb-002186c8589f}\Shell - "" = AutoRun O33 - MountPoints2\{e506f7ff-1621-11de-a2fb-002186c8589f}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{e506f848-1621-11de-a2fb-002186c8589f}\Shell - "" = AutoRun O33 - MountPoints2\{e506f848-1621-11de-a2fb-002186c8589f}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - State: "services" - 0 MsConfig - State: "startup" - 0 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color] [2011-01-08 02:29:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\chudzix\Desktop\OTL.exe [2011-01-08 01:44:40 | 000,000,000 | ---D | C] -- C:\Users\chudzix\DoctorWeb [2011-01-07 07:59:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011-01-07 07:59:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011-01-07 07:59:07 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011-01-07 07:59:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011-01-07 06:09:09 | 000,000,000 | ---D | C] -- C:\Program Files\a-squared Free [2011-01-07 05:50:03 | 000,000,000 | ---D | C] -- C:\Users\chudzix\AppData\Roaming\SUPERAntiSpyware.com [2011-01-07 05:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2011-01-07 05:49:44 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2011-01-07 05:14:02 | 000,000,000 | ---D | C] -- C:\Program Files\MSSOAP [2011-01-07 05:14:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap [2011-01-07 05:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\Webroot [2010-12-30 15:34:43 | 000,000,000 | ---D | C] -- C:\Users\chudzix\Desktop\zalane mieszkanie [2010-12-29 02:39:57 | 000,000,000 | ---D | C] -- C:\Users\chudzix\AppData\Local\Apps [2010-12-29 02:39:56 | 000,000,000 | ---D | C] -- C:\Users\chudzix\AppData\Local\Deployment [2010-12-25 05:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2010-12-25 05:11:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2010-12-25 05:11:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2010-12-25 05:11:34 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2010-12-25 05:08:04 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\chudzix\Desktop\spybotsd162.exe [2010-12-25 04:37:43 | 000,367,208 | ---- | C] (RegNow.com) -- C:\Users\chudzix\Desktop\Download_7.0.0.538f-sdsetup-regnow201.exe [2010-12-25 03:16:49 | 000,743,280 | ---- | C] (PC Tools) -- C:\Users\chudzix\Desktop\PCTResetSD.exe [2010-12-25 02:58:26 | 000,000,000 | ---D | C] -- C:\Users\chudzix\Desktop\Downloads [2010-12-25 02:58:19 | 000,000,000 | ---D | C] -- C:\Users\chudzix\AppData\Roaming\GetRightToGo [2010-12-25 02:54:47 | 000,068,880 | --S- | C] (PC Tools) -- C:\Windows\System32\drivers\TfSysMon.sys [2010-12-25 02:54:47 | 000,051,984 | --S- | C] (PC Tools) -- C:\Windows\System32\drivers\TfFsMon.sys [2010-12-25 02:54:47 | 000,033,552 | --S- | C] (PC Tools) -- C:\Windows\System32\drivers\TfNetMon.sys [2010-12-25 02:53:48 | 001,914,832 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll [2010-12-25 02:53:48 | 000,743,376 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll [2010-12-25 02:53:48 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll [2010-12-25 02:46:04 | 000,656,320 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys [2010-12-25 02:46:04 | 000,338,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys [2010-12-25 02:46:02 | 000,249,616 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys [2010-12-25 02:46:02 | 000,102,184 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys [2010-12-25 02:45:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security [2010-12-25 02:45:38 | 000,123,712 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplfw.sys [2010-12-25 02:45:38 | 000,087,400 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctNdis-PacketFilter.sys [2010-12-25 02:45:38 | 000,031,960 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctNdis-DNS.sys [2010-12-25 02:45:36 | 000,070,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys [2010-12-25 02:45:09 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security [2010-12-25 02:35:36 | 000,237,632 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys [2010-12-25 02:35:36 | 000,159,936 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys [2010-12-25 02:35:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools File and Registry Tool [2010-12-25 02:35:32 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Registry