krzysiek15 utworzono 4 lutego 2011 utworzono 4 lutego 2011 (edytowane) Coś ostatni mi wolno działa komputer, zaczeła się "sypać" przeglądarka i komunikator. Załączam logi: OTL: OTL.txt [log]OTL logfile created on: 2011-02-04 20:24:47 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Monika\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,67 Gb Total Space | 315,39 Gb Free Space | 69,67% Space Free | Partition Type: NTFS Drive D: | 12,79 Gb Total Space | 2,13 Gb Free Space | 16,69% Space Free | Partition Type: NTFS Computer Name: MONIKA-KOMPUTER | User Name: Monika | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-02-04 20:02:16 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe PRC - [2011-01-13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011-01-13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010-12-12 08:00:28 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2010-12-12 08:00:27 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010-10-14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe PRC - [2010-10-14 17:22:50 | 000,751,672 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe PRC - [2010-09-22 11:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2010-08-13 12:04:34 | 000,408,936 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe PRC - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2009-08-20 13:34:04 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe PRC - [2009-08-20 13:25:58 | 002,363,392 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe PRC - [2009-08-20 10:46:04 | 000,322,104 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe PRC - [2009-07-23 19:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe PRC - [2009-07-23 10:37:16 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe PRC - [2009-07-01 17:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe PRC - [2009-07-01 17:43:54 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe PRC - [2009-07-01 17:43:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe PRC - [2009-07-01 14:44:34 | 000,632,888 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe PRC - [2009-05-05 10:11:50 | 000,228,408 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe PRC - [2009-04-02 12:47:04 | 000,234,888 | ---- | M] () -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe PRC - [2009-04-02 12:47:02 | 000,464,264 | ---- | M] () -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe PRC - [2009-01-21 19:47:38 | 000,247,152 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe PRC - [2008-12-08 13:50:04 | 000,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe PRC - [2008-01-02 11:51:10 | 001,090,048 | ---- | M] () -- C:\Program Files (x86)\Zoom Player\zplayer.exe PRC - [2005-03-23 16:27:18 | 001,941,504 | ---- | M] (Kerio Technologies) -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe PRC - [2005-03-23 16:24:34 | 002,899,968 | ---- | M] (Kerio Technologies) -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4gui.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-04 20:02:16 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe MOD - [2011-01-20 13:32:00 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2010-08-21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2010-07-27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2010-06-29 06:02:02 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010-04-07 08:10:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2010-03-24 07:37:04 | 001,289,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2009-12-11 08:39:06 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2009-12-11 08:36:33 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2009-07-14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2009-07-14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2009-07-14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2009-07-14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2009-07-14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2009-07-14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2009-07-14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2009-07-14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2009-07-14 02:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2009-07-14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 02:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2009-07-14 02:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2009-07-14 02:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 02:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2009-07-14 02:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011-01-13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2010-09-22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b]64bit:[/b] - [2009-07-22 02:33:32 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe -- (STacSV) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-12 21:18:24 | 001,924,400 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService) SRV:[b]64bit:[/b] - [2009-07-08 12:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv) SRV:[b]64bit:[/b] - [2009-07-02 19:16:06 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009-07-01 17:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b]64bit:[/b] - [2009-03-02 22:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe -- (AESTFilters) SRV - [2010-10-14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe) SRV - [2010-10-12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009-07-12 21:04:26 | 001,656,112 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService) SRV - [2009-07-01 17:43:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-04-02 12:47:04 | 000,234,888 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade) SRV - [2009-04-02 12:47:02 | 000,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe -- (ASKService) SRV - [2005-03-23 16:27:18 | 001,941,504 | ---- | M] (Kerio Technologies) [Auto | Running] -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe -- (KPF4) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011-01-13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2010-09-22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2010-01-18 18:50:39 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2009-09-22 02:47:14 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2009-08-28 09:33:48 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2009-07-22 02:33:32 | 000,487,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:[b]64bit:[/b] - [2009-07-21 04:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:[b]64bit:[/b] - [2009-07-17 21:58:30 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2009-07-17 21:58:24 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b]64bit:[/b] - [2009-07-17 21:58:22 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2009-07-17 21:58:18 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 00:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2009-07-08 12:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt) DRV:[b]64bit:[/b] - [2009-07-08 12:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer) DRV:[b]64bit:[/b] - [2009-07-02 19:51:30 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2009-06-29 19:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir) DRV:[b]64bit:[/b] - [2009-06-10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:[b]64bit:[/b] - [2009-06-10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:[b]64bit:[/b] - [2009-06-10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:[b]64bit:[/b] - [2009-06-10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:[b]64bit:[/b] - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2009-06-10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:[b]64bit:[/b] - [2009-06-10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-06-05 11:20:26 | 000,114,192 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2009-05-23 07:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2009-05-05 06:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:[b]64bit:[/b] - [2009-04-29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV:[b]64bit:[/b] - [2009-04-29 07:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV:[b]64bit:[/b] - [2009-03-09 05:49:08 | 000,036,408 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV - [2005-03-21 15:39:16 | 000,270,336 | ---- | M] (Kerio Technologies) [Kernel | System | Stopped] -- C:\Windows\system32\drivers\fwdrv.sys -- (fwdrv) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb IE - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25560 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl&bsv=1eic6yu9oa4y3&scc=1<mpl=default<mplcache=2" FF - prefs.js..extensions.enabledItems: {ce18769b-c7fa-42d2-860d-17c4662c70ad}:2.7.2.0 FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.3787 FF - prefs.js..extensions.enabledItems: exif_viewer@mozilla.doslash.org:1.55 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11 FF - prefs.js..extensions.enabledItems: {038cb5c7-48ea-4af9-94e0-a1646542e62b}:2.6.0.15 FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3 FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=GRfox000&fl=0&ptb=aFw2119Ngwscjb2pn3DCcw&url=http://search.mywebsearch.com/mywebsearch/GGmain.jhtml&st=kwd&n=77ce832e&searchfor=" FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2009-10-20 01:06:07 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\1.bin FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-12-12 08:00:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-01-04 15:04:40 | 000,000,000 | ---D | M] [2009-12-29 15:21:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Extensions [2009-12-29 15:21:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com [2011-02-04 19:46:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3qgdrr8t.default\extensions [2010-06-13 10:59:18 | 000,000,000 | ---D | M] (ToggleEN Toolbar) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3qgdrr8t.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b} [2010-08-11 08:04:53 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3qgdrr8t.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2010-08-11 08:04:46 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3qgdrr8t.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} [2010-12-19 08:27:18 | 000,000,000 | ---D | M] (MyAshampoo Toolbar) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3qgdrr8t.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} [2010-08-18 12:05:41 | 000,000,000 | ---D | M] (Babylon-English Toolbar) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3qgdrr8t.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad} [2009-12-23 07:52:50 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3qgdrr8t.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} [2010-06-26 15:29:07 | 000,000,000 | ---D | M] ("Exif Viewer") -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3qgdrr8t.default\extensions\exif_viewer@mozilla.doslash.org [2009-12-23 10:00:41 | 000,000,687 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\3qgdrr8t.default\searchplugins\ask.xml [2010-01-20 11:19:10 | 000,000,923 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\3qgdrr8t.default\searchplugins\conduit.xml [2010-02-27 15:56:31 | 000,009,977 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\3qgdrr8t.default\searchplugins\mywebsearch.xml [2011-01-16 18:32:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011-01-04 15:04:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2009-10-20 01:06:07 | 000,000,000 | ---D | M] (DigitalPersona Extension) -- C:\PROGRAM FILES (X86)\DIGITALPERSONA\BIN\FIREFOXEXT [2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010-03-16 12:57:46 | 000,120,296 | ---- | M] ( ) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npganymedenet.dll [2010-12-09 11:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll [2010-10-24 12:56:44 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-08-18 12:05:39 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml [2010-10-24 12:56:44 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-10-24 12:56:44 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\merlin-pl.xml [2011-01-02 08:20:38 | 000,045,258 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\Mp3Rocket.xml [2011-01-02 08:20:38 | 000,045,238 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\Mp3Rocket.xml.bak [2010-10-24 12:56:44 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-10-24 12:56:44 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-10-24 12:56:44 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-01-16 15:50:37 | 000,002,069 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 69.10.57.34 google.com O1 - Hosts: 69.10.57.34 google.com.au O1 - Hosts: 69.10.57.34 www.google.com.au O1 - Hosts: 69.10.57.34 google.be O1 - Hosts: 69.10.57.34 www.google.be O1 - Hosts: 69.10.57.34 google.com.br O1 - Hosts: 69.10.57.34 www.google.com.br O1 - Hosts: 69.10.57.34 google.ca O1 - Hosts: 69.10.57.34 www.google.ca O1 - Hosts: 69.10.57.34 google.ch O1 - Hosts: 69.10.57.34 www.google.ch O1 - Hosts: 69.10.57.34 google.de O1 - Hosts: 69.10.57.34 www.google.de O1 - Hosts: 69.10.57.34 google.dk O1 - Hosts: 69.10.57.34 www.google.dk O1 - Hosts: 69.10.57.34 google.fr O1 - Hosts: 69.10.57.34 www.google.fr O1 - Hosts: 69.10.57.34 google.ie O1 - Hosts: 69.10.57.34 www.google.ie O1 - Hosts: 69.10.57.34 google.it O1 - Hosts: 69.10.57.34 www.google.it O1 - Hosts: 69.10.57.34 google.co.jp O1 - Hosts: 69.10.57.34 www.google.co.jp O1 - Hosts: 69.10.57.34 google.nl O1 - Hosts: 69.10.57.34 www.google.nl O1 - Hosts: 21 more lines... O2:[b]64bit:[/b] - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll (Conduit Ltd.) O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O3 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe () O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.) O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O7 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1 O7 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..Trusted Domains: facebook.com ([apps] http in Zaufane witryny) O15 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..Trusted Domains: gorskanatura.pl ([www] http in Zaufane witryny) O15 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..Trusted Domains: gorskanatura.pl ([www] https in Zaufane witryny) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O27:[b]64bit:[/b] - HKLM IFEO\OLT.exe: Debugger - C:\Windows\SysNative\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\OLT.exe: Debugger - svchost.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell - "" = AutoRun O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell\AutoRun\command - "" = F:\SETUP.EXE O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell\configure\command - "" = F:\SETUP.EXE O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell\install\command - "" = F:\SETUP.EXE O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* SafeBootMin:[b]64bit:[/b] AppMgmt - Service SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] mcmscsvc - Service SafeBootMin:[b]64bit:[/b] MCODS - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: mcmscsvc - Service SafeBootMin: MCODS - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - Service SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] mcmscsvc - Service SafeBootNet:[b]64bit:[/b] MCODS - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] MpfService - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: mcmscsvc - Service SafeBootNet: MCODS - Service SafeBootNet: Messenger - Service SafeBootNet: MpfService - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-04 20:23:06 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe [2011-02-04 20:04:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011-02-04 11:16:08 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\cms_rhythm [2011-02-04 11:11:26 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CASIO [2011-02-04 11:11:23 | 000,000,000 | ---D | C] -- C:\Users\Monika\Documents\WK-3700 [2011-02-04 11:11:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CASIO [2011-02-01 17:07:15 | 000,000,000 | ---D | C] -- C:\Users\Monika\Pulpit [2011-01-31 21:28:54 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C} [2011-01-28 16:36:13 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\NCH Software [2011-01-28 16:35:55 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\NCH Swift Sound [2011-01-28 16:35:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound [2011-01-28 16:35:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite [2011-01-28 16:35:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs [2011-01-28 16:35:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Swift Sound [2011-01-26 17:47:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011-01-25 21:23:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pure Sudoku [2011-01-21 21:26:02 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Media Player Classic [2011-01-21 21:25:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2011-01-21 21:24:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack [2011-01-16 18:20:51 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Malwarebytes [2011-01-16 18:20:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011-01-16 18:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011-01-16 18:20:40 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011-01-16 18:20:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011-01-16 17:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2011-01-16 17:55:51 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2011-01-16 15:17:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\PIJGS [2011-01-16 15:15:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\eeab61 [2011-01-16 08:40:21 | 000,237,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011-01-12 18:42:59 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Piosenki posegregować [2011-01-09 14:43:37 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Filmy Ani [2011-01-04 15:04:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011-01-02 16:27:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect [2011-01-02 16:27:47 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa [2011-01-02 16:27:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2011-01-02 16:27:20 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Winamp [2011-01-02 16:27:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp [2011-01-02 09:38:52 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\InstallShield [2010-12-31 22:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WildTangent Games [2010-12-30 13:22:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TimeAdjuster [2010-12-26 19:50:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MoorHunt [2010-12-21 10:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC} [2010-12-11 14:14:25 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Local\Last.fm [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-04 20:30:01 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-02-04 20:19:32 | 100,431,872 | ---- | M] () -- C:\Users\Monika\Desktop\StewardessSchool.part05.rar [2011-02-04 20:04:35 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011-02-04 20:02:16 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe [2011-02-04 20:02:16 | 000,339,991 | ---- | M] () -- C:\Users\Monika\Desktop\RSIT.exe [2011-02-04 19:34:59 | 100,431,872 | ---- | M] () -- C:\Users\Monika\Desktop\StewardessSchool.part06.rar [2011-02-04 19:15:50 | 002,321,881 | ---- | M] () -- C:\Users\Monika\Desktop\SDM - Pieśń na wyjście.mp3 [2011-02-04 19:13:56 | 002,796,223 | ---- | M] () -- C:\Users\Monika\Desktop\Janusz Radek - Sama siebie pytaj.mp3 [2011-02-04 18:51:55 | 100,431,872 | ---- | M] () -- C:\Users\Monika\Desktop\StewardessSchool.part07.rar [2011-02-04 18:36:52 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-02-04 18:36:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-02-04 