Tool [2010-12-20 01:23:44 | 000,000,000 | ---D | C] -- C:\Users\chudzix\Desktop\cwiczenia_maxi_taxi1 [2010-12-20 01:18:51 | 000,000,000 | ---D | C] -- C:\Users\chudzix\Desktop\maxitaxicd [2010-12-16 18:41:37 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch [2010-12-14 16:24:49 | 000,000,000 | ---D | C] -- C:\Users\chudzix\Desktop\srt [2010-12-14 16:17:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SubEdit-Player [2010-12-14 16:17:38 | 000,000,000 | ---D | C] -- C:\Program Files\SubEdit-Player [2010-12-13 15:08:47 | 000,000,000 | ---D | C] -- C:\Users\chudzix\Desktop\testy z unitów [2010-12-01 17:23:14 | 000,000,000 | ---D | C] -- C:\Users\chudzix\Desktop\zlodzieje [2010-11-28 02:25:51 | 000,000,000 | ---D | C] -- C:\Users\chudzix\Desktop\lalalal gry [2010-11-27 03:42:53 | 000,000,000 | ---D | C] -- C:\Users\chudzix\Desktop\23 java games 240x320 (2009) [2010-11-24 16:12:07 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2010-11-24 16:11:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010-11-22 19:17:00 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2010-11-18 16:52:01 | 000,000,000 | ---D | C] -- C:\Users\chudzix\AppData\Roaming\dvdcss [2010-11-17 17:54:34 | 000,000,000 | ---D | C] -- C:\Users\chudzix\Desktop\Harold i Kumar II [2010-11-16 17:52:42 | 000,000,000 | ---D | C] -- C:\Users\chudzix\Desktop\Harold i Kumar I [2010-11-13 23:29:44 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor [2010-11-13 23:29:44 | 000,000,000 | ---D | C] -- C:\Users\chudzix\AppData\Roaming\PC Tools [2010-11-13 23:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools [2010-11-13 23:29:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools [2010-11-05 17:36:41 | 000,000,000 | ---D | C] -- C:\Users\chudzix\Desktop\DVD2 [2010-11-05 16:25:51 | 000,000,000 | ---D | C] -- C:\Users\chudzix\Desktop\DVD1 [2010-11-03 20:40:40 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010-11-01 13:48:08 | 000,000,000 | ---D | C] -- C:\Users\chudzix\Desktop\pl [2009-12-22 00:26:14 | 000,015,429 | ---- | C] ( ) -- C:\Windows\System32\drivers\Sacm2A.sys [5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 90 Days ==========[/color] [2011-01-08 02:40:11 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-01-08 02:40:11 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-01-08 02:35:22 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{EF30A4CF-31CE-49F4-A991-D9D65CDE903C}.job [2011-01-08 02:30:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\chudzix\Desktop\OTL.exe [2011-01-07 07:59:12 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011-01-07 07:45:27 | 000,664,140 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-01-07 07:45:27 | 000,589,278 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-01-07 07:45:27 | 000,127,892 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-01-07 07:45:27 | 000,102,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-01-07 07:42:02 | 000,000,269 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2011-01-07 07:36:07 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys [2011-01-07 07:34:29 | 000,003,204 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011-01-07 07:29:04 | 000,001,055 | ---- | M] () -- C:\Users\chudzix\Desktop\Spybot - Search & Destroy.lnk [2011-01-07 06:32:20 | 000,009,342 | ---- | M] () -- C:\Users\chudzix\Desktop\system nhl.ods [2011-01-07 05:49:52 | 000,001,800 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011-01-07 05:33:12 | 000,000,761 | ---- | M] () -- C:\Windows\System32\drivers\etc\HOSTS [2011-01-07 03:09:43 | 000,168,448 | ---- | M] () -- C:\Users\chudzix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-01-03 18:31:26 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForchudzix.job [2010-12-25 05:36:49 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif [2010-12-25 05:34:55 | 002,244,934 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB [2010-12-25 05:11:39 | 000,001,079 | ---- | M] () -- C:\Users\chudzix\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2010-12-25 05:08:39 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Users\chudzix\Desktop\spybotsd162.exe [2010-12-25 04:37:59 | 000,367,208 | ---- | M] (RegNow.com) -- C:\Users\chudzix\Desktop\Download_7.0.0.538f-sdsetup-regnow201.exe [2010-12-25 02:45:51 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk [2010-12-25 02:35:33 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\PC Tools File and Registry Tool.lnk [2010-12-20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010-12-20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010-12-18 17:05:31 | 000,001,618 | ---- | M] () -- C:\Users\chudzix\AppData\Roaming\wklnhst.dat [2010-12-17 18:01:53 | 000,891,727 | ---- | M] () -- C:\Users\chudzix\Desktop\Egzamin Gimnazjalny język angielski ARKUSZ-1.pdf [2010-12-16 17:55:24 | 000,662,016 | ---- | M] () -- C:\Users\chudzix\Desktop\sukienka.doc [2010-12-16 16:44:19 | 000,316,136 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010-12-14 16:17:39 | 000,000,919 | ---- | M] () -- C:\Users\chudzix\Desktop\SubEdit-Player.lnk [2010-12-14 16:17:39 | 000,000,799 | ---- | M] () -- C:\Users\chudzix\Application Data\Microsoft\Internet Explorer\Quick Launch\SubEdit-Player.lnk [2010-12-13 23:53:31 | 000,044,544 | R--- | M] () -- C:\Users\chudzix\Desktop\konspekt new inter.doc [2010-12-07 15:03:01 | 000,000,680 | ---- | M] () -- C:\Users\chudzix\AppData\Local\d3d9caps.dat [2010-11-19 00:13:53 | 000,010,855 | ---- | M] () -- C:\Users\chudzix\Documents\płyta dla izy.odt [2010-11-15 02:20:57 | 000,010,856 | ---- | M] () -- C:\Users\chudzix\Documents\plytka dla izy.odt [2010-11-15 02:20:57 | 000,000,106 | -H-- | M] () -- C:\Users\chudzix\Documents\.~lock.plytka dla izy.odt# [2010-11-14 16:55:19 | 000,022,912 | ---- | M] () -- C:\Users\chudzix\Documents\fifa 11 talenty.odt [2010-11-03 20:39:45 | 294,923,381 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010-10-31 01:22:32 | 730,613,760 | ---- | M] () -- C:\Users\chudzix\Desktop\kac wegas pl.avi [2010-10-24 11:01:57 | 000,821,168 | ---- | M] () -- C:\Users\chudzix\Documents\KONKURS_j_niemiecki_etap_szkolny.wps [2010-10-20 15:32:54 | 000,032,110 | ---- | M] () -- C:\Users\chudzix\Desktop\South.Park.S14E03.HDTV.FQM.en.srt [2010-10-19 14:42:59 | 000,012,600 | ---- | M] () -- C:\Users\chudzix\Documents\business english for patrycja.odt [5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-01-07 07:59:12 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011-01-07 06:32:17 | 000,009,342 | ---- | C] () -- C:\Users\chudzix\Desktop\system nhl.ods [2011-01-07 05:49:52 | 000,001,800 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011-01-04 23:48:29 | 000,366,248 | ---- | C] () -- C:\Users\chudzix\Desktop\Diablo (240x320).jar [2010-12-25 05:36:49 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif [2010-12-25 05:11:39 | 000,001,079 | ---- | C] () -- C:\Users\chudzix\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2010-12-25 05:11:39 | 000,001,055 | ---- | C] () -- C:\Users\chudzix\Desktop\Spybot - Search & Destroy.lnk [2010-12-25 04:11:03 | 3218,956,288 | -HS- | C] () -- C:\hiberfil.sys [2010-12-25 02:53:48 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll [2010-12-25 02:53:48 | 000,002,052 | ---- | C] () -- C:\Windows\UDB.zip [2010-12-25 02:53:48 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml [2010-12-25 02:53:48 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml [2010-12-25 02:53:48 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip [2010-12-25 02:46:06 | 002,244,934 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB [2010-12-25 02:45:51 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk [2010-12-25 02:35:33 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\PC Tools File and Registry Tool.lnk [2010-12-20 19:12:40 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForchudzix.job [2010-12-17 18:01:53 | 000,891,727 | ---- | C] () -- C:\Users\chudzix\Desktop\Egzamin Gimnazjalny język angielski ARKUSZ-1.pdf [2010-12-16 17:55:21 | 000,662,016 | ---- | C] () -- C:\Users\chudzix\Desktop\sukienka.doc [2010-12-14 17:02:16 | 217,577,257 | ---- | C] () -- C:\Users\chudzix\Desktop\Repetytorium gimnazjalisty część językowa.pdf [2010-12-14 16:17:39 | 000,000,919 | ---- | C] () -- C:\Users\chudzix\Desktop\SubEdit-Player.lnk [2010-12-14 16:17:39 | 000,000,799 | ---- | C] () -- C:\Users\chudzix\Application Data\Microsoft\Internet Explorer\Quick Launch\SubEdit-Player.lnk [2010-12-14 16:08:04 | 000,032,110 | ---- | C] () -- C:\Users\chudzix\Desktop\South.Park.S14E03.HDTV.FQM.en.srt [2010-12-13 23:55:08 | 000,044,544 | R--- | C] () -- C:\Users\chudzix\Desktop\konspekt new inter.doc [2010-11-19 00:13:51 | 000,010,855 | ---- | C] () -- C:\Users\chudzix\Documents\płyta dla izy.odt [2010-11-15 02:20:57 | 000,010,856 | ---- | C] () -- C:\Users\chudzix\Documents\plytka dla izy.odt [2010-11-15 02:20:57 | 000,000,106 | -H-- | C] () -- C:\Users\chudzix\Documents\.~lock.plytka dla izy.odt# [2010-11-14 16:35:46 | 000,022,912 | ---- | C] () -- C:\Users\chudzix\Documents\fifa 11 talenty.odt [2010-11-05 16:09:33 | 730,613,760 | ---- | C] () -- C:\Users\chudzix\Desktop\kac wegas pl.avi [2010-11-03 20:39:45 | 294,923,381 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010-10-24 11:01:56 | 000,821,168 | ---- | C] () -- C:\Users\chudzix\Documents\KONKURS_j_niemiecki_etap_szkolny.wps [2010-10-19 14:42:58 | 000,012,600 | ---- | C] () -- C:\Users\chudzix\Documents\business english for patrycja.odt [2010-09-16 23:46:58 | 000,000,036 | -H-- | C] () -- C:\Users\chudzix\AppData\Roaming\swk.ini [2010-04-23 18:55:30 | 000,000,319 | R--- | C] () -- C:\Windows\game.ini [2010-03-28 00:05:34 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010-02-10 18:55:59 | 000,000,069 | R--- | C] () -- C:\Windows\NeroDigital.ini [2009-12-22 00:26:14 | 000,053,693 | R--- | C] () -- C:\Windows\UNDPX2A.sys [2009-11-11 12:48:45 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2009-11-10 14:12:02 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009-11-05 02:04:12 | 000,001,618 | ---- | C] () -- C:\Users\chudzix\AppData\Roaming\wklnhst.dat [2009-05-18 11:34:38 | 000,000,363 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2009-03-31 12:40:48 | 000,155,384 | ---- | C] () -- C:\Windows\System32\guard32.dll [2009-03-17 01:44:48 | 000,000,000 | ---- | C] () -- C:\Users\chudzix\AppData\Local\FnF4.txt [2009-02-16 02:56:48 | 000,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009-02-16 02:56:46 | 000,130,048 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009-02-16 02:56:45 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2009-02-16 02:56:43 | 000,067,584 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009-02-05 13:11:35 | 000,000,404 | R--- | C] () -- C:\Windows\BRWMARK.INI [2009-02-05 13:11:35 | 000,000,027 | R--- | C] () -- C:\Windows\BRPP2KA.INI [2009-02-05 13:03:21 | 000,031,567 | R--- | C] () -- C:\Windows\maxlink.ini [2009-02-02 22:06:59 | 000,168,448 | ---- | C] () -- C:\Users\chudzix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-02-01 00:57:18 | 000,000,680 | ---- | C] () -- C:\Users\chudzix\AppData\Local\d3d9caps.dat [2009-01-31 23:18:55 | 000,000,000 | ---- | C] () -- C:\Users\chudzix\AppData\Local\QSwitch.txt [2009-01-31 23:18:55 | 000,000,000 | ---- | C] () -- C:\Users\chudzix\AppData\Local\DSwitch.txt [2009-01-31 23:18:55 | 000,000,000 | ---- | C] () -- C:\Users\chudzix\AppData\Local\AtStart.txt [2008-03-28 10:19:10 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2007-11-14 15:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll [2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-03-08 18:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2001-11-14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [color=#E56717]========== LOP Check ==========[/color] [2010-11-05 16:10:55 | 000,000,000 | ---D | M] -- C:\Users\chudzix\AppData\Roaming\BESTplayer [2010-09-16 21:18:35 | 000,000,000 | ---D | M] -- C:\Users\chudzix\AppData\Roaming\Cool Record Edit Pro [2009-01-31 23:18:20 | 000,000,000 | ---D | M] -- C:\Users\chudzix\AppData\Roaming\DigitalPersona [2010-12-25 04:50:31 | 000,000,000 | ---D | M] -- C:\Users\chudzix\AppData\Roaming\GetRightToGo [2009-10-27 01:15:08 | 000,000,000 | ---D | M] -- C:\Users\chudzix\AppData\Roaming\Leadertech [2009-03-12 11:22:50 | 000,000,000 | ---D | M] -- C:\Users\chudzix\AppData\Roaming\OpenOffice.org [2009-05-04 00:15:04 | 000,000,000 | ---D | M] -- C:\Users\chudzix\AppData\Roaming\Opera [2010-09-14 19:56:41 | 000,000,000 | ---D | M] -- C:\Users\chudzix\AppData\Roaming\ScanSoft [2009-11-14 23:57:34 | 000,000,000 | ---D | M] -- C:\Users\chudzix\AppData\Roaming\Sports Interactive [2009-11-05 02:04:15 | 000,000,000 | ---D | M] -- C:\Users\chudzix\AppData\Roaming\Template [2011-01-07 07:34:30 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011-01-08 02:35:22 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{EF30A4CF-31CE-49F4-A991-D9D65CDE903C}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009-04-11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2009-07-08 