16:18:56 | 100,431,872 | ---- | M] () -- C:\Users\Monika\Desktop\StewardessSchool.part08.rar [2011-02-04 16:15:37 | 000,010,339 | ---- | M] () -- C:\Users\Monika\Desktop\PP.docx [2011-02-04 15:54:34 | 030,561,384 | ---- | M] () -- C:\Users\Monika\Desktop\StewardessSchool.part09.rar [2011-02-04 15:21:24 | 100,431,872 | ---- | M] () -- C:\Users\Monika\Desktop\StewardessSchool.part01.rar [2011-02-04 11:59:03 | 000,002,250 | ---- | M] () -- C:\Users\Monika\Desktop\Music Data Management Software.lnk [2011-02-04 11:10:57 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-02-04 11:10:57 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-02-04 08:47:54 | 3218,235,392 | -HS- | M] () -- C:\hiberfil.sys [2011-02-03 15:10:41 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMonika.job [2011-02-01 18:49:02 | 007,366,656 | ---- | M] () -- C:\Users\Monika\Desktop\John Lennon - Imagine.mp3 [2011-02-01 09:29:52 | 006,160,072 | ---- | M] () -- C:\Users\Monika\Desktop\Adema - Promises.mp3 [2011-01-29 14:12:00 | 001,536,718 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011-01-29 14:12:00 | 000,692,322 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2011-01-29 14:12:00 | 000,611,332 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011-01-29 14:12:00 | 000,133,892 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2011-01-29 14:12:00 | 000,105,512 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011-01-27 18:05:07 | 000,534,229 | ---- | M] () -- C:\Users\Monika\Desktop\Plan.jpg [2011-01-16 15:50:37 | 000,002,069 | RHS- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011-01-16 08:40:21 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011-01-13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011-01-13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011-01-13 09:47:23 | 000,237,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011-01-13 09:41:44 | 000,273,488 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011-01-13 09:40:20 | 000,051,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011-01-13 09:37:34 | 000,029,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011-01-13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011-01-13 09:37:12 | 000,020,560 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011-01-13 09:00:00 | 000,000,038 | ---- | M] () -- C:\Windows\avisplitter.ini [2011-01-12 19:02:00 | 000,013,987 | ---- | M] () -- C:\Users\Monika\Desktop\Książki.xlsx [2010-12-31 22:19:02 | 000,000,376 | ---- | M] () -- C:\Users\Monika\Desktop\Minesweeper.lnk [2010-12-20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010-12-20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010-12-15 16:10:32 | 005,013,984 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010-12-13 19:38:34 | 000,001,496 | ---- | M] () -- C:\Users\Monika\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs [2010-12-11 17:32:32 | 000,004,608 | ---- | M] () -- C:\Users\Monika\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-10 18:08:24 | 000,013,795 | ---- | M] () -- C:\Users\Monika\Documents\umowa najmu.docx [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-04 20:23:06 | 000,339,991 | ---- | C] () -- C:\Users\Monika\Desktop\RSIT.exe [2011-02-04 20:06:25 | 100,431,872 | ---- | C] () -- C:\Users\Monika\Desktop\StewardessSchool.part05.rar [2011-02-04 20:04:35 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011-02-04 19:22:29 | 100,431,872 | ---- | C] () -- C:\Users\Monika\Desktop\StewardessSchool.part06.rar [2011-02-04 19:06:55 | 002,321,881 | ---- | C] () -- C:\Users\Monika\Desktop\SDM - Pieśń na wyjście.mp3 [2011-02-04 19:04:14 | 002,796,223 | ---- | C] () -- C:\Users\Monika\Desktop\Janusz Radek - Sama siebie pytaj.mp3 [2011-02-04 18:39:00 | 100,431,872 | ---- | C] () -- C:\Users\Monika\Desktop\StewardessSchool.part07.rar [2011-02-04 16:15:36 | 000,010,339 | ---- | C] () -- C:\Users\Monika\Desktop\PP.docx [2011-02-04 16:05:35 | 100,431,872 | ---- | C] () -- C:\Users\Monika\Desktop\StewardessSchool.part08.rar [2011-02-04 15:50:35 | 030,561,384 | ---- | C] () -- C:\Users\Monika\Desktop\StewardessSchool.part09.rar [2011-02-04 15:08:15 | 100,431,872 | ---- | C] () -- C:\Users\Monika\Desktop\StewardessSchool.part01.rar [2011-02-04 11:59:03 | 000,002,250 | ---- | C] () -- C:\Users\Monika\Desktop\Music Data Management Software.lnk [2011-02-03 18:13:12 | 000,000,978 | ---- | C] () -- C:\Users\Monika\Desktop\Gadu-Gadu.lnk [2011-02-01 18:42:47 | 007,366,656 | ---- | C] () -- C:\Users\Monika\Desktop\John Lennon - Imagine.mp3 [2011-02-01 09:29:32 | 006,160,072 | ---- | C] () -- C:\Users\Monika\Desktop\Adema - Promises.mp3 [2011-01-28 16:35:49 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk [2011-01-27 18:03:58 | 000,534,229 | ---- | C] () -- C:\Users\Monika\Desktop\Plan.jpg [2011-01-21 21:25:08 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011-01-21 21:25:07 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011-01-02 14:12:01 | 000,013,987 | ---- | C] () -- C:\Users\Monika\Desktop\Książki.xlsx [2010-12-31 22:19:02 | 000,000,376 | ---- | C] () -- C:\Users\Monika\Desktop\Minesweeper.lnk [2010-12-13 19:38:34 | 000,001,496 | ---- | C] () -- C:\Users\Monika\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs [2010-12-10 10:29:16 | 000,013,795 | ---- | C] () -- C:\Users\Monika\Documents\umowa najmu.docx [2010-06-13 11:06:16 | 000,004,608 | ---- | C] () -- C:\Users\Monika\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-12-22 18:11:07 | 000,000,190 | ---- | C] () -- C:\Users\Monika\AppData\Roaming\wklnhst.dat [2009-12-22 16:30:19 | 000,000,000 | ---- | C] () -- C:\Users\Monika\AppData\Local\QSwitch.txt [2009-12-22 16:30:19 | 000,000,000 | ---- | C] () -- C:\Users\Monika\AppData\Local\DSwitch.txt [2009-12-22 16:30:19 | 000,000,000 | ---- | C] () -- C:\Users\Monika\AppData\Local\AtStart.txt [2009-12-22 16:30:16 | 000,000,455 | ---- | C] () -- C:\ProgramData\HPWALog.txt [2009-10-20 01:05:21 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log [2009-10-20 01:05:11 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log [2009-10-20 01:04:52 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log [2009-10-20 01:04:26 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log [2009-10-20 01:03:41 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log [2009-09-05 10:17:42 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [2009-09-05 10:14:08 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log [2009-09-05 10:12:37 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [2009-09-05 10:11:58 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [2009-07-15 16:50:42 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2007-01-23 13:11:20 | 000,141,312 | ---- | C] () -- C:\Windows\SysWow64\QFClient2.dll [2003-01-28 00:09:20 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\libexpat.dll [color=#E56717]========== LOP Check ==========[/color] [2011-02-04 20:19:40 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Azureus [2010-04-17 09:46:34 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Cool Record Edit Pro [2010-01-19 10:04:35 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\DAEMON Tools Lite [2009-12-22 16:30:14 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\DigitalPersona [2010-06-09 16:06:52 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Druk Świadectw [2011-01-02 09:37:16 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\FUJIFILM [2009-12-22 17:36:11 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Gadu-Gadu [2010-07-17 07:51:09 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\GanymedeNet [2010-06-26 14:48:04 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\gtk-2.0 [2010-04-28 17:57:51 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\HateML [2009-12-24 15:20:02 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\iWin [2010-06-29 12:41:26 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Leadertech [2010-10-03 18:35:24 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\MP3Rocket [2011-01-28 16:35:55 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\NCH Swift Sound [2010-04-12 18:35:02 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu [2010-02-11 21:06:58 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\OpenOffice.org [2010-09-26 08:37:00 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Opera [2010-04-11 15:34:08 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\PhotoFiltre [2009-12-24 14:16:10 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\PlayFirst [2010-09-05 16:51:25 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2009-12-22 18:11:10 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Template [2011-02-03 21:32:45 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Tlen.pl [2010-10-28 19:16:51 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Windows Live Writer [2010-03-07 14:32:16 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\wordwise [2010-12-10 10:09:00 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-07-14 02:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2011-02-04 08:47:54 | 3218,235,392 | -HS- | M] () -- C:\hiberfil.sys [2010-01-07 16:47:40 | 000,000,185 | ---- | M] () -- C:\hpqlb.log [2011-02-04 08:47:57 | 4290,981,888 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2007-05-17 20:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys [2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009-10-28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe [2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < End of report > [/log] Extras [log]OTL Extras logfile created on: 2011-02-04 20:24:47 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Monika\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,67 Gb Total Space | 315,39 Gb Free Space | 69,67% Space Free | Partition Type: NTFS Drive D: | 12,79 Gb Total Space | 2,13 Gb Free Space | 16,69% Space Free | Partition Type: NTFS Computer Name: MONIKA-KOMPUTER | User Name: Monika | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources "{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit) "{33B18075-C7DF-4839-8517-C6E9338D84F2}" = HP 3D DriveGuard "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety "{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{62A20ECA-920E-4052-BF77-88C78DD20FAA}" = Validity Sensors DDK "{6C47240C-016E-03B5-D13E-AECAED09F2E3}" = ATI Catalyst Install Manager "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{ADEB3402-CFBD-00E2-0EE6-F6A3F1AFACF0}" = ccc-utility64 "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{C02C2C22-2EB1-47C8-B74F-8AB1A62FAE31}" = Windows Live Family Safety "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DD3BF908-F6B0-45A5-BED3-79E8888DDA93}" = DigitalPersona Personal 4.10 "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "CCleaner" = CCleaner "FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = WinRAR archiver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51 "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{08DB3902-2CE0-474D-BCE3-0177766CE9F1}" = HP Support Assistant "{09CC0D0E-061D-3C7B-3881-D2EB53A8AAFC}" = CCC Help Polish "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0 "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver "{26606D8F-3133-DBE2-8AF5-AB28F300860A}" = CCC Help Chinese Standard "{266D0EEA-E5A6-4A08-A0EE-5391D4EA44A7}" = Catalyst Control Center - Branding "{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16 "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 23 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{2b6ce61a-cb33-4514-b3ec-cd5d768c73df}" = Nero 9 Trial "{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "{306B39C9-3AB1-4161-8567-9C7E50B41AE3}" = Microsoft Works "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33C17B75-EA9C-0687-9CED-03D92637B042}" = CCC Help Hungarian "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode "{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent "{3F50AF3B-8997-4916-0095-99D63DDB785A}" = Harry Potter TM "{3FBDB7B8-7472-E895-2E5D-99D190B2D1B6}" = Catalyst Control Center InstallProxy "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4D78445A-8AA1-4E4E-9848-C5561D7ED4AB}" = CTK-900, WK-3200/3700 Music Data Management Software "{4E432692-A736-4F77-AF77-F9078CF88D31}" = HP Wireless Assistant "{5271C0D4-24E4-4C3D-A782-C012033FD3CF}" = AMD USB Filter Driver "{543E6ACA-51B7-4283-82F2-57C0582A53C5}" = Windows Live UX Platform Language Pack "{546937C5-0529-333E-0D5E-FE3C53108806}" = CCC Help Japanese "{55C70B62-5EF1-D527-7CAB-E50D8B3B4990}" = Catalyst Control Center Graphics Full New "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{577ED77E-25D9-1A76-4EF0-773B9C173758}" = CCC Help Portuguese "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress "{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime "{5DB4EA68-A509-D408-585C-C9D045FADF72}" = Catalyst Control Center Graphics Previews Vista "{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6D335F78-1F4F-7826-56DD-4F350EA6EADD}" = CCC Help Greek "{6E7B12B6-DA76-4167-BB65-491C18F8236B}" = Hotel Giant "{6EF04EAE-0354-9919-E757-F1203E6F422B}" = CCC Help Italian "{7028B245-30A2-BD8C-31B9-6008216FBDC2}" = CCC Help French "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games) "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{779D3256-84D0-936F-18F9-A154DC85B4B4}" = Catalyst Control Center Localization All "{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights "{78a0a27f-1a47-4aa6-a53a-bf6e2308985e}" = Nero 9 Essentials "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7BF68B83-5057-4D4B-0093-28285EEB9EE3}" = Harry Potter II "{7F4DA5B8-6884-47F2-AEBA-D9111E420C63}" = CCC Help Danish "{7F9A8D27-A1B9-164F-FCB1-0B64C88629CF}" = CCC Help Norwegian "{803263F7-8CAC-DC6D-3288-8128865A7472}" = CCC Help German "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8CC47AA0-5774-61FC-6A59-7E1C936DB753}" = ccc-core-static "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8DD86BF7-28B3-4CE9-88AE-E6EC790CAECA}" = Kerio Personal Firewall "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_HOMESTUDENTR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0415-1000-0000000FF1CE}_HOMESTUDENTR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_HOMESTUDENTR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00AF-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Polish) "{95140000-007A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A28867B-109A-5BBF-85C0-FC1BAA98CA1C}" = CCC Help Russian "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap "{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A8BCC9E4-9036-3029-F2BC-AA73A62DA73D}" = CCC Help Turkish "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1045-7B44-A91000000001}" = Adobe Reader 9.1 - Polish "{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych "{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154 "{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor "{B5C746E6-D961-445C-3768-5B6FAF6A1A31}" = CCC Help Spanish "{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update "{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{BD8DA595-F501-4ABE-85A0-5C23E82472A0}" = Pomocnik Messenger "{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3 "{C0769946-2CF1-9E8D-009B-5C413B3F01D1}" = CCC Help Czech "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C4F7EEE5-3D99-8552-7483-B2F412838B2A}" = Catalyst Control Center Graphics Previews Common "{C4FFCD8D-3A06-E243-2747-2CE771A8B7D4}" = EA Download Manager UI "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update "{D4C41D27-A2D5-94C6-1D08-3D470A12EAF0}" = CCC Help Swedish "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{D9D6A848-1BFD-592B-5F9D-0BA8692FDF0B}" = CCC Help Finnish "{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DCD91C2F-3A86-B328-59A0-5EED6190D983}" = Catalyst Control Center Graphics Full Existing "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer "{E5F5CAA5-84ED-DE41-40D0-8926FE7E5F4D}" = Catalyst Control Center Graphics Light "{E6CE345D-BF83-1242-9E4D-3D60A5036D87}" = CCC Help English "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EC155897-712F-5637-A5DA-6C7CE7CB5521}" = CCC Help Korean "{F0580F64-44A1-C607-9364-887912B74F4D}" = CCC Help Thai "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup "{F3F9A4E5-CD9F-4657-CF99-5CE3F7729909}" = Catalyst Control Center Core Implementation "{F5B1D41A-05B9-98E2-C350-E69D4A444CB4}" = CCC Help Chinese Traditional "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool "{FCF0F615-6E70-B949-028F-88D32C55C2BC}" = CCC Help Dutch "AC3Filter_is1" = AC3Filter 1.63b "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AOL Toolbar" = Pasek narzędzi AOL 5.0 "ASIO4ALL" = ASIO4ALL "Ask Toolbar_is1" = Vuze Toolbar "Audacity_is1" = Audacity 1.2.6 "avast5" = avast! Free Antivirus "Bass Audio Decoder" = Bass Audio Decoder (remove only) "CD Audio Reader Filter" = CD Audio Reader Filter (remove only) "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "Chicken Invaders 2_is1" = Chicken Invaders 2 v2.61 "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI "DCoder Image Source" = DCoder Image Source (remove only) "Drumaxx" = Drumaxx "DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders "EA Download Manager" = EA Download Manager "ENTERPRISE" = Microsoft Office Enterprise 2007 "Gadu-Gadu" = Gadu-Gadu 7.7 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "GIF Movie Gear_is1" = GIF Movie Gear 4.2.3 "GOM Player" = GOM Player "Google Chrome" = Google Chrome "Hardcore" = Hardcore "HateML_is1" = HateML 1.1 build 05 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "IL Download Manager" = IL Download Manager "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "KLiteCodecPack_is1" = K-Lite Codec Pack 6.8.0 (Full) "Kurs Photoshop CS4 - Fotografia cyfrowa" = Kurs Photoshop CS4 - Fotografia cyfrowa "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MIKSOFT Mobile AMR converter_is1" = MIKSOFT Mobile AMR converter "MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only) "MoorHunt_is1" = MoorHunt 0.6.7.2 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NoteWorthy Composer" = NoteWorthy Composer "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "NSIS_wordwise" = WordWise Dictionary "OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only) "PhotoScape" = PhotoScape "PoiZone" = PoiZone "QUICKfind" = QUICKfind server v1.1 "RealMedia" = RealMedia (remove only) "Sakura" = Sakura "Sawer" = Sawer "Tlen.pl" = Tlen.pl "Toxic Biohazard" = Toxic Biohazard "WavePad" = WavePad Sound Editor "WildTangent hp Master Uninstall" = HP Games "Winamp" = Winamp "WinGimp-2.0_is1" = GIMP 2.6.5 "WinLiveSuite" = Podstawowe programy Windows Live "ZoomPlayer" = Zoom Player (remove only) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Tlen.pl" = Tlen.pl "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > [/log] RSIT: log.txt [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Monika at 2011-02-04 20:42:36 Microsoft Windows 7 Home Premium System drive C: has 323 GB (70%) free of 464 GB Total RAM: 4092 MB (56% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:42:50, on 2011-02-04 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE C:\Program Files (x86)\Zoom Player\zplayer.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Users\Monika\Desktop\RSIT.exe C:\Program Files (x86)\trend micro\Monika.