18:48:35 | 000,596,281 | ---- | M] () -- C:\caisslog.txt [2006-09-18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2011-01-07 07:36:07 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys [2010-12-07 21:22:57 | 000,023,684 | ---- | M] () -- C:\lxcg.log [2009-07-30 14:03:05 | 000,007,588 | ---- | M] () -- C:\mksbasel.cpp.log [2011-01-07 07:36:06 | 3532,742,656 | -HS- | M] () -- C:\pagefile.sys [2011-01-07 05:33:12 | 000,000,000 | -H-- | M] () -- C:\ProgramData.LOG1 [2011-01-07 05:33:12 | 000,000,000 | -H-- | M] () -- C:\ProgramData.LOG2 [2010-08-24 15:30:48 | 000,002,360 | ---- | M] () -- C:\{1047367B-EA16-43FB-ADC7-EA860815272B} [2010-08-25 19:20:18 | 000,002,320 | ---- | M] () -- C:\{15095E62-16D1-4E71-AE30-ED949866A551} [2010-08-25 19:18:08 | 000,002,768 | ---- | M] () -- C:\{3F3792BA-6828-4AA9-AED6-C7F25C5E4B24} [2010-08-24 15:29:24 | 000,002,800 | ---- | M] () -- C:\{46CCEC53-0153-45DA-BE57-D117861CA506} [2010-08-24 15:38:22 | 000,002,696 | ---- | M] () -- C:\{96ACB4BF-68B9-44A4-83AC-0A8A46C2A14D} [2010-08-25 19:22:41 | 000,003,048 | ---- | M] () -- C:\{D26EDB8E-6397-489E-BEC6-FBD2F279AFF0} [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008-01-21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008-01-21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\pebuilder3110a\BartPE\I386\SYSTEM32\DRIVERS\ATAPI.SYS [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\pebuilder3110a\BartPE\I386\SYSTEM32\DRIVERS\BEEP.SYS [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-01-21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008-01-21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\pebuilder3110a\BartPE\I386\SYSTEM32\DRIVERS\CDROM.SYS [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2007-01-12 21:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\pebuilder3110a\BartPE\I386\SYSTEM32\DRIVERS\NDIS.SYS [2008-01-21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\pebuilder3110a\BartPE\I386\SYSTEM32\WINLOGON.EXE [2008-01-21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\winlogon.exe [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [color=#A23BEC]< >[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< >[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 55838 bytes -> C:\ProgramData\Sports Interactive:$ES_DESCRIPTOR_MVPUV1PKSVXJKX69UK1CWPP0DTVNYKM1UVXPJCEPP4DMJ3K1XYE7LRJEM53EPPJCFPLP45168LPSB5PL0EM6REGXHCTVVVVVVVVVVVVV @Alternate Data Stream - 186 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8 @Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:430C6D84 < End of report > [/log] [color="#FF0000"]//Logi wstawiamy w tagi //Poprawiam //Tom01[/color]
Tomek01 komentarz 8 stycznia 2011 komentarz 8 stycznia 2011 W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Web Search..." FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q=" [2010-12-04 16:46:05 | 000,000,000 | ---D | M] (vShare) -- C:\Users\chudzix\AppData\Roaming\Mozilla\Firefox\Profiles\s1b3b43r.default\extensions\vshare@toolbar [2010-04-06 20:13:39 | 000,002,425 | ---- | M] () -- C:\Users\chudzix\AppData\Roaming\Mozilla\Firefox\Profiles\s1b3b43r.default\searchplugins\askcom.xml [2010-12-04 16:48:19 | 000,001,583 | ---- | M] () -- C:\Users\chudzix\AppData\Roaming\Mozilla\Firefox\Profiles\s1b3b43r.default\searchplugins\web-search.xml [2010-12-25 02:53:49 | 000,000,000 | ---D | M] (Browser Defender Toolbar) -- C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX O33 - MountPoints2\{1e61641f-8902-11de-b19d-00238b13638c}\Shell - "" = AutoRun O33 - MountPoints2\{1e61641f-8902-11de-b19d-00238b13638c}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{1e61643d-8902-11de-b19d-00238b13638c}\Shell - "" = AutoRun O33 - MountPoints2\{1e61643d-8902-11de-b19d-00238b13638c}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{e506f7ff-1621-11de-a2fb-002186c8589f}\Shell - "" = AutoRun O33 - MountPoints2\{e506f7ff-1621-11de-a2fb-002186c8589f}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{e506f848-1621-11de-a2fb-002186c8589f}\Shell - "" = AutoRun O33 - MountPoints2\{e506f848-1621-11de-a2fb-002186c8589f}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found @Alternate Data Stream - 55838 bytes -> C:\ProgramData\Sports Interactive:$ES_DESCRIPTOR_MVPUV1PKSVXJKX69UK1CWPP0DTVNYKM1UVXPJCEPP4DMJ3K1XYE7LRJEM53EPPJCFPLP45168LPSB5PL0EM6REGXHCTVVVVVVVVVVVVV @Alternate Data Stream - 186 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8 @Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:430C6D84 :Files C:\Windows\tasks\User_Feed_Synchronization-{EF30A4CF-31CE-49F4-A991-D9D65CDE903C}.job :Commands [emptytemp] [start explorer] [Reboot] [/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i raporty pokaż na forum.