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://search.conduit.com?SearchSource=10&ctid=CT2475029 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:25560 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: 69.10.57.34 google.com O1 - Hosts: 69.10.57.34 google.com.au O1 - Hosts: 69.10.57.34 www.google.com.au O1 - Hosts: 69.10.57.34 google.be O1 - Hosts: 69.10.57.34 www.google.be O1 - Hosts: 69.10.57.34 google.com.br O1 - Hosts: 69.10.57.34 www.google.com.br O1 - Hosts: 69.10.57.34 google.ca O1 - Hosts: 69.10.57.34 www.google.ca O1 - Hosts: 69.10.57.34 google.ch O1 - Hosts: 69.10.57.34 www.google.ch O1 - Hosts: 69.10.57.34 google.de O1 - Hosts: 69.10.57.34 www.google.de O1 - Hosts: 69.10.57.34 google.dk O1 - Hosts: 69.10.57.34 www.google.dk O1 - Hosts: 69.10.57.34 google.fr O1 - Hosts: 69.10.57.34 www.google.fr O1 - Hosts: 69.10.57.34 google.ie O1 - Hosts: 69.10.57.34 www.google.ie O1 - Hosts: 69.10.57.34 google.it O1 - Hosts: 69.10.57.34 www.google.it O1 - Hosts: 69.10.57.34 google.co.jp O1 - Hosts: 69.10.57.34 www.google.co.jp O1 - Hosts: 69.10.57.34 google.nl O1 - Hosts: 69.10.57.34 www.google.nl O1 - Hosts: 69.10.57.34 google.no O1 - Hosts: 69.10.57.34 www.google.no O1 - Hosts: 69.10.57.34 google.co.nz O1 - Hosts: 69.10.57.34 www.google.co.nz O1 - Hosts: 69.10.57.34 google.pl O1 - Hosts: 69.10.57.34 www.google.pl O1 - Hosts: 69.10.57.34 google.se O1 - Hosts: 69.10.57.34 www.google.se O1 - Hosts: 69.10.57.34 google.co.uk O1 - Hosts: 69.10.57.34 google.co.za O1 - Hosts: 69.10.57.34 www.google.co.za O1 - Hosts: 69.10.57.34 www.bing.com O1 - Hosts: 69.10.57.34 search.yahoo.com O1 - Hosts: 69.10.57.34 www.search.yahoo.com O1 - Hosts: 69.10.57.34 uk.search.yahoo.com O1 - Hosts: 69.10.57.34 ca.search.yahoo.com O1 - Hosts: 69.10.57.34 de.search.yahoo.com O1 - Hosts: 69.10.57.34 fr.search.yahoo.com O1 - Hosts: 69.10.57.34 au.search.yahoo.com O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll O2 - BHO: Pomocnik logowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O15 - Trusted Zone: http://apps.facebook.com O15 - Trusted Zone: http://www.gorskanatura.pl O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ASKService - Unknown owner - C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 17036 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HPCeeScheduleForMonika.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] AskBar BHO - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll [2010-10-18 3908192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}] DigitalPersona Personal Extension - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-07-01 1256512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}] AOL Toolbar BHO - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll [2008-07-02 1185120] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik logowania za pomocą identyfikatora Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-22 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}] QUICKfind BHO Object - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll [2007-02-16 457216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-10-28 42088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll [2008-07-02 1185120] {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192] {8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616] {30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll [2010-10-18 3908192] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304] "HPCam_Menu"=c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2009-02-25 218408] "DpAgent"=C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [2009-07-01 842816] "QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-08-20 322104] "UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] ""= [] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] "avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624] "WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-03-23 500792] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2007-10-19 286720] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392] "AdobeBridge"= [] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli DPPWDFLT [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "WallpaperStyle"=2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=2 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "DisallowRun"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger="svchost.exe ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2011-02-04 20:42:36 ----D---- C:\rsit 2011-02-04 11:11:23 ----D---- C:\Program Files (x86)\CASIO 2011-01-28 16:36:13 ----D---- C:\Users\Monika\AppData\Roaming\NCH Software 2011-01-28 16:35:55 ----D---- C:\Users\Monika\AppData\Roaming\NCH Swift Sound 2011-01-28 16:35:54 ----D---- C:\ProgramData\NCH Swift Sound 2011-01-28 16:35:48 ----D---- C:\Program Files (x86)\NCH Swift Sound 2011-01-25 21:23:42 ----D---- C:\Program Files (x86)\Pure Sudoku 2011-01-21 21:26:02 ----D---- C:\Users\Monika\AppData\Roaming\Media Player Classic 2011-01-21 21:25:08 ----A---- C:\Windows\SysWOW64\unrar.dll 2011-01-21 21:25:07 ----A---- C:\Windows\avisplitter.ini 2011-01-21 21:24:49 ----D---- C:\Program Files (x86)\K-Lite Codec Pack 2011-01-16 18:20:51 ----D---- C:\Users\Monika\AppData\Roaming\Malwarebytes 2011-01-16 18:20:44 ----A---- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys 2011-01-16 18:20:43 ----D---- C:\ProgramData\Malwarebytes 2011-01-16 18:20:40 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-01-16 17:55:51 ----D---- C:\Program Files (x86)\Trend Micro 2011-01-16 15:17:54 ----SHD---- C:\ProgramData\PIJGS 2011-01-16 15:15:48 ----SHD---- C:\ProgramData\eeab61 2011-01-12 16:11:06 ----A---- C:\Windows\SysWOW64\d3d10warp.dll 2011-01-12 16:11:04 ----A---- C:\Windows\SysWOW64\d2d1.dll 2011-01-12 16:11:03 ----A---- C:\Windows\SysWOW64\DWrite.dll 2011-01-12 16:11:02 ----A---- C:\Windows\SysWOW64\XpsPrint.dll 2011-01-12 16:11:00 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll 2011-01-12 16:11:00 ----A---- C:\Windows\SysWOW64\ExplorerFrame.dll 2011-01-12 16:11:00 ----A---- C:\Windows\SysWOW64\d3d10_1core.dll 2011-01-12 16:10:59 ----A---- C:\Windows\SysWOW64\XpsRasterService.dll 2011-01-12 16:10:59 ----A---- C:\Windows\SysWOW64\d3d10_1.dll 2011-01-12 16:10:36 ----A---- C:\Windows\SysWOW64\odbc32.dll ======List of files/folders modified in the last 1 months====== 2011-02-04 20:42:43 ----D---- C:\Windows\Temp 2011-02-04 20:19:44 ----D---- C:\Users\Monika\AppData\Roaming\Winamp 2011-02-04 20:19:40 ----D---- C:\Users\Monika\AppData\Roaming\Azureus 2011-02-04 20:10:10 ----D---- C:\Windows\debug 2011-02-04 20:10:10 ----D---- C:\Windows 2011-02-04 20:04:33 ----RD---- C:\Program Files 2011-02-04 18:42:34 ----SHD---- C:\System Volume Information 2011-02-04 11:11:29 ----SHD---- C:\Windows\Installer 2011-02-04 11:11:23 ----D---- C:\Program Files (x86) 2011-02-04 11:10:31 ----D---- C:\Windows\Downloaded Installations 2011-02-04 11:04:45 ----D---- C:\Windows\Microsoft.NET 2011-02-03 21:32:45 ----D---- C:\Users\Monika\AppData\Roaming\Tlen.pl 2011-02-03 20:18:45 ----D---- C:\Program Files (x86)\Tlen.pl 2011-02-01 14:52:04 ----D---- C:\Windows\winsxs 2011-01-29 14:12:00 ----D---- C:\Windows\System32 2011-01-29 14:12:00 ----D---- C:\Windows\inf 2011-01-29 10:04:34 ----D---- C:\Program Files (x86)\Google 2011-01-28 16:47:15 ----D---- C:\Windows\SysWOW64 2011-01-28 16:35:54 ----HD---- C:\ProgramData 2011-01-27 21:19:46 ----D---- C:\Windows\rescache 2011-01-21 21:24:55 ----D---- C:\Program Files (x86)\DScaler5 2011-01-21 21:24:04 ----D---- C:\Program Files (x86)\DirectVobSub 2011-01-21 21:23:59 ----D---- C:\Program Files (x86)\OpenSource Flash Video Splitter 2011-01-21 21:23:44 ----D---- C:\Program Files (x86)\SHOUTcast Source 2011-01-21 20:38:55 ----D---- C:\Program Files (x86)\Gabest MPEG Splitter 2011-01-18 18:05:34 ----D---- C:\Program Files (x86)\MoorHunt 2011-01-16 18:20:44 ----D---- C:\Windows\SysWOW64\drivers 2011-01-16 10:53:38 ----D---- C:\Program Files (x86)\Zoom Player 2011-01-16 09:13:04 ----A---- C:\ProgramData\HPWALog.txt 2011-01-16 08:40:51 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar 2011-01-13 16:36:01 ----D---- C:\ProgramData\Microsoft Help 2011-01-13 09:47:32 ----A---- C:\Windows\SysWOW64\aswBoot.exe 2011-01-07 08:39:06 ----D---- C:\Program Files (x86)\Microsoft Silverlight ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [] R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [] R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [] R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [] R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [] R3 BthEnum;Sterownik Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [] R3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [] R3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [] R3 btwaudio;Urz1dzenie dYwiekowe Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [] R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [] R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [] R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [] R3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [] R3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [] R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [] S1 fwdrv;Firewall Driver; C:\Windows\system32\drivers\fwdrv.sys [2005-03-21 270336] S3 a8j8kgal;a8j8kgal; C:\Windows\SysWOW64\drivers\a8j8kgal.sys [] S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [] S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [] S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [] R2 ASKService;ASKService; C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe [2009-04-02 464264] R2 ASKUpgrade;ASKUpgrade; C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe [2009-04-02 234888] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 864032] R2 DpHost;@C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe [2009-07-01 322624] R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-11-15 126520] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [] R2 KPF4;Kerio Personal Firewall 4; C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe [2005-03-23 1941504] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728] R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [2009-07-22 240128] R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2009-07-12 1656112] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-10-14 751672] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-15 136176] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF----------------- [/log] info.txt [log]info.txt logfile of random's system information tool 1.08 2011-02-04 20:42:53 ======Uninstall list====== -->"C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Blasterball 2 Revolution\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Blasterball 3\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Bob the Builder Can-Do-Zoo\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Build-a-lot 2\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Build-a-lot 3\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Chocolatier - Decadence by Design\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Dora's Carnival Adventure\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Eighteen Wheels of Steel Haulin'\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Farm Frenzy - Pizza Party\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\FATE Undiscovered Realms\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Game Explorer Categories - main\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Jewel Quest Solitaire 2\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\John Deere Drive Green\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Liong - The Lost Amulets\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Mah Jong Medley\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Mortimer Beckett and the Time Paradox\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Mystery P.I. - The New York Fortune\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Mystery P.I. - The Vegas Heist\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Peggle\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Penguins!\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Polar Golfer\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Slingo Deluxe\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Super Collapse 3\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\The Hidden Object Game Show\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Totem Tribe\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\World of Goo\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe" -->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall AC3Filter 1.63b-->"C:\Program Files (x86)\AC3Filter\unins000.exe" ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E} Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA} Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA} Adobe Photoshop CS5-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}" Adobe Reader 9.1 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A91000000001} Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D} Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {04E205D6-88B1-4652-B162-42DF2C3B1228} Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86} Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {128A36ED-21BE-4547-9FFE-5B85AEC735DD} AMD USB Filter Driver-->MsiExec.exe /X{5271C0D4-24E4-4C3D-A782-C012033FD3CF} Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4} ASIO4ALL-->C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe Atheros Driver Installation Program-->C:\Program Files (x86)\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x0015 Audacity 1.2.6-->"C:\Program Files (x86)\Audacity\unins000.exe" avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup Bass Audio Decoder (remove only)-->"C:\Program Files (x86)\Bass Audio Decoder\uninstall.exe" Bing Bar Platform-->MsiExec.exe /I{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39} Bing Bar-->C:\Program Files (x86)\Bing Bar Installer\InstallManager.exe /UNINSTALL Catalyst Control Center - Branding-->MsiExec.exe /I{266D0EEA-E5A6-4A08-A0EE-5391D4EA44A7} CD Audio Reader Filter (remove only)-->"C:\Program Files (x86)\CD Audio Reader Filter\uninstall.exe" Chicken Invaders 2 v2.61-->"C:\Program Files (x86)\ChickenInvaders2Polish\unins000.exe" CTK-900, WK-3200/3700 Music Data Management Software-->MsiExec.exe /I{4D78445A-8AA1-4E4E-9848-C5561D7ED4AB} CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} DCoder Image Source (remove only)-->"C:\Program Files (x86)\DCoder Image Source\uninstall.exe" DolbyFiles-->MsiExec.exe /X{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF} Drumaxx-->C:\Program Files (x86)\Image-Line\Drumaxx\uninstall.exe DScaler 5 Mpeg Decoders-->"C:\Program Files (x86)\DScaler5\unins000.exe" EA Download Manager UI-->msiexec /qb /x {C4FFCD8D-3A06-E243-2747-2CE771A8B7D4} EA Download Manager UI-->MsiExec.exe /I{C4FFCD8D-3A06-E243-2747-2CE771A8B7D4} EA Download Manager-->C:\Program Files (x86)\Electronic Arts\EADM\EADMUninstall.exe Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych-->MsiExec.exe /I{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7} Gadu-Gadu 7.7-->C:\Program Files (x86)\Gadu-Gadu\Setup.exe Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431} GameDesire-Pool & Snooker-->C:\Program Files (x86)\Ganymede\billiards_uninstall.exe GIF Movie Gear 4.2.3-->"C:\Program Files (x86)\GIF Movie Gear\unins000.exe" GIMP 2.6.5-->"C:\Program Files (x86)\GIMP-2.0\setup\unins000.exe" GOM Player-->"C:\Program Files (x86)\GRETECH\GomPlayer\Uninstall.exe" Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\8.0.552.237\Installer\setup.exe" --uninstall --system-level Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Hardcore-->C:\Program Files (x86)\Image-Line\Hardcore\uninstall.exe Harry Potter II-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7BF68B83-5057-4D4B-0093-28285EEB9EE3}\setup.exe" -l0x0 Uninstall Harry Potter TM-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3F50AF3B-8997-4916-0095-99D63DDB785A}\setup.exe" -l0x15 Uninstall HateML 1.1 build 05-->"C:\Program Files (x86)\HateML\unins000.exe" HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} Hotel Giant-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6E7B12B6-DA76-4167-BB65-491C18F8236B}\setup.exe" -l0x15 HP Advisor-->MsiExec.exe /X{B53E61D7-7C80-40DF-82D2-CF5390D6D20A} HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544} HP Games-->"C:\Program Files (x86)\HP Games\Uninstall.exe" HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall HP MediaSmart Internet TV-->"C:\Program Files (x86)\InstallShield Installation Information\{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}\setup.exe" /z-uninstall HP MediaSmart Internet TV-->"C:\Program Files (x86)\InstallShield Installation Information\{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}\setup.exe" /z-uninstall HP MediaSmart Live TV-->"C:\Program Files (x86)\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\setup.exe" /z-uninstall HP MediaSmart Live TV-->"C:\Program Files (x86)\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\setup.exe" /z-uninstall HP MediaSmart Movie Themes-->"C:\Program Files (x86)\InstallShield Installation Information\{3023EBDA-BF1B-4831-B347-E5018555F26E}\setup.exe" /z-uninstall HP MediaSmart Movie Themes-->"C:\Program Files (x86)\InstallShield Installation Information\{3023EBDA-BF1B-4831-B347-E5018555F26E}\setup.exe" /z-uninstall /zMS HP MediaSmart Music/Photo/Video-->"C:\Program Files (x86)\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall HP MediaSmart Music/Photo/Video-->"C:\Program Files (x86)\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall /zMS HP MediaSmart Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall HP MediaSmart Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall /z HP Quick Launch Buttons-->"C:\Program Files (x86)\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -runfromtemp -l0x0015 -removeonly uninst HP Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}\setup.exe" -l0x9 -removeonly HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe" -runfromtemp -l0x0409 -removeonly HP Update-->MsiExec.exe /X{D46D081B-F60E-467E-A7C4-117B70D76731} HP User Guides 0154-->MsiExec.exe /X{B51605BF-6326-4553-AE96-6D7F1813D5F5} HP Wireless Assistant-->MsiExec.exe /X{4E432692-A736-4F77-AF77-F9078CF88D31} HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367} IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -remove -removeonly IL Download Manager-->C:\Program Files (x86)\Image-Line\Downloader\uninstall.exe Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016F0} Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF} JMicron Flash Media Controller Driver-->"C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe" delpkg Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} Kerio Personal Firewall-->MsiExec.exe /X{8DD86BF7-28B3-4CE9-88AE-E6EC790CAECA} K-Lite Codec Pack 6.8.0 (Full)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe" Kurs Photoshop CS4 - Fotografia cyfrowa-->C:\Program Files (x86)\Tutoria\Kurs Photoshop CS4 - Fotografia cyfrowa\uninst.exe LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall LightScribe System Software-->MsiExec.exe /X{CC8E94A2-55C7-4460-953C-2A790180578C} Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Menu Templates - Starter Kit-->MsiExec.exe /X{B78120A0-CF84-4366-A393-4D0A59BC546C} Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0415-1000-0000000FF1CE} /uninstall {D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0415-0000-0000000FF1CE} /uninstall {D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office Access MUI (Polish) 2007-->MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE} Microsoft Office Groove MUI (Polish) 2007-->MsiExec.exe /X{90120000-00BA-0415-0000-0000000FF1CE} Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Polish) 2007-->MsiExec.exe /X{90120000-0044-0415-0000-0000000FF1CE} Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE} Microsoft Office Outlook Connector-->MsiExec.exe /X{95140000-007A-0415-0000-0000000FF1CE} Microsoft Office Outlook MUI (Polish) 2007-->MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE} Microsoft Office PowerPoint Viewer 2007 (Polish)-->MsiExec.exe /X{95120000-00AF-0415-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE} Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0415-0000-0000000FF1CE} /uninstall {E9EA2604-8AC9-47D2-8F4B-6BF60787A357} Microsoft Office Publisher MUI (Polish) 2007-->MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE} Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE} Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Works-->MsiExec.exe /I{306B39C9-3AB1-4161-8567-9C7E50B41AE3} Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13} Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25} Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C} Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57} Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7} Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C} Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403} Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A} MIKSOFT Mobile AMR converter-->"C:\Program Files (x86)\MIKSOFT\Mobile AMR converter\unins000.exe" MONOGRAM AMR Splitter/Decoder (remove only)-->"C:\Program Files (x86)\MONOGRAM AMR SplitterDecoder\uninstall.exe" MoorHunt 0.6.7.2-->"C:\Program Files (x86)\MoorHunt\unins000.exe" Movie Templates - Starter Kit-->MsiExec.exe /X{E498385E-1C51-459A-B45F-1721E37AA1A0} Mozilla Firefox (3.6.13)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9} MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} NapiProjekt 1.0.6.9-->"C:\Program Files (x86)\NAPI-PROJEKT\unins000.exe" Nero 9 Essentials-->C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="XM02-508X-MHAT-19WU-9Z3Z-0CH0-3U6E-85W5-MMHH-6647-1Z5L-7M8C-0U45-758P-0000" Nero 9 Trial-->C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="8M01-2085-KK25-2LEE-0UHL-8MPA-6H4U-EHAL" Nero BurnRights-->MsiExec.exe /X{7829DB6F-A066-4E40-8912-CB07887C20BB} Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A} Nero CoverDesigner-->MsiExec.exe /X{62AC81F6-BDD3-4110-9D36-3E9EAAB40999} Nero Disc Copy Gadget-->MsiExec.exe /X{F1861F30-3419-44DB-B2A1-C274825698B3} Nero DiscSpeed-->MsiExec.exe /X{869200DB-287A-4DC0-B02B-2B6787FBCD4C} Nero DriveSpeed-->MsiExec.exe /X{33CF58F5-48D8-4575-83D6-96F574E4D83A} Nero InfoTool-->MsiExec.exe /X{FBCDFD61-7DCF-4E71-9226-873BA0053139} Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF} Nero PhotoSnap-->MsiExec.exe /X{9E82B934-9A25-445B-B8DF-8012808074AC} Nero Recode-->MsiExec.exe /X{359CFC0A-BEB1-440D-95BA-CF63A86DA34F} Nero Rescue Agent-->MsiExec.exe /X{368BA326-73AD-4351-84ED-3C0A7A52CC53} Nero ShowTime-->MsiExec.exe /X{D9DCF92E-72EB-412D-AC71-3B01276E5F8B} Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2} Nero Vision-->MsiExec.exe /X{43E39830-1826-415D-8BAE-86845787B54B} Nero WaveEditor-->MsiExec.exe /X{A209525B-3377-43F4-B886-32F6B6E7356F} NeroBurningROM-->MsiExec.exe /X{D025A639-B9C9-417D-8531-208859000AF8} NeroExpress-->MsiExec.exe /X{595A3116-40BB-4E0F-A2E8-D7951DA56270} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NoteWorthy Composer-->C:\PROGRA~2\NOTEWO~1\Uninstal.exe Nowe Gadu-Gadu-->C:\Program Files (x86)\Nowe Gadu-Gadu\Uninstall.exe OpenSource DTS/AC3/DD+ Source Filter (remove only)-->"C:\Program Files (x86)\OpenSource DTSAC3DD+ Source Filter\uninstall.exe" Opera 10.51-->MsiExec.exe /X{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A} Pakiet zgodności dla systemu Office 2007-->MsiExec.exe /X{90120000-0020-0415-0000-0000000FF1CE} Pasek narzędzi AOL 5.0-->"C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\uninstall.exe" PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392} PhotoScape-->"C:\Program Files (x86)\PhotoScape\uninstall.exe" Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1} Podstawowe programy Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383} PoiZone-->C:\Program Files (x86)\Image-Line\PoiZone\uninstall.exe Pomocnik Messenger-->MsiExec.exe /I{BD8DA595-F501-4ABE-85A0-5C23E82472A0} Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall PowerRecover-->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall QLBCASL-->MsiExec.exe /I{F1D7AC58-554A-4A58-B784-B61558B1449A} QUICKfind server v1.1-->"C:\Program Files (x86)\IDM\QUICKfind\qf_uninstall.exe" QuickTime-->MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121} RealMedia (remove only)-->"C:\Program Files (x86)\RealMedia\uninstall.exe" Realtek 8136 8168 8169 Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly Sakura-->C:\Program Files (x86)\Image-Line\Sakura\uninstall.exe Sawer-->C:\Program Files (x86)\Image-Line\Sawer\uninstall.exe Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D} Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D} Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263} Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263} Security Update for 2007 Microsoft Office System (KB2289158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {210B16C0-CEBD-4DE9-B474-04A7E8735E16} Security Update for 2007 Microsoft Office System (KB2289158)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {210B16C0-CEBD-4DE9-B474-04A7E8735E16} Security Update for 2007 Microsoft Office System (KB2344875)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F} Security Update for 2007 Microsoft Office System (KB2344875)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F} Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B} Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A} Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A} Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060} Security Update for Microsoft Office Excel 2007 (KB2345035)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B23002DD-34EC-4988-B810-A5E2A0BF04F1} Security Update for Microsoft Office Excel 2007 (KB2345035)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B23002DD-34EC-4988-B810-A5E2A0BF04F1} Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46} Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46} Security Update for Microsoft Office PowerPoint Viewer (KB2413381)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3DED0A62-44C8-4E00-A785-5212F297A9D9} Security Update for Microsoft Office PowerPoint Viewer (KB2413381)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3DED0A62-44C8-4E00-A785-5212F297A9D9} Security Update for Microsoft Office Publisher 2007 (KB2284697)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A4CDE54-2403-483D-8D9A-15E3264410DF} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D} SoundTrax-->MsiExec.exe /X{C5A7CB6C-E76D-408F-BA0E-85605420FE9D} The Sims™ 3-->"C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe" -runfromtemp -l0x0015 -removeonly Tlen.pl-->"C:\Program Files (x86)\Tlen.pl\uninstall.exe" Toxic Biohazard-->C:\Program Files (x86)\Image-Line\Toxic Biohazard\uninstall.exe Update for 2007 Microsoft Office System (KB2284654)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {FB166E7C-8AA6-48C8-B726-1F25BEE7825A} Update for 2007 Microsoft Office System (KB2284654)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {FB166E7C-8AA6-48C8-B726-1F25BEE7825A} Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF} Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF} Update for Microsoft Office Outlook 2007 (KB2412171)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {752A0B7C-BD24-4362-AC86-AB63FEE6F46F} Update for Outlook 2007 Junk Email Filter (KB2483110)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {592B47F5-D305-431A-9781-ED6CBB44FA8B} Update Installer for WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe" Vuze Toolbar-->"C:\Program Files (x86)\AskBarDis\unins000.exe" WavePad Sound Editor-->C:\Program Files (x86)\NCH Swift Sound\WavePad\uninst.exe WildTangent Games App (HP Games)-->"C:\Program Files (x86)\WildTangent Games\Touchpoints\hp\Uninstall.exe" Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe" Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066} Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917} Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30} Windows Live Mesh-->MsiExec.exe /I{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A} Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48} Windows Live Messenger Companion Core-->MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9} Windows Live Messenger-->MsiExec.exe /X{2C7E8AA1-9C03-4606-BF34-5D99D07964DA} Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90} Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38} Windows Live Movie Maker-->MsiExec.exe /X{F80E5450-3EF3-4270-B26C-6AC53BEC5E76} Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81} Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3} Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1} Windows Live PIMT Platform-->MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A} Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F} Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4} Windows Live UX Platform Language Pack-->MsiExec.exe /I{543E6ACA-51B7-4283-82F2-57C0582A53C5} Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16} Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04} Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF} Windows Live Writer-->MsiExec.exe /X{E55E0C35-AC3C-4683-BA2F-834348577B80} Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} WordWise Dictionary-->"C:\Program Files (x86)\Longman\WordWise Dictionary\uninstall.exe" Zoom Player (remove only)-->"C:\Program Files (x86)\Zoom Player\uninstall.exe" ======Hosts File====== 69.10.57.34 google.com 69.10.57.34 google.com.au 69.10.57.34 www.google.com.au 69.10.57.34 google.be 69.10.57.34 www.google.be 69.10.57.34 google.com.br 69.10.57.34 www.google.com.br 69.10.57.34 google.ca 69.10.57.34 www.google.ca 69.10.57.34 google.ch ======System event log====== Computer Name: Monika-Komputer Event Code: 7036 Message: Usługa HP Service weszła w stan zatrzymania. Record Number: 134146 Source Name: Service Control Manager Time Written: 20100915183049.234436-000 Event Type: Informacje User: Computer Name: Monika-Komputer Event Code: 7036 Message: Usługa Dziennik zdarzeń systemu Windows weszła w stan zatrzymania. Record Number: 134145 Source Name: Service Control Manager Time Written: 20100915183049.156436-000 Event Type: Informacje User: Computer Name: Monika-Komputer Event Code: 7036 Message: Usługa Validity VCS Fingerprint Service weszła w stan zatrzymania. Record Number: 134144 Source Name: Service Control Manager Time Written: 20100915183049.156436-000 Event Type: Informacje User: Computer Name: Monika-Komputer Event Code: 7036 Message: Usługa HP Health Check Service weszła w stan zatrzymania. Record Number: 134143 Source Name: Service Control Manager Time Written: 20100915183049.140836-000 Event Type: Informacje User: Computer Name: Monika-Komputer Event Code: 7036 Message: Usługa Usługa profilów użytkowników weszła w stan zatrzymania. Record Number: 134142 Source Name: Service Control Manager Time Written: 20100915183049.140836-000 Event Type: Informacje User: =====Application event log===== Computer Name: Monika-Komputer Event Code: 0 Message: Requires:C:\Program Files (x86)\Hewlett-Packard\HP TCS Record Number: 1405 Source Name: HP Total Care Setup Updater Time Written: 20091222152518.000000-000 Event Type: Informacje User: Computer Name: Monika-Komputer Event Code: 0 Message: Expanded Env:CORESYSTEMPATH Record Number: 1404 Source Name: HP Total Care Setup Updater Time Written: 20091222152518.000000-000 Event Type: Informacje User: Computer Name: Monika-Komputer Event Code: 0 Message: Current:C:\ProgramData\Hewlett-Packard\HP TCS Record Number: 1403 Source Name: HP Total Care Setup Updater Time Written: 20091222152518.000000-000 Event Type: Informacje User: Computer Name: Monika-Komputer Event Code: 0 Message: Requires:C:\ProgramData\Hewlett-Packard\HP TCS Record Number: 1402 Source Name: HP Total Care Setup Updater Time Written: 20091222152518.000000-000 Event Type: Informacje User: Computer Name: Monika-Komputer Event Code: 0 Message: Expanded Env:COREALLUSERPATH Record Number: 1401 Source Name: HP Total Care Setup Updater Time Written: 20091222152518.000000-000 Event Type: Informacje User: =====Security event log===== Computer Name: Monika-Komputer Event Code: 5058 Message: Operacja na pliku klucza. Podmiot: Identyfikator zabezpieczeń: S-1-5-19 Nazwa konta: USŁUGA LOKALNA Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e5 Parametry funkcji kryptograficznej: Nazwa dostawcy: Microsoft Software Key Storage Provider Nazwa algorytmu: Niedostępne. Nazwa klucza: 046d11a5-983c-423a-b29a-eda0f25f249e Typ klucza: Klucz komputera. Informacje dotyczące operacji na pliku klucza: Ścieżka do pliku: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ac4caf8ba9c2a818d10aecaaea87f3bc_186db4be-c5ca-4117-be05-3c62f0c10dea Operacja: Odczytaj trwały klucz z pliku. Kod powrotny: 0x0 Record Number: 33550 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100726124729.234370-000 Event Type: Sukcesy inspekcji User: Computer Name: Monika-Komputer Event Code: 4634 Message: Użytkownik wylogował się z konta. Podmiot: Identyfikator zabezpieczeń: S-1-5-21-2370041813-287283787-2202013241-1001 Nazwa konta: Monika Domena konta: Monika-Komputer Identyfikator logowania: 0x2711d59 Typ logowania: 7 To zdarzenie jest generowane w przypadku zniszczenia sesji logowania. Można je jednoznacznie skorelować ze zdarzeniem logowania przy użyciu wartości identyfikatora logowania. Identyfikatory logowania są unikatowe tylko między ponownymi rozruchami na tym samym komputerze. Record Number: 33549 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100726124725.028130-000 Event Type: Sukcesy inspekcji User: Computer Name: Monika-Komputer Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpieczeń: S-1-5-21-2370041813-287283787-2202013241-1001 Nazwa konta: Monika Domena konta: Monika-Komputer Identyfikator logowania: 0x2711d59 Uprawnienia: SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 33548 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100726124725.027130-000 Event Type: Sukcesy inspekcji User: Computer Name: Monika-Komputer Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: MONIKA-KOMPUTER$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Typ logowania: 7 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-21-2370041813-287283787-2202013241-1001 Nazwa konta: Monika Domena konta: Monika-Komputer Identyfikator logowania: 0x2711d59 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x280 Nazwa procesu: C:\Windows\System32\winlogon.exe Informacje o sieci: Nazwa stacji roboczej: MONIKA-KOMPUTER Adres źródłowy sieci: 127.0.0.1 Port źródłowy: 0 Szczegółowe informacje o uwierzytelnianiu: Proces logowania: User32 Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 33547 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100726124725.027130-000 Event Type: Sukcesy inspekcji User: Computer Name: Monika-Komputer Event Code: 4648 Message: Podjęto próbę logowania przy użyciu jawnych poświadczeń. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: MONIKA-KOMPUTER$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Konto, którego poświadczenia zostały użyte: Nazwa konta: Monika Domena konta: Monika-Komputer Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Serwer docelowy: Nazwa serwera docelowego: localhost Informacje dodatkowe: localhost Informacje o procesie: Identyfikator procesu: 0x280 Nazwa procesu: C:\Windows\System32\winlogon.exe Informacje o sieci: Adres sieciowy: 127.0.0.1 Port: 0 To zdarzenie jest generowane, gdy proces podejmie próbę zalogowania się na koncie, określając w sposób jawny poświadczenia konta. To zdarzenie najczęściej występuje w konfiguracjach wsadowych, takich jak zaplanowane zadania, lub podczas używania polecenia RUNAS. Record Number: 33546 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100726124725.027130-000 Event Type: Sukcesy inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Windows Live\Shared "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=2 "PROCESSOR_LEVEL"=16 "PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=0602 "OnlineServices"=Online Services "Platform"=MCD "PCBRAND"=Pavilion "CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- [/log]
Tomek01 komentarz 4 lutego 2011 komentarz 4 lutego 2011 To teraz na nie spójrz i powiedz czy da się coś odczytać. Wstaw je odpowiednio bo do niczego nie dojdziemy.
Tomek01 komentarz 4 lutego 2011 komentarz 4 lutego 2011 Wpierw odinstaluj zbędne toolbary oraz Adware: MyWebSearch Odinstaluj: AskBarDis, Zynga Toolbar, MyAshampoo Toolbar, Babylon-English Toolbar, Ask Toolbar, ConduitEngine, AOL Toolbar, MSN Toolbar oraz MyWebSearch. Zaczynasz od paska Start/Programy, jeśli tu nie będzie z panelu dodaj/usuń. Jak któregoś nie będzie nie przejmuj się. Z racji śladu Adware zastosuj [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] Infekcja z mediów przenośnych, zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB. Resztę co zostanie usuniemy za pomocą OTL. Po wszystkim poproszę nowy zestaw logów.
krzysiek15 komentarz 5 lutego 2011 Autor komentarz 5 lutego 2011 Nowe logi: OTL: OTL.txt [log]OTL logfile created on: 2011-02-05 13:05:24 - Run 2 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Monika\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 63,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,67 Gb Total Space | 313,34 Gb Free Space | 69,22% Space Free | Partition Type: NTFS Drive D: | 12,79 Gb Total Space | 2,13 Gb Free Space | 16,69% Space Free | Partition Type: NTFS Computer Name: MONIKA-KOMPUTER | User Name: Monika | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color="#E56717"]========== Processes (All) ==========[/color] PRC - [2011-02-04 20:02:16 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe PRC - [2011-01-13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011-01-13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010-12-12 08:00:28 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2010-12-12 08:00:27 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010-10-14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe PRC - [2010-10-14 17:22:50 | 000,751,672 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe PRC - [2010-09-22 11:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe PRC - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2009-08-20 13:34:04 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe PRC - [2009-08-20 13:25:58 | 002,363,392 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe PRC - [2009-08-20 10:46:04 | 000,322,104 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe PRC - [2009-07-23 19:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe PRC - [2009-07-23 10:37:16 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe PRC - [2009-07-01 17:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe PRC - [2009-07-01 17:43:54 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe PRC - [2009-07-01 17:43:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe PRC - [2009-07-01 14:44:34 | 000,632,888 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe PRC - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe PRC - [2009-05-05 10:11:50 | 000,228,408 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe PRC - [2009-04-02 12:47:04 | 000,234,888 | ---- | M] () -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe PRC - [2009-04-02 12:47:02 | 000,464,264 | ---- | M] () -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe PRC - [2009-02-27 17:10:28 | 000,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe PRC - [2009-01-21 19:47:38 | 000,247,152 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe PRC - [2008-12-08 13:50:04 | 000,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe PRC - [2005-03-23 16:27:18 | 001,941,504 | ---- | M] (Kerio Technologies) -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe PRC - [2005-03-23 16:24:34 | 002,899,968 | ---- | M] (Kerio Technologies) -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4gui.exe [color="#E56717"]========== Modules (All) ==========[/color] MOD - [2011-02-04 20:02:16 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe MOD - [2011-01-20 13:32:00 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2010-08-21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2010-07-27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2010-06-29 06:02:02 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010-04-07 