suetownsend komentarz 8 stycznia 2011 Autor komentarz 8 stycznia 2011 Dziękuję za zainteresowanie. Wyniknął jednak problem. Wpisałam wszystko tak jak podane, komputer się zresetował, oczywiście standardowo pojawił się "Windows Error Recovery" przed startem systemu. No ale nie wiem, jak wrzucić log z usuwania. Myślałam, że włączę po prostu OTL i jakoś tam znajdę, ale OTL tajemniczo zniknął z pulpitu i z dysku. Co robić w takim wypadku?
Tomek01 komentarz 8 stycznia 2011 komentarz 8 stycznia 2011 A jaką opcję wcisnąłeś ? Log z usuwania powinien sam się pojawić po restarcie systemu.
suetownsend komentarz 8 stycznia 2011 Autor komentarz 8 stycznia 2011 Ok, ściągnęłam OTL jeszcze raz i przy pierwszym uruchomieniu pojawił się log: [log] All processes killed ========== PROCESSES ========== No active process named Explorer.exe was found! ========== OTL ========== Prefs.js: "Ask.com" removed from browser.search.defaultengine Prefs.js: "Web Search..." removed from browser.search.defaultenginename Prefs.js: "Ask.com" removed from browser.search.order.1 Prefs.js: vshare@toolbar:1.0.0 removed from extensions.enabledItems Prefs.js: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q=" removed from keyword.URL C:\Users\chudzix\AppData\Roaming\Mozilla\Firefox\Profiles\s1b3b43r.default\extensions\vshare@toolbar\modules folder moved successfully. C:\Users\chudzix\AppData\Roaming\Mozilla\Firefox\Profiles\s1b3b43r.default\extensions\vshare@toolbar\locale\en-US folder moved successfully. C:\Users\chudzix\AppData\Roaming\Mozilla\Firefox\Profiles\s1b3b43r.default\extensions\vshare@toolbar\locale folder moved successfully. C:\Users\chudzix\AppData\Roaming\Mozilla\Firefox\Profiles\s1b3b43r.default\extensions\vshare@toolbar\components folder moved successfully. C:\Users\chudzix\AppData\Roaming\Mozilla\Firefox\Profiles\s1b3b43r.default\extensions\vshare@toolbar\chrome folder moved successfully. C:\Users\chudzix\AppData\Roaming\Mozilla\Firefox\Profiles\s1b3b43r.default\extensions\vshare@toolbar folder moved successfully. C:\Users\chudzix\AppData\Roaming\Mozilla\Firefox\Profiles\s1b3b43r.default\searchplugins\askcom.xml moved successfully. C:\Users\chudzix\AppData\Roaming\Mozilla\Firefox\Profiles\s1b3b43r.default\searchplugins\web-search.xml moved successfully. C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX\platform\WINNT_x86-msvc\components folder moved successfully. C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX\platform\WINNT_x86-msvc folder moved successfully. C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX\platform\Linux_x86_64-gcc3\components folder moved successfully. C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX\platform\Linux_x86_64-gcc3 folder moved successfully. C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX\platform\Linux_x86-gcc3\components folder moved successfully. C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX\platform\Linux_x86-gcc3 folder moved successfully. C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX\platform folder moved successfully. C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX\data folder moved successfully. C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX\components folder moved successfully. C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX\chrome folder moved successfully. C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX folder moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e61641f-8902-11de-b19d-00238b13638c}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1e61641f-8902-11de-b19d-00238b13638c}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e61641f-8902-11de-b19d-00238b13638c}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1e61641f-8902-11de-b19d-00238b13638c}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e61643d-8902-11de-b19d-00238b13638c}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1e61643d-8902-11de-b19d-00238b13638c}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e61643d-8902-11de-b19d-00238b13638c}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1e61643d-8902-11de-b19d-00238b13638c}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e506f7ff-1621-11de-a2fb-002186c8589f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e506f7ff-1621-11de-a2fb-002186c8589f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e506f7ff-1621-11de-a2fb-002186c8589f}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e506f7ff-1621-11de-a2fb-002186c8589f}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e506f848-1621-11de-a2fb-002186c8589f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e506f848-1621-11de-a2fb-002186c8589f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e506f848-1621-11de-a2fb-002186c8589f}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e506f848-1621-11de-a2fb-002186c8589f}\ not found. File F:\AutoRun.exe not found. ADS C:\ProgramData\Sports Interactive:$ES_DESCRIPTOR_MVPUV1PKSVXJKX69UK1CWPP0DTVNYKM1UVXPJCEPP4DMJ3K1XYE7LRJEM53EPPJCFPLP45168LPSB5PL0EM6REGXHCTVVVVVVVVVVVVV deleted successfully. ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully. ADS C:\ProgramData\TEMP:A8ADE5D8 deleted successfully. ADS C:\ProgramData\TEMP:430C6D84 deleted successfully. ========== FILES ========== C:\Windows\tasks\User_Feed_Synchronization-{EF30A4CF-31CE-49F4-A991-D9D65CDE903C}.job moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: chudzix ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 405956546 bytes ->Java cache emptied: 261533 bytes ->FireFox cache emptied: 83734255 bytes ->Opera cache emptied: 25160 bytes ->Flash cache emptied: 3016841 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 2568273 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 617650 bytes RecycleBin emptied: 17425132933 bytes Total Files Cleaned = 17 091,00 mb OTL by OldTimer - Version 3.2.20.1 log created on 01082011_142055 Files\Folders moved on Reboot... C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\R36EHLW5\ads[2].htm moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NNCLTCAQ\index[1].htm moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NNCLTCAQ\OTL[1].html moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NNCLTCAQ\overWordLayer[1].html moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NNCLTCAQ\overWordLayer[2].html moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NNCLTCAQ\search[2].htm moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JNWK5ESU\ads[2].htm moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JNWK5ESU\google_pl[1].htm moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FWF0TZP8\ads[2].htm moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FWF0TZP8\instalkipl[1].html moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\32O32M1W\4525[1].html moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\32O32M1W\ads[2].htm moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\32O32M1W\index[1].htm moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\32O32M1W\overWordLayer[1].html moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\32O32M1W\search[1].htm moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\32O32M1W\search[2].htm moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\27FWQ6E4\4493[1].html moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\27FWQ6E4\4499[1].html moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\27FWQ6E4\4521[1].html moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\27FWQ6E4\4522[1].html moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\27FWQ6E4\ads[2].htm moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\27FWQ6E4\overWordLayer[1].html moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\27FWQ6E4\overWordLayer[2].html moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1U2H4ALX\likebox[1].htm moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1U2H4ALX\like[1].htm moved successfully. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully. File move failed. C:\Users\chudzix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat scheduled to be moved on reboot. Registry entries deleted on Reboot... [/log] Teraz zabieram się za DrWeb i Malwarebytes. Czy skany przeprowadzać w trybie awaryjnym?
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.