08:10:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2010-03-24 07:37:04 | 001,289,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2009-12-11 08:39:06 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2009-12-11 08:36:33 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2009-07-14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2009-07-14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2009-07-14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2009-07-14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2009-07-14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2009-07-14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2009-07-14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2009-07-14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2009-07-14 02:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2009-07-14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 02:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2009-07-14 02:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2009-07-14 02:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 02:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2009-07-14 02:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll [color="#E56717"]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011-01-13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2010-09-22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b]64bit:[/b] - [2009-07-22 02:33:32 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe -- (STacSV) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-12 21:18:24 | 001,924,400 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService) SRV:[b]64bit:[/b] - [2009-07-08 12:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv) SRV:[b]64bit:[/b] - [2009-07-02 19:16:06 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009-07-01 17:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b]64bit:[/b] - [2009-03-02 22:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe -- (AESTFilters) SRV - [2010-10-14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe) SRV - [2010-10-12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009-07-12 21:04:26 | 001,656,112 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService) SRV - [2009-07-01 17:43:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-04-02 12:47:04 | 000,234,888 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade) SRV - [2009-04-02 12:47:02 | 000,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe -- (ASKService) SRV - [2005-03-23 16:27:18 | 001,941,504 | ---- | M] (Kerio Technologies) [Auto | Running] -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe -- (KPF4) [color="#E56717"]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011-01-13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2010-09-22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2010-01-18 18:50:39 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2009-09-22 02:47:14 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2009-08-28 09:33:48 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2009-07-22 02:33:32 | 000,487,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:[b]64bit:[/b] - [2009-07-21 04:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:[b]64bit:[/b] - [2009-07-17 21:58:30 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2009-07-17 21:58:24 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b]64bit:[/b] - [2009-07-17 21:58:22 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2009-07-17 21:58:18 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 00:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2009-07-08 12:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt) DRV:[b]64bit:[/b] - [2009-07-08 12:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer) DRV:[b]64bit:[/b] - [2009-07-02 19:51:30 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2009-06-29 19:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir) DRV:[b]64bit:[/b] - [2009-06-10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:[b]64bit:[/b] - [2009-06-10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:[b]64bit:[/b] - [2009-06-10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:[b]64bit:[/b] - [2009-06-10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:[b]64bit:[/b] - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2009-06-10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:[b]64bit:[/b] - [2009-06-10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel® DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-06-05 11:20:26 | 000,114,192 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2009-05-23 07:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2009-05-05 06:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:[b]64bit:[/b] - [2009-04-29 16:28:30 | 000,030,208 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV:[b]64bit:[/b] - [2009-04-29 07:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV:[b]64bit:[/b] - [2009-03-09 05:49:08 | 000,036,408 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV - [2005-03-21 15:39:16 | 000,270,336 | ---- | M] (Kerio Technologies) [Kernel | System | Stopped] -- C:\Windows\system32\drivers\fwdrv.sys -- (fwdrv) [color="#E56717"]========== Standard Registry (SafeList) ==========[/color] [color="#E56717"]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb"]http://ie.redirect.h...avilion&pf=cnnb[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb"]http://ie.redirect.h...avilion&pf=cnnb[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb"]http://ie.redirect.h...avilion&pf=cnnb[/url] IE - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25560 [color="#E56717"]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl&bsv=1eic6yu9oa4y3&scc=1<mpl=default<mplcache=2" FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.3787 FF - prefs.js..extensions.enabledItems: exif_viewer@mozilla.doslash.org:1.55 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=GRfox000&fl=0&ptb=aFw2119Ngwscjb2pn3DCcw&url=http://search.mywebsearch.com/mywebsearch/GGmain.jhtml&st=kwd&n=77ce832e&searchfor=" FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2009-10-20 01:06:07 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\1.bin FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-12-12 08:00:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-01-04 15:04:40 | 000,000,000 | ---D | M] [2009-12-29 15:21:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Extensions [2009-12-29 15:21:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com [2011-02-05 11:19:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3qgdrr8t.default\extensions [2010-08-11 08:04:53 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3qgdrr8t.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2010-06-26 15:29:07 | 000,000,000 | ---D | M] ("Exif Viewer") -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3qgdrr8t.default\extensions\exif_viewer@mozilla.doslash.org [2009-12-23 10:00:41 | 000,000,687 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\3qgdrr8t.default\searchplugins\ask.xml [2010-01-20 11:19:10 | 000,000,923 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\3qgdrr8t.default\searchplugins\conduit.xml [2010-02-27 15:56:31 | 000,009,977 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\3qgdrr8t.default\searchplugins\mywebsearch.xml [2011-01-16 18:32:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011-01-04 15:04:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2009-10-20 01:06:07 | 000,000,000 | ---D | M] (DigitalPersona Extension) -- C:\PROGRAM FILES (X86)\DIGITALPERSONA\BIN\FIREFOXEXT [2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010-03-16 12:57:46 | 000,120,296 | ---- | M] ( ) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npganymedenet.dll [2010-12-09 11:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll [2010-10-24 12:56:44 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-08-18 12:05:39 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml [2010-10-24 12:56:44 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-10-24 12:56:44 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\merlin-pl.xml [2011-01-02 08:20:38 | 000,045,258 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\Mp3Rocket.xml [2011-01-02 08:20:38 | 000,045,238 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\Mp3Rocket.xml.bak [2010-10-24 12:56:44 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-10-24 12:56:44 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-10-24 12:56:44 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-01-16 15:50:37 | 000,002,069 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 69.10.57.34 google.com O1 - Hosts: 69.10.57.34 google.com.au O1 - Hosts: 69.10.57.34 www.google.com.au O1 - Hosts: 69.10.57.34 google.be O1 - Hosts: 69.10.57.34 www.google.be O1 - Hosts: 69.10.57.34 google.com.br O1 - Hosts: 69.10.57.34 www.google.com.br O1 - Hosts: 69.10.57.34 google.ca O1 - Hosts: 69.10.57.34 www.google.ca O1 - Hosts: 69.10.57.34 google.ch O1 - Hosts: 69.10.57.34 www.google.ch O1 - Hosts: 69.10.57.34 google.de O1 - Hosts: 69.10.57.34 www.google.de O1 - Hosts: 69.10.57.34 google.dk O1 - Hosts: 69.10.57.34 www.google.dk O1 - Hosts: 69.10.57.34 google.fr O1 - Hosts: 69.10.57.34 www.google.fr O1 - Hosts: 69.10.57.34 google.ie O1 - Hosts: 69.10.57.34 www.google.ie O1 - Hosts: 69.10.57.34 google.it O1 - Hosts: 69.10.57.34 www.google.it O1 - Hosts: 69.10.57.34 google.co.jp O1 - Hosts: 69.10.57.34 www.google.co.jp O1 - Hosts: 69.10.57.34 google.nl O1 - Hosts: 69.10.57.34 www.google.nl O1 - Hosts: 21 more lines... O2:[b]64bit:[/b] - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll (Conduit Ltd.) O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O3 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe () O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.) O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O7 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1 O7 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..Trusted Domains: facebook.com ([apps] http in Zaufane witryny) O15 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..Trusted Domains: gorskanatura.pl ([www] http in Zaufane witryny) O15 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..Trusted Domains: gorskanatura.pl ([www] https in Zaufane witryny) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O27:[b]64bit:[/b] - HKLM IFEO\OLT.exe: Debugger - C:\Windows\SysNative\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\OLT.exe: Debugger - svchost.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell - "" = AutoRun O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell\AutoRun\command - "" = F:\SETUP.EXE O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell\configure\command - "" = F:\SETUP.EXE O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell\install\command - "" = F:\SETUP.EXE O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* SafeBootMin:[b]64bit:[/b] AppMgmt - Service SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] mcmscsvc - Service SafeBootMin:[b]64bit:[/b] MCODS - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: mcmscsvc - Service SafeBootMin: MCODS - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - Service SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] mcmscsvc - Service SafeBootNet:[b]64bit:[/b] MCODS - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] MpfService - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: mcmscsvc - Service SafeBootNet: MCODS - Service SafeBootNet: Messenger - Service SafeBootNet: MpfService - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color="#E56717"]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-05 12:08:05 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Szkoła stewardess [2011-02-05 12:08:00 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Emma [2011-02-05 09:48:45 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Monika\Desktop\Malwarebytes_Anti-Malware1.50.1[www.instalki.pl].exe [2011-02-04 20:42:36 | 000,000,000 | ---D | C] -- C:\rsit [2011-02-04 20:23:06 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe [2011-02-04 20:04:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011-02-04 11:16:08 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\cms_rhythm [2011-02-04 11:11:26 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CASIO [2011-02-04 11:11:23 | 000,000,000 | ---D | C] -- C:\Users\Monika\Documents\WK-3700 [2011-02-04 11:11:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CASIO [2011-02-01 17:07:15 | 000,000,000 | ---D | C] -- C:\Users\Monika\Pulpit [2011-01-31 21:28:54 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C} [2011-01-28 16:36:13 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\NCH Software [2011-01-28 16:35:55 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\NCH Swift Sound [2011-01-28 16:35:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound [2011-01-28 16:35:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite [2011-01-28 16:35:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs [2011-01-28 16:35:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Swift Sound [2011-01-26 17:47:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011-01-25 21:23:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pure Sudoku [2011-01-21 21:26:02 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Media Player Classic [2011-01-21 21:25:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2011-01-21 21:24:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack [2011-01-16 18:20:51 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Malwarebytes [2011-01-16 18:20:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011-01-16 18:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011-01-16 18:20:40 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011-01-16 18:20:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011-01-16 17:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2011-01-16 17:55:51 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2011-01-16 15:17:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\PIJGS [2011-01-16 15:15:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\eeab61 [2011-01-16 08:40:21 | 000,237,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011-01-12 18:42:59 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Piosenki posegregować [2011-01-12 16:11:07 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2011-01-12 16:11:06 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll [2011-01-12 16:11:05 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011-01-12 16:11:04 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011-01-12 16:11:04 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2011-01-12 16:11:04 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011-01-12 16:11:03 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011-01-12 16:11:02 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011-01-12 16:11:02 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011-01-12 16:11:01 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2011-01-12 16:11:00 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2011-01-12 16:11:00 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2011-01-12 16:11:00 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011-01-12 16:11:00 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll [2011-01-12 16:10:59 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2011-01-12 16:10:59 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2011-01-12 16:10:59 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011-01-12 16:10:59 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011-01-12 16:10:59 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2011-01-12 16:10:59 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2011-01-12 16:10:36 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011-01-12 16:10:36 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2011-01-09 14:43:37 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Filmy Ani [2011-01-04 15:04:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011-01-04 15:04:40 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011-01-04 15:04:40 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011-01-04 15:04:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011-01-04 15:04:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011-01-02 16:28:24 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2011-01-02 16:27:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect [2011-01-02 16:27:47 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa [2011-01-02 16:27:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2011-01-02 16:27:20 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Winamp [2011-01-02 16:27:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp [2011-01-02 09:38:52 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\InstallShield [2010-12-31 22:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WildTangent Games [2010-12-30 13:22:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TimeAdjuster [2010-12-26 19:50:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MoorHunt [2010-12-21 10:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC} [2010-12-15 12:01:01 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2010-12-15 12:01:01 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2010-12-15 12:00:58 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2010-12-15 12:00:58 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2010-12-15 12:00:57 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2010-12-15 12:00:57 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2010-12-15 12:00:57 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2010-12-15 12:00:57 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2010-12-15 12:00:57 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2010-12-15 12:00:57 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2010-12-15 12:00:53 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010-12-15 12:00:53 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010-12-15 12:00:53 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010-12-15 12:00:53 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2010-12-15 12:00:50 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2010-12-15 12:00:39 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2010-12-15 12:00:38 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2010-12-15 12:00:37 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010-12-15 12:00:37 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010-12-15 12:00:37 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010-12-15 12:00:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010-12-15 12:00:37 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2010-12-15 12:00:37 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2010-12-15 12:00:36 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2010-12-15 12:00:36 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2010-12-15 12:00:36 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2010-12-15 12:00:36 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2010-12-15 12:00:35 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2010-12-15 12:00:35 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2010-12-11 14:14:25 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Local\Last.fm [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color="#E56717"]========== Files - Modified Within 60 Days ==========[/color] [2011-02-05 13:08:25 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-02-05 13:08:25 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-02-05 13:01:05 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-02-05 13:00:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-02-05 13:00:34 | 3218,235,392 | -HS- | M] () -- C:\hiberfil.sys [2011-02-05 12:39:26 | 000,010,687 | ---- | M] () -- C:\Users\Monika\Desktop\do us.docx [2011-02-05 12:30:03 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-02-05 10:04:21 | 000,132,597 | ---- | M] () -- C:\Users\Monika\Desktop\Flash_Disinfector.exe [2011-02-05 09:49:39 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011-02-05 09:48:58 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Monika\Desktop\Malwarebytes_Anti-Malware1.50.1[www.instalki.pl].exe [2011-02-04 22:52:10 | 005,013,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011-02-04 20:04:35 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011-02-04 20:02:16 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe [2011-02-04 20:02:16 | 000,339,991 | ---- | M] () -- C:\Users\Monika\Desktop\RSIT.exe [2011-02-04 19:15:50 | 002,321,881 | ---- | M] () -- C:\Users\Monika\Desktop\SDM - Pieśń na wyjście.mp3 [2011-02-04 19:13:56 | 002,796,223 | ---- | M] () -- C:\Users\Monika\Desktop\Janusz Radek - Sama siebie pytaj.mp3 [2011-02-04 16:15:37 | 000,010,339 | ---- | M] () -- C:\Users\Monika\Desktop\PP.docx [2011-02-04 11:59:03 | 000,002,250 | ---- | M] () -- C:\Users\Monika\Desktop\Music Data Management Software.lnk [2011-02-03 15:10:41 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMonika.job [2011-02-01 18:49:02 | 007,366,656 | ---- | M] () -- C:\Users\Monika\Desktop\John Lennon - Imagine.mp3 [2011-02-01 09:29:52 | 006,160,072 | ---- | M] () -- C:\Users\Monika\Desktop\Adema - Promises.mp3 [2011-01-29 14:12:00 | 001,536,718 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011-01-29 14:12:00 | 000,692,322 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2011-01-29 14:12:00 | 000,611,332 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011-01-29 14:12:00 | 000,133,892 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2011-01-29 14:12:00 | 000,105,512 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011-01-27 18:05:07 | 000,534,229 | ---- | M] () -- C:\Users\Monika\Desktop\Plan.jpg [2011-01-16 15:50:37 | 000,002,069 | RHS- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011-01-16 08:40:21 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011-01-13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011-01-13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011-01-13 09:47:23 | 000,237,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011-01-13 09:41:44 | 000,273,488 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011-01-13 09:40:20 | 000,051,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011-01-13 09:37:34 | 000,029,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011-01-13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011-01-13 09:37:12 | 000,020,560 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011-01-13 09:00:00 | 000,000,038 | ---- | M] () -- C:\Windows\avisplitter.ini [2011-01-12 19:02:00 | 000,013,987 | ---- | M] () -- C:\Users\Monika\Desktop\Książki.xlsx [2010-12-31 22:19:02 | 000,000,376 | ---- | M] () -- C:\Users\Monika\Desktop\Minesweeper.lnk [2010-12-20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010-12-20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010-12-13 19:38:34 | 000,001,496 | ---- | M] () -- C:\Users\Monika\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs [2010-12-11 17:32:32 | 000,004,608 | ---- | M] () -- C:\Users\Monika\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-10 18:08:24 | 000,013,795 | ---- | M] () -- C:\Users\Monika\Documents\umowa najmu.docx [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color="#E56717"]========== Files Created - No Company Name ==========[/color] [2011-02-05 12:39:25 | 000,010,687 | ---- | C] () -- C:\Users\Monika\Desktop\do us.docx [2011-02-05 10:04:18 | 000,132,597 | ---- | C] () -- C:\Users\Monika\Desktop\Flash_Disinfector.exe [2011-02-05 09:49:39 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011-02-04 20:23:06 | 000,339,991 | ---- | C] () -- C:\Users\Monika\Desktop\RSIT.exe [2011-02-04 20:04:35 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011-02-04 19:06:55 | 002,321,881 | ---- | C] () -- C:\Users\Monika\Desktop\SDM - Pieśń na wyjście.mp3 [2011-02-04 19:04:14 | 002,796,223 | ---- | C] () -- C:\Users\Monika\Desktop\Janusz Radek - Sama siebie pytaj.mp3 [2011-02-04 16:15:36 | 000,010,339 | ---- | C] () -- C:\Users\Monika\Desktop\PP.docx [2011-02-04 11:59:03 | 000,002,250 | ---- | C] () -- C:\Users\Monika\Desktop\Music Data Management Software.lnk [2011-02-03 18:13:12 | 000,000,978 | ---- | C] () -- C:\Users\Monika\Desktop\Gadu-Gadu.lnk [2011-02-01 18:42:47 | 007,366,656 | ---- | C] () -- C:\Users\Monika\Desktop\John Lennon - Imagine.mp3 [2011-02-01 09:29:32 | 006,160,072 | ---- | C] () -- C:\Users\Monika\Desktop\Adema - Promises.mp3 [2011-01-28 16:35:49 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk [2011-01-27 18:03:58 | 000,534,229 | ---- | C] () -- C:\Users\Monika\Desktop\Plan.jpg [2011-01-21 21:25:08 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011-01-21 21:25:07 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011-01-02 14:12:01 | 000,013,987 | ---- | C] () -- C:\Users\Monika\Desktop\Książki.xlsx [2010-12-31 22:19:02 | 000,000,376 | ---- | C] () -- C:\Users\Monika\Desktop\Minesweeper.lnk [2010-12-13 19:38:34 | 000,001,496 | ---- | C] () -- C:\Users\Monika\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs [2010-12-10 10:29:16 | 000,013,795 | ---- | C] () -- C:\Users\Monika\Documents\umowa najmu.docx [2010-06-13 11:06:16 | 000,004,608 | ---- | C] () -- C:\Users\Monika\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-12-22 18:11:07 | 000,000,190 | ---- | C] () -- C:\Users\Monika\AppData\Roaming\wklnhst.dat [2009-12-22 16:30:19 | 000,000,000 | ---- | C] () -- C:\Users\Monika\AppData\Local\QSwitch.txt [2009-12-22 16:30:19 | 000,000,000 | ---- | C] () -- C:\Users\Monika\AppData\Local\DSwitch.txt [2009-12-22 16:30:19 | 000,000,000 | ---- | C] () -- C:\Users\Monika\AppData\Local\AtStart.txt [2009-12-22 16:30:16 | 000,000,455 | ---- | C] () -- C:\ProgramData\HPWALog.txt [2009-10-20 01:05:21 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log [2009-10-20 01:05:11 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log [2009-10-20 01:04:52 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log [2009-10-20 01:04:26 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log [2009-10-20 01:03:41 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log [2009-09-05 10:17:42 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [2009-09-05 10:14:08 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log [2009-09-05 10:12:37 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [2009-09-05 10:11:58 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [2009-07-15 16:50:42 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2007-01-23 13:11:20 | 000,141,312 | ---- | C] () -- C:\Windows\SysWow64\QFClient2.dll [2003-01-28 00:09:20 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\libexpat.dll [color="#E56717"]========== LOP Check ==========[/color] [2011-02-04 20:19:40 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Azureus [2010-04-17 09:46:34 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Cool Record Edit Pro [2010-01-19 10:04:35 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\DAEMON Tools Lite [2009-12-22 16:30:14 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\DigitalPersona [2010-06-09 16:06:52 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Druk Świadectw [2011-01-02 09:37:16 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\FUJIFILM [2009-12-22 17:36:11 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Gadu-Gadu [2010-07-17 07:51:09 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\GanymedeNet [2010-06-26 14:48:04 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\gtk-2.0 [2010-04-28 17:57:51 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\HateML [2009-12-24 15:20:02 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\iWin [2010-06-29 12:41:26 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Leadertech [2010-10-03 18:35:24 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\MP3Rocket [2011-01-28 16:35:55 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\NCH Swift Sound [2010-04-12 18:35:02 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu [2010-02-11 21:06:58 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\OpenOffice.org [2010-09-26 08:37:00 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Opera [2010-04-11 15:34:08 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\PhotoFiltre [2009-12-24 14:16:10 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\PlayFirst [2010-09-05 16:51:25 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2009-12-22 18:11:10 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Template [2011-02-04 21:30:45 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Tlen.pl [2010-10-28 19:16:51 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Windows Live Writer [2010-03-07 14:32:16 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\wordwise [2010-12-10 10:09:00 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color="#E56717"]========== Purity Check ==========[/color] [color="#E56717"]========== Custom Scans ==========[/color] [color="#A23BEC"]< %systemdrive%\*.* >[/color] [2009-07-14 02:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2011-02-05 13:00:34 | 3218,235,392 | -HS- | M] () -- C:\hiberfil.sys [2010-01-07 16:47:40 | 000,000,185 | ---- | M] () -- C:\hpqlb.log [2011-02-05 13:00:39 | 4290,981,888 | -HS- | M] () -- C:\pagefile.sys [color="#A23BEC"]< MD5 for: AGP440.SYS >[/color] [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [color="#A23BEC"]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [color="#A23BEC"]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color="#A23BEC"]< MD5 for: CDROM.SYS >[/color] [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [color="#A23BEC"]< MD5 for: EVENTLOG.DLL >[/color] [2007-05-17 20:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll [color="#A23BEC"]< MD5 for: NDIS.SYS >[/color] [2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys [2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color="#A23BEC"]< MD5 for: WINLOGON.EXE >[/color] [2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009-10-28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe [2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < End of report > [/log] Extras: [log]OTL Extras logfile created on: 2011-02-05 13:05:24 - Run 2 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Monika\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 63,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,67 Gb Total Space | 313,34 Gb Free Space | 69,22% Space Free | Partition Type: NTFS Drive D: | 12,79 Gb Total Space | 2,13 Gb Free Space | 16,69% Space Free | Partition Type: NTFS Computer Name: MONIKA-KOMPUTER | User Name: Monika | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color="#E56717"]========== Extra Registry (SafeList) ==========[/color] [color="#E56717"]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color="#E56717"]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color="#E56717"]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color="#E56717"]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color="#E56717"]========== Authorized Applications List ==========[/color] [color="#E56717"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources "{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java™ 6 Update 14 (64-bit) "{33B18075-C7DF-4839-8517-C6E9338D84F2}" = HP 3D DriveGuard "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety "{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{62A20ECA-920E-4052-BF77-88C78DD20FAA}" = Validity Sensors DDK "{6C47240C-016E-03B5-D13E-AECAED09F2E3}" = ATI Catalyst Install Manager "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{ADEB3402-CFBD-00E2-0EE6-F6A3F1AFACF0}" = ccc-utility64 "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{C02C2C22-2EB1-47C8-B74F-8AB1A62FAE31}" = Windows Live Family Safety "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DD3BF908-F6B0-45A5-BED3-79E8888DDA93}" = DigitalPersona Personal 4.10 "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "CCleaner" = CCleaner "FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = WinRAR archiver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51 "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{08DB3902-2CE0-474D-BCE3-0177766CE9F1}" = HP Support Assistant "{09CC0D0E-061D-3C7B-3881-D2EB53A8AAFC}" = CCC Help Polish "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0 "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver "{26606D8F-3133-DBE2-8AF5-AB28F300860A}" = CCC Help Chinese Standard "{266D0EEA-E5A6-4A08-A0EE-5391D4EA44A7}" = Catalyst Control Center - Branding "{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java™ 6 Update 16 "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 23 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{2b6ce61a-cb33-4514-b3ec-cd5d768c73df}" = Nero 9 Trial "{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "{306B39C9-3AB1-4161-8567-9C7E50B41AE3}" = Microsoft Works "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33C17B75-EA9C-0687-9CED-03D92637B042}" = CCC Help Hungarian "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode "{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent "{3F50AF3B-8997-4916-0095-99D63DDB785A}" = Harry Potter TM "{3FBDB7B8-7472-E895-2E5D-99D190B2D1B6}" = Catalyst Control Center InstallProxy "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4D78445A-8AA1-4E4E-9848-C5561D7ED4AB}" = CTK-900, WK-3200/3700 Music Data Management Software "{4E432692-A736-4F77-AF77-F9078CF88D31}" = HP Wireless Assistant "{5271C0D4-24E4-4C3D-A782-C012033FD3CF}" = AMD USB Filter Driver "{543E6ACA-51B7-4283-82F2-57C0582A53C5}" = Windows Live UX Platform Language Pack "{546937C5-0529-333E-0D5E-FE3C53108806}" = CCC Help Japanese "{55C70B62-5EF1-D527-7CAB-E50D8B3B4990}" = Catalyst Control Center Graphics Full New "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{577ED77E-25D9-1A76-4EF0-773B9C173758}" = CCC Help Portuguese "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress "{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime "{5DB4EA68-A509-D408-585C-C9D045FADF72}" = Catalyst Control Center Graphics Previews Vista "{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6D335F78-1F4F-7826-56DD-4F350EA6EADD}" = CCC Help Greek "{6E7B12B6-DA76-4167-BB65-491C18F8236B}" = Hotel Giant "{6EF04EAE-0354-9919-E757-F1203E6F422B}" = CCC Help Italian "{7028B245-30A2-BD8C-31B9-6008216FBDC2}" = CCC Help French "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games) "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{779D3256-84D0-936F-18F9-A154DC85B4B4}" = Catalyst Control Center Localization All "{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights "{78a0a27f-1a47-4aa6-a53a-bf6e2308985e}" = Nero 9 Essentials "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7BF68B83-5057-4D4B-0093-28285EEB9EE3}" = Harry Potter II "{7F4DA5B8-6884-47F2-AEBA-D9111E420C63}" = CCC Help Danish "{7F9A8D27-A1B9-164F-FCB1-0B64C88629CF}" = CCC Help Norwegian "{803263F7-8CAC-DC6D-3288-8128865A7472}" = CCC Help German "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8CC47AA0-5774-61FC-6A59-7E1C936DB753}" = ccc-core-static "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8DD86BF7-28B3-4CE9-88AE-E6EC790CAECA}" = Kerio Personal Firewall "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_HOMESTUDENTR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0415-1000-0000000FF1CE}_HOMESTUDENTR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_HOMESTUDENTR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00AF-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Polish) "{95140000-007A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A28867B-109A-5BBF-85C0-FC1BAA98CA1C}" = CCC Help Russian "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap "{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A8BCC9E4-9036-3029-F2BC-AA73A62DA73D}" = CCC Help Turkish "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1045-7B44-A91000000001}" = Adobe Reader 9.1 - Polish "{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych "{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154 "{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor "{B5C746E6-D961-445C-3768-5B6FAF6A1A31}" = CCC Help Spanish "{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update "{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{BD8DA595-F501-4ABE-85A0-5C23E82472A0}" = Pomocnik Messenger "{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3 "{C0769946-2CF1-9E8D-009B-5C413B3F01D1}" = CCC Help Czech "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C4F7EEE5-3D99-8552-7483-B2F412838B2A}" = Catalyst Control Center Graphics Previews Common "{C4FFCD8D-3A06-E243-2747-2CE771A8B7D4}" = EA Download Manager UI "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update "{D4C41D27-A2D5-94C6-1D08-3D470A12EAF0}" = CCC Help Swedish "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{D9D6A848-1BFD-592B-5F9D-0BA8692FDF0B}" = CCC Help Finnish "{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DCD91C2F-3A86-B328-59A0-5EED6190D983}" = Catalyst Control Center Graphics Full Existing "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer "{E5F5CAA5-84ED-DE41-40D0-8926FE7E5F4D}" = Catalyst Control Center Graphics Light "{E6CE345D-BF83-1242-9E4D-3D60A5036D87}" = CCC Help English "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EC155897-712F-5637-A5DA-6C7CE7CB5521}" = CCC Help Korean "{F0580F64-44A1-C607-9364-887912B74F4D}" = CCC Help Thai "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup "{F3F9A4E5-CD9F-4657-CF99-5CE3F7729909}" = Catalyst Control Center Core Implementation "{F5B1D41A-05B9-98E2-C350-E69D4A444CB4}" = CCC Help Chinese Traditional "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool "{FCF0F615-6E70-B949-028F-88D32C55C2BC}" = CCC Help Dutch "AC3Filter_is1" = AC3Filter 1.63b "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AOL Toolbar" = Pasek narzędzi AOL 5.0 "ASIO4ALL" = ASIO4ALL "Ask Toolbar_is1" = Vuze Toolbar "Audacity_is1" = Audacity 1.2.6 "avast5" = avast! Free Antivirus "Bass Audio Decoder" = Bass Audio Decoder (remove only) "CD Audio Reader Filter" = CD Audio Reader Filter (remove only) "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "Chicken Invaders 2_is1" = Chicken Invaders 2 v2.61 "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI "DCoder Image Source" = DCoder Image Source (remove only) "Drumaxx" = Drumaxx "DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders "EA Download Manager" = EA Download Manager "ENTERPRISE" = Microsoft Office Enterprise 2007 "Gadu-Gadu" = Gadu-Gadu 7.7 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "GIF Movie Gear_is1" = GIF Movie Gear 4.2.3 "GOM Player" = GOM Player "Google Chrome" = Google Chrome "Hardcore" = Hardcore "HateML_is1" = HateML 1.1 build 05 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "IL Download Manager" = IL Download Manager "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "KLiteCodecPack_is1" = K-Lite Codec Pack 6.8.0 (Full) "Kurs Photoshop CS4 - Fotografia cyfrowa" = Kurs Photoshop CS4 - Fotografia cyfrowa "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MIKSOFT Mobile AMR converter_is1" = MIKSOFT Mobile AMR converter "MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only) "MoorHunt_is1" = MoorHunt 0.6.7.2 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NoteWorthy Composer" = NoteWorthy Composer "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "NSIS_wordwise" = WordWise Dictionary "OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only) "PhotoScape" = PhotoScape "PoiZone" = PoiZone "QUICKfind" = QUICKfind server v1.1 "RealMedia" = RealMedia (remove only) "Sakura" = Sakura "Sawer" = Sawer "Tlen.pl" = Tlen.pl "Toxic Biohazard" = Toxic Biohazard "WavePad" = WavePad Sound Editor "WildTangent hp Master Uninstall" = HP Games "Winamp" = Winamp "WinGimp-2.0_is1" = GIMP 2.6.5 "WinLiveSuite" = Podstawowe programy Windows Live "ZoomPlayer" = Zoom Player (remove only) [color="#E56717"]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Tlen.pl" = Tlen.pl "Winamp Detect" = Detektor Winampa [color="#E56717"]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > [/log] RSIT log.txt [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Monika at 2011-02-05 13:02:49 Microsoft Windows 7 Home Premium System drive C: has 321 GB (69%) free of 464 GB Total RAM: 4092 MB (67% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:03:22, on 2011-02-05 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Users\Monika\Desktop\RSIT.exe C:\Program Files (x86)\trend micro\Monika.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb"]http://ie.redirect.h...avilion&pf=cnnb[/url] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://search.conduit.com?SearchSource=10&ctid=CT2475029"]http://go.microsoft....&ctid=CT2475029[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb"]http://ie.redirect.h...avilion&pf=cnnb[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb"]http://go.microsoft....avilion&pf=cnnb[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:25560 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: 69.10.57.34 google.com O1 - Hosts: 69.10.57.34 google.com.au O1 - Hosts: 69.10.57.34 www.google.com.au O1 - Hosts: 69.10.57.34 google.be O1 - Hosts: 69.10.57.34 www.google.be O1 - Hosts: 69.10.57.34 google.com.br O1 - Hosts: 69.10.57.34 www.google.com.br O1 - Hosts: 69.10.57.34 google.ca O1 - Hosts: 69.10.57.34 www.google.ca O1 - Hosts: 69.10.57.34 google.ch O1 - Hosts: 69.10.57.34 www.google.ch O1 - Hosts: 69.10.57.34 google.de O1 - Hosts: 69.10.57.34 www.google.de O1 - Hosts: 69.10.57.34 google.dk O1 - Hosts: 69.10.57.34 www.google.dk O1 - Hosts: 69.10.57.34 google.fr O1 - Hosts: 69.10.57.34 www.google.fr O1 - Hosts: 69.10.57.34 google.ie O1 - Hosts: 69.10.57.34 www.google.ie O1 - Hosts: 69.10.57.34 google.it O1 - Hosts: 69.10.57.34 www.google.it O1 - Hosts: 69.10.57.34 google.co.jp O1 - Hosts: 69.10.57.34 www.google.co.jp O1 - Hosts: 69.10.57.34 google.nl O1 - Hosts: 69.10.57.34 www.google.nl O1 - Hosts: 69.10.57.34 google.no O1 - Hosts: 69.10.57.34 www.google.no O1 - Hosts: 69.10.57.34 google.co.nz O1 - Hosts: 69.10.57.34 www.google.co.nz O1 - Hosts: 69.10.57.34 google.pl O1 - Hosts: 69.10.57.34 www.google.pl O1 - Hosts: 69.10.57.34 google.se O1 - Hosts: 69.10.57.34 www.google.se O1 - Hosts: 69.10.57.34 google.co.uk O1 - Hosts: 69.10.57.34 google.co.za O1 - Hosts: 69.10.57.34 www.google.co.za O1 - Hosts: 69.10.57.34 www.bing.com O1 - Hosts: 69.10.57.34 search.yahoo.com O1 - Hosts: 69.10.57.34 www.search.yahoo.com O1 - Hosts: 69.10.57.34 uk.search.yahoo.com O1 - Hosts: 69.10.57.34 ca.search.yahoo.com O1 - Hosts: 69.10.57.34 de.search.yahoo.com O1 - Hosts: 69.10.57.34 fr.search.yahoo.com O1 - Hosts: 69.10.57.34 au.search.yahoo.com O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll O2 - BHO: Pomocnik logowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O15 - Trusted Zone: [url="http://apps.facebook.com"]http://apps.facebook.com[/url] O15 - Trusted Zone: [url="http://www.gorskanatura.pl"]http://www.gorskanatura.pl[/url] O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ASKService - Unknown owner - C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 16927 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HPCeeScheduleForMonika.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] AskBar BHO - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll [2010-10-18 3908192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}] DigitalPersona Personal Extension - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-07-01 1256512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}] AOL Toolbar BHO - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll [2008-07-02 1185120] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik logowania za pomocą identyfikatora Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-22 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}] QUICKfind BHO Object - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll [2007-02-16 457216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-10-28 42088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll [2008-07-02 1185120] {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192] {8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616] {30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll [2010-10-18 3908192] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304] "HPCam_Menu"=c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2009-02-25 218408] "DpAgent"=C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [2009-07-01 842816] "QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-08-20 322104] "UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] ""= [] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] "avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624] "WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-03-23 500792] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2007-10-19 286720] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392] "AdobeBridge"= [] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli DPPWDFLT [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "WallpaperStyle"=2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=2 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "DisallowRun"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger="svchost.exe ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2011-02-04 20:42:36 ----D---- C:\rsit 2011-02-04 11:11:23 ----D---- C:\Program Files (x86)\CASIO 2011-01-28 16:36:13 ----D---- C:\Users\Monika\AppData\Roaming\NCH Software 2011-01-28 16:35:55 ----D---- C:\Users\Monika\AppData\Roaming\NCH Swift Sound 2011-01-28 16:35:54 ----D---- C:\ProgramData\NCH Swift Sound 2011-01-28 16:35:48 ----D---- C:\Program Files (x86)\NCH Swift Sound 2011-01-25 21:23:42 ----D---- C:\Program Files (x86)\Pure Sudoku 2011-01-21 21:26:02 ----D---- C:\Users\Monika\AppData\Roaming\Media Player Classic 2011-01-21 21:25:08 ----A---- C:\Windows\SysWOW64\unrar.dll 2011-01-21 21:25:07 ----A---- C:\Windows\avisplitter.ini 2011-01-21 21:24:49 ----D---- C:\Program Files (x86)\K-Lite Codec Pack 2011-01-16 18:20:51 ----D---- C:\Users\Monika\AppData\Roaming\Malwarebytes 2011-01-16 18:20:44 ----A---- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys 2011-01-16 18:20:43 ----D---- C:\ProgramData\Malwarebytes 2011-01-16 18:20:40 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-01-16 17:55:51 ----D---- C:\Program Files (x86)\Trend Micro 2011-01-16 15:17:54 ----SHD---- C:\ProgramData\PIJGS 2011-01-16 15:15:48 ----SHD---- C:\ProgramData\eeab61 2011-01-12 16:11:06 ----A---- C:\Windows\SysWOW64\d3d10warp.dll 2011-01-12 16:11:04 ----A---- C:\Windows\SysWOW64\d2d1.dll 2011-01-12 16:11:03 ----A---- C:\Windows\SysWOW64\DWrite.dll 2011-01-12 16:11:02 ----A---- C:\Windows\SysWOW64\XpsPrint.dll 2011-01-12 16:11:00 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll 2011-01-12 16:11:00 ----A---- C:\Windows\SysWOW64\ExplorerFrame.dll 2011-01-12 16:11:00 ----A---- C:\Windows\SysWOW64\d3d10_1core.dll 2011-01-12 16:10:59 ----A---- C:\Windows\SysWOW64\XpsRasterService.dll 2011-01-12 16:10:59 ----A---- C:\Windows\SysWOW64\d3d10_1.dll 2011-01-12 16:10:36 ----A---- C:\Windows\SysWOW64\odbc32.dll ======List of files/folders modified in the last 1 months====== 2011-02-05 13:03:20 ----D---- C:\Windows\Temp 2011-02-05 11:14:37 ----D---- C:\Windows\Microsoft.NET 2011-02-05 09:49:39 ----D---- C:\Windows\SysWOW64\drivers 2011-02-04 22:20:27 ----D---- C:\Windows 2011-02-04 21:30:45 ----D---- C:\Users\Monika\AppData\Roaming\Tlen.pl 2011-02-04 20:19:44 ----D---- C:\Users\Monika\AppData\Roaming\Winamp 2011-02-04 20:19:40 ----D---- C:\Users\Monika\AppData\Roaming\Azureus 2011-02-04 20:10:10 ----D---- C:\Windows\debug 2011-02-04 20:04:33 ----RD---- C:\Program Files 2011-02-04 18:42:34 ----SHD---- C:\System Volume Information 2011-02-04 11:11:29 ----SHD---- C:\Windows\Installer 2011-02-04 11:11:23 ----D---- C:\Program Files (x86) 2011-02-04 11:10:31 ----D---- C:\Windows\Downloaded Installations 2011-02-03 20:18:45 ----D---- C:\Program Files (x86)\Tlen.pl 2011-02-01 14:52:04 ----D---- C:\Windows\winsxs 2011-01-29 14:12:00 ----D---- C:\Windows\System32 2011-01-29 14:12:00 ----D---- C:\Windows\inf 2011-01-29 10:04:34 ----D---- C:\Program Files (x86)\Google 2011-01-28 16:47:15 ----D---- C:\Windows\SysWOW64 2011-01-28 16:35:54 ----HD---- C:\ProgramData 2011-01-27 21:19:46 ----D---- C:\Windows\rescache 2011-01-21 21:24:55 ----D---- C:\Program Files (x86)\DScaler5 2011-01-21 21:24:04 ----D---- C:\Program Files (x86)\DirectVobSub 2011-01-21 21:23:59 ----D---- C:\Program Files (x86)\OpenSource Flash Video Splitter 2011-01-21 21:23:44 ----D---- C:\Program Files (x86)\SHOUTcast Source 2011-01-21 20:38:55 ----D---- C:\Program Files (x86)\Gabest MPEG Splitter 2011-01-18 18:05:34 ----D---- C:\Program Files (x86)\MoorHunt 2011-01-16 10:53:38 ----D---- C:\Program Files (x86)\Zoom Player 2011-01-16 09:13:04 ----A---- C:\ProgramData\HPWALog.txt 2011-01-16 08:40:51 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar 2011-01-13 16:36:01 ----D---- C:\ProgramData\Microsoft Help 2011-01-13 09:47:32 ----A---- C:\Windows\SysWOW64\aswBoot.exe 2011-01-07 08:39:06 ----D---- C:\Program Files (x86)\Microsoft Silverlight ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [] R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [] R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [] R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [] R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [] R3 BthEnum;Sterownik Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [] R3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [] R3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [] R3 btwaudio;Urz1dzenie dYwiekowe Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [] R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [] R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [] R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [] R3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [] R3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [] R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [] S1 fwdrv;Firewall Driver; C:\Windows\system32\drivers\fwdrv.sys [2005-03-21 270336] S3 af1ow2us;af1ow2us; C:\Windows\SysWOW64\drivers\af1ow2us.sys [] S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [] S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [] R2 ASKService;ASKService; C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe [2009-04-02 464264] R2 ASKUpgrade;ASKUpgrade; C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe [2009-04-02 234888] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 864032] R2 DpHost;@C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe [2009-07-01 322624] R2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-15 136176] R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-11-15 126520] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [] R2 KPF4;Kerio Personal Firewall 4; C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe [2005-03-23 1941504] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728] R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [2009-07-22 240128] R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2009-07-12 1656112] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-10-14 751672] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF----------------- [/log]
Tomek01 komentarz 6 lutego 2011 komentarz 6 lutego 2011 Co zawierają foldery?: C:\ProgramData\PIJGS C:\ProgramData\eeab61 Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB. W OTL, w oknie Custom scan/fixes wklej: [code]:OTL PRC - [2009-04-02 12:47:04 | 000,234,888 | ---- | M] () -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe PRC - [2009-04-02 12:47:02 | 000,464,264 | ---- | M] () -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe SRV - [2009-04-02 12:47:04 | 000,234,888 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade) SRV - [2009-04-02 12:47:02 | 000,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe -- (ASKService) FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=GRfox000&fl=0&ptb=aFw2119Ngwscjb2pn3DCcw&url=http://search.mywebsearch.com/mywebsearch/GGmain.jhtml&st=kwd&n=77ce832e&searchfor=" FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\1.bin O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll (Conduit Ltd.) O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O3 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC)O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell - "" = AutoRun O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell\AutoRun\command - "" = F:\SETUP.EXE O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell\configure\command - "" = F:\SETUP.EXE O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell\install\command - "" = F:\SETUP.EXE :Files C:\Users\Monika\AppData\Roaming\wklnhst.dat C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HPCeeScheduleForMonika.job C:\Program Files (x86)\DAEMON Tools Toolbar :Commands [emptytemp][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT
krzysiek15 komentarz 7 lutego 2011 Autor komentarz 7 lutego 2011 C:\ProgramData\PIJGS zawiera plik o nazwie PILEUXKSS.cfg C:\ProgramData\eeab61: [url="http://img826.imageshack.us/img826/3830/4354.png"]ZDJĘCIE[/url] Foldery PISSys i Quarantine Items są puste. [b] [/b]Flash Disinfector[b] [/b]nie działa w Win7. OTL3.txt [log]OTL logfile created on: 2011-02-07 08:44:12 - Run 3 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Monika\Desktop\Śmieci 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,67 Gb Total Space | 303,79 Gb Free Space | 67,11% Space Free | Partition Type: NTFS Drive D: | 12,79 Gb Total Space | 2,13 Gb Free Space | 16,69% Space Free | Partition Type: NTFS Computer Name: MONIKA-KOMPUTER | User Name: Monika | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color="#E56717"]========== Processes (SafeList) ==========[/color] PRC - [2011-02-04 20:02:16 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\Śmieci\OTL.exe PRC - [2011-01-13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011-01-13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010-12-12 08:00:28 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2010-12-12 08:00:27 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010-10-14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe PRC - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2009-07-23 19:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe PRC - [2009-07-23 10:37:16 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe PRC - [2009-07-01 17:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe PRC - [2009-07-01 17:43:54 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe PRC - [2009-07-01 17:43:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe PRC - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe PRC - [2009-04-02 12:47:04 | 000,234,888 | ---- | M] () -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe PRC - [2009-04-02 12:47:02 | 000,464,264 | ---- | M] () -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe PRC - [2005-03-23 16:27:18 | 001,941,504 | ---- | M] (Kerio Technologies) -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe PRC - [2005-03-23 16:24:34 | 002,899,968 | ---- | M] (Kerio Technologies) -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4gui.exe [color="#E56717"]========== Modules (SafeList) ==========[/color] MOD - [2011-02-04 20:02:16 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\Śmieci\OTL.exe MOD - [2011-01-20 13:32:00 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2010-08-21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll [color="#E56717"]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011-01-13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2010-09-22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b]64bit:[/b] - [2009-07-22 02:33:32 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe -- (STacSV) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-12 21:18:24 | 001,924,400 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService) SRV:[b]64bit:[/b] - [2009-07-08 12:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv) SRV:[b]64bit:[/b] - [2009-07-02 19:16:06 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009-07-01 17:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b]64bit:[/b] - [2009-03-02 22:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe -- (AESTFilters) SRV - [2010-10-14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe) SRV - [2010-10-12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009-07-12 21:04:26 | 001,656,112 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService) SRV - [2009-07-01 17:43:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-04-02 12:47:04 | 000,234,888 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade) SRV - [2009-04-02 12:47:02 | 000,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe -- (ASKService) SRV - [2005-03-23 16:27:18 | 001,941,504 | ---- | M] (Kerio Technologies) [Auto | Running] -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe -- (KPF4) [color="#E56717"]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011-01-13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2010-09-22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2010-01-18 18:50:39 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2009-09-22 02:47:14 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2009-08-28 09:33:48 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2009-07-22 02:33:32 | 000,487,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:[b]64bit:[/b] - [2009-07-21 04:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:[b]64bit:[/b] - [2009-07-17 21:58:30 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2009-07-17 21:58:24 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b]64bit:[/b] - [2009-07-17 21:58:22 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2009-07-17 21:58:18 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 00:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2009-07-08 12:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt) DRV:[b]64bit:[/b] - [2009-07-08 12:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer) DRV:[b]64bit:[/b] - [2009-07-02 19:51:30 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2009-06-29 19:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir) DRV:[b]64bit:[/b] - [2009-06-10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:[b]64bit:[/b] - [2009-06-10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:[b]64bit:[/b] - [2009-06-10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:[b]64bit:[/b] - [2009-06-10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:[b]64bit:[/b] - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2009-06-10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:[b]64bit:[/b] - [2009-06-10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel® DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-06-05 11:20:26 | 000,114,192 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2009-05-23 07:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2009-05-05 06:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:[b]64bit:[/b] - [2009-04-29 16:28:30 | 000,030,208 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV:[b]64bit:[/b] - [2009-04-29 07:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV:[b]64bit:[/b] - [2009-03-09 05:49:08 | 000,036,408 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV - [2005-03-21 15:39:16 | 000,270,336 | ---- | M] (Kerio Technologies) [Kernel | System | Stopped] -- C:\Windows\system32\drivers\fwdrv.sys -- (fwdrv) [color="#E56717"]========== Standard Registry (SafeList) ==========[/color] [color="#E56717"]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb"]http://ie.redirect.h...avilion&pf=cnnb[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb"]http://ie.redirect.h...avilion&pf=cnnb[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb"]http://ie.redirect.h...avilion&pf=cnnb[/url] IE - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25560 [color="#E56717"]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl&bsv=1eic6yu9oa4y3&scc=1<mpl=default<mplcache=2" FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.3787 FF - prefs.js..extensions.enabledItems: exif_viewer@mozilla.doslash.org:1.55 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=GRfox000&fl=0&ptb=aFw2119Ngwscjb2pn3DCcw&url=http://search.mywebsearch.com/mywebsearch/GGmain.jhtml&st=kwd&n=77ce832e&searchfor=" FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2009-10-20 01:06:07 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\1.bin FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-12-12 08:00:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-01-04 15:04:40 | 000,000,000 | ---D | M] [2009-12-29 15:21:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Extensions [2009-12-29 15:21:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com [2011-02-06 20:04:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3qgdrr8t.default\extensions [2010-08-11 08:04:53 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3qgdrr8t.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2010-06-26 15:29:07 | 000,000,000 | ---D | M] ("Exif Viewer") -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3qgdrr8t.default\extensions\exif_viewer@mozilla.doslash.org [2009-12-23 10:00:41 | 000,000,687 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\3qgdrr8t.default\searchplugins\ask.xml [2010-01-20 11:19:10 | 000,000,923 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\3qgdrr8t.default\searchplugins\conduit.xml [2010-02-27 15:56:31 | 000,009,977 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\3qgdrr8t.default\searchplugins\mywebsearch.xml [2011-01-16 18:32:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011-01-04 15:04:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2009-10-20 01:06:07 | 000,000,000 | ---D | M] (DigitalPersona Extension) -- C:\PROGRAM FILES (X86)\DIGITALPERSONA\BIN\FIREFOXEXT [2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010-03-16 12:57:46 | 000,120,296 | ---- | M] ( ) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npganymedenet.dll [2010-12-09 11:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll [2010-10-24 12:56:44 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2010-08-18 12:05:39 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2010-10-24 12:56:44 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2010-10-24 12:56:44 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2011-01-02 08:20:38 | 000,045,258 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Mp3Rocket.xml [2011-01-02 08:20:38 | 000,045,238 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\Mp3Rocket.xml.bak [2010-10-24 12:56:44 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2010-10-24 12:56:44 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2010-10-24 12:56:44 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-01-16 15:50:37 | 000,002,069 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 69.10.57.34 google.com O1 - Hosts: 69.10.57.34 google.com.au O1 - Hosts: 69.10.57.34 www.google.com.au O1 - Hosts: 69.10.57.34 google.be O1 - Hosts: 69.10.57.34 www.google.be O1 - Hosts: 69.10.57.34 google.com.br O1 - Hosts: 69.10.57.34 www.google.com.br O1 - Hosts: 69.10.57.34 google.ca O1 - Hosts: 69.10.57.34 www.google.ca O1 - Hosts: 69.10.57.34 google.ch O1 - Hosts: 69.10.57.34 www.google.ch O1 - Hosts: 69.10.57.34 google.de O1 - Hosts: 69.10.57.34 www.google.de O1 - Hosts: 69.10.57.34 google.dk O1 - Hosts: 69.10.57.34 www.google.dk O1 - Hosts: 69.10.57.34 google.fr O1 - Hosts: 69.10.57.34 www.google.fr O1 - Hosts: 69.10.57.34 google.ie O1 - Hosts: 69.10.57.34 www.google.ie O1 - Hosts: 69.10.57.34 google.it O1 - Hosts: 69.10.57.34 www.google.it O1 - Hosts: 69.10.57.34 google.co.jp O1 - Hosts: 69.10.57.34 www.google.co.jp O1 - Hosts: 69.10.57.34 google.nl O1 - Hosts: 69.10.57.34 www.google.nl O1 - Hosts: 21 more lines... O2:[b]64bit:[/b] - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll (Conduit Ltd.) O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O3 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe () O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe (DigitalPersona, Inc.) O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O7 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1 O7 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..Trusted Domains: facebook.com ([apps] http in Zaufane witryny) O15 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..Trusted Domains: gorskanatura.pl ([www] http in Zaufane witryny) O15 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..Trusted Domains: gorskanatura.pl ([www] https in Zaufane witryny) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O27:[b]64bit:[/b] - HKLM IFEO\OLT.exe: Debugger - C:\Windows\SysNative\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\OLT.exe: Debugger - svchost.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell - "" = AutoRun O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell\AutoRun\command - "" = F:\SETUP.EXE O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell\configure\command - "" = F:\SETUP.EXE O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell\install\command - "" = F:\SETUP.EXE O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color="#E56717"]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-06 19:13:44 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Śmieci [2011-02-04 20:42:36 | 000,000,000 | ---D | C] -- C:\rsit [2011-02-04 20:04:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011-02-04 11:16:08 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\cms_rhythm [2011-02-04 11:11:26 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CASIO [2011-02-04 11:11:23 | 000,000,000 | ---D | C] -- C:\Users\Monika\Documents\WK-3700 [2011-02-04 11:11:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CASIO [2011-02-01 17:07:15 | 000,000,000 | ---D | C] -- C:\Users\Monika\Pulpit [2011-01-31 21:28:54 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C} [2011-01-28 16:36:13 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\NCH Software [2011-01-28 16:35:55 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\NCH Swift Sound [2011-01-28 16:35:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound [2011-01-28 16:35:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite [2011-01-28 16:35:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs [2011-01-28 16:35:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Swift Sound [2011-01-26 17:47:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011-01-25 21:23:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pure Sudoku [2011-01-21 21:26:02 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Media Player Classic [2011-01-21 21:25:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2011-01-21 21:24:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack [2011-01-16 18:20:51 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Malwarebytes [2011-01-16 18:20:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011-01-16 18:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011-01-16 18:20:40 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011-01-16 18:20:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011-01-16 17:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2011-01-16 17:55:51 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2011-01-16 15:17:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\PIJGS [2011-01-16 15:15:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\eeab61 [2011-01-16 08:40:21 | 000,237,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011-01-12 18:42:59 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Piosenki posegregować [2011-01-12 16:11:07 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2011-01-12 16:11:06 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll [2011-01-12 16:11:05 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011-01-12 16:11:04 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011-01-12 16:11:04 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2011-01-12 16:11:04 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011-01-12 16:11:03 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011-01-12 16:11:02 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011-01-12 16:11:02 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011-01-12 16:11:01 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2011-01-12 16:11:00 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2011-01-12 16:11:00 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2011-01-12 16:11:00 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011-01-12 16:11:00 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll [2011-01-12 16:10:59 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2011-01-12 16:10:59 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2011-01-12 16:10:59 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011-01-12 16:10:59 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011-01-12 16:10:59 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2011-01-12 16:10:59 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2011-01-12 16:10:36 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011-01-12 16:10:36 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2011-01-09 14:43:37 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Filmy Ani [2011-01-04 15:04:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011-01-04 15:04:40 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011-01-04 15:04:40 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011-01-04 15:04:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011-01-04 15:04:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011-01-02 16:28:24 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2011-01-02 16:27:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect [2011-01-02 16:27:47 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa [2011-01-02 16:27:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2011-01-02 16:27:20 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Winamp [2011-01-02 16:27:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp [2011-01-02 09:38:52 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\InstallShield [2010-12-31 22:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WildTangent Games [2010-12-30 13:22:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TimeAdjuster [2010-12-26 19:50:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MoorHunt [2010-12-21 10:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC} [2010-12-15 12:01:01 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2010-12-15 12:01:01 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2010-12-15 12:00:58 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2010-12-15 12:00:58 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2010-12-15 12:00:57 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2010-12-15 12:00:57 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2010-12-15 12:00:57 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2010-12-15 12:00:57 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2010-12-15 12:00:57 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2010-12-15 12:00:57 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2010-12-15 12:00:53 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010-12-15 12:00:53 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010-12-15 12:00:53 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010-12-15 12:00:53 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2010-12-15 12:00:50 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2010-12-15 12:00:39 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2010-12-15 12:00:38 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2010-12-15 12:00:37 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010-12-15 12:00:37 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010-12-15 12:00:37 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010-12-15 12:00:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010-12-15 12:00:37 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2010-12-15 12:00:37 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2010-12-15 12:00:36 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2010-12-15 12:00:36 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2010-12-15 12:00:36 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2010-12-15 12:00:36 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2010-12-15 12:00:35 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2010-12-15 12:00:35 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2010-12-11 14:14:25 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Local\Last.fm [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color="#E56717"]========== Files - Modified Within 60 Days ==========[/color] [2011-02-07 08:49:49 | 010,077,038 | ---- | M] () -- C:\Users\Monika\Desktop\at.van.part5.rar.part [2011-02-07 08:49:49 | 000,000,000 | ---- | M] () -- C:\Users\Monika\Desktop\at.van.part5.rar [2011-02-07 08:47:58 | 000,143,278 | ---- | M] () -- C:\Users\Monika\Desktop\4354.png [2011-02-07 08:42:25 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-02-07 08:42:25 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-02-07 08:35:16 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-02-07 08:34:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-02-07 08:34:46 | 3218,235,392 | -HS- | M] () -- C:\hiberfil.sys [2011-02-06 22:21:00 | 099,614,720 | ---- | M] () -- C:\Users\Monika\Desktop\at.van.part4.rar [2011-02-06 21:32:15 | 099,614,720 | ---- | M] () -- C:\Users\Monika\Desktop\at.van.part3.rar [2011-02-06 21:30:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-02-06 20:37:48 | 099,614,720 | ---- | M] () -- C:\Users\Monika\Desktop\at.van.part2.rar [2011-02-06 19:28:10 | 099,614,720 | ---- | M] () -- C:\Users\Monika\Desktop\at.van.part1.rar [2011-02-06 11:59:03 | 000,015,089 | ---- | M] () -- C:\Users\Monika\Desktop\Książki.xlsx [2011-02-05 15:53:42 | 000,010,463 | ---- | M] () -- C:\Users\Monika\Desktop\PP.docx [2011-02-04 22:52:10 | 005,013,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011-02-04 11:59:03 | 000,002,250 | ---- | M] () -- C:\Users\Monika\Desktop\Music Data Management Software.lnk [2011-02-03 15:10:41 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMonika.job [2011-01-29 14:12:00 | 001,536,718 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011-01-29 14:12:00 | 000,692,322 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2011-01-29 14:12:00 | 000,611,332 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011-01-29 14:12:00 | 000,133,892 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2011-01-29 14:12:00 | 000,105,512 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011-01-27 18:05:07 | 000,534,229 | ---- | M] () -- C:\Users\Monika\Desktop\Plan.jpg [2011-01-16 15:50:37 | 000,002,069 | RHS- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011-01-16 08:40:21 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011-01-13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011-01-13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011-01-13 09:47:23 | 000,237,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011-01-13 09:41:44 | 000,273,488 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011-01-13 09:40:20 | 000,051,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011-01-13 09:37:34 | 000,029,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011-01-13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011-01-13 09:37:12 | 000,020,560 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011-01-13 09:00:00 | 000,000,038 | ---- | M] () -- C:\Windows\avisplitter.ini [2010-12-31 22:19:02 | 000,000,376 | ---- | M] () -- C:\Users\Monika\Desktop\Minesweeper.lnk [2010-12-20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010-12-20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010-12-13 19:38:34 | 000,001,496 | ---- | M] () -- C:\Users\Monika\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs [2010-12-11 17:32:32 | 000,004,608 | ---- | M] () -- C:\Users\Monika\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-10 18:08:24 | 000,013,795 | ---- | M] () -- C:\Users\Monika\Documents\umowa najmu.docx [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color="#E56717"]========== Files Created - No Company Name ==========[/color] [2011-02-07 08:47:58 | 000,143,278 | ---- | C] () -- C:\Users\Monika\Desktop\4354.png [2011-02-06 22:06:50 | 099,614,720 | ---- | C] () -- C:\Users\Monika\Desktop\at.van.part4.rar [2011-02-06 21:07:11 | 099,614,720 | ---- | C] () -- C:\Users\Monika\Desktop\at.van.part3.rar [2011-02-06 20:03:10 | 099,614,720 | ---- | C] () -- C:\Users\Monika\Desktop\at.van.part2.rar [2011-02-06 18:54:31 | 099,614,720 | ---- | C] () -- C:\Users\Monika\Desktop\at.van.part1.rar [2011-02-04 16:15:36 | 000,010,463 | ---- | C] () -- C:\Users\Monika\Desktop\PP.docx [2011-02-04 11:59:03 | 000,002,250 | ---- | C] () -- C:\Users\Monika\Desktop\Music Data Management Software.lnk [2011-02-03 18:13:12 | 000,000,978 | ---- | C] () -- C:\Users\Monika\Desktop\Gadu-Gadu.lnk [2011-01-28 16:35:49 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk [2011-01-27 18:03:58 | 000,534,229 | ---- | C] () -- C:\Users\Monika\Desktop\Plan.jpg [2011-01-21 21:25:08 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011-01-21 21:25:07 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011-01-02 14:12:01 | 000,015,089 | ---- | C] () -- C:\Users\Monika\Desktop\Książki.xlsx [2010-12-31 22:19:02 | 000,000,376 | ---- | C] () -- C:\Users\Monika\Desktop\Minesweeper.lnk [2010-12-13 19:38:34 | 000,001,496 | ---- | C] () -- C:\Users\Monika\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs [2010-12-10 10:29:16 | 000,013,795 | ---- | C] () -- C:\Users\Monika\Documents\umowa najmu.docx [2010-06-13 11:06:16 | 000,004,608 | ---- | C] () -- C:\Users\Monika\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-12-22 18:11:07 | 000,000,190 | ---- | C] () -- C:\Users\Monika\AppData\Roaming\wklnhst.dat [2009-12-22 16:30:19 | 000,000,000 | ---- | C] () -- C:\Users\Monika\AppData\Local\QSwitch.txt [2009-12-22 16:30:19 | 000,000,000 | ---- | C] () -- C:\Users\Monika\AppData\Local\DSwitch.txt [2009-12-22 16:30:19 | 000,000,000 | ---- | C] () -- C:\Users\Monika\AppData\Local\AtStart.txt [2009-12-22 16:30:16 | 000,000,455 | ---- | C] () -- C:\ProgramData\HPWALog.txt [2009-10-20 01:05:21 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log [2009-10-20 01:05:11 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log [2009-10-20 01:04:52 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log [2009-10-20 01:04:26 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log [2009-10-20 01:03:41 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log [2009-09-05 10:17:42 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [2009-09-05 10:14:08 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log [2009-09-05 10:12:37 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [2009-09-05 10:11:58 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [2009-07-15 16:50:42 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2007-01-23 13:11:20 | 000,141,312 | ---- | C] () -- C:\Windows\SysWow64\QFClient2.dll [2003-01-28 00:09:20 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\libexpat.dll [color="#E56717"]========== LOP Check ==========[/color] [2011-02-04 20:19:40 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Azureus [2010-04-17 09:46:34 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Cool Record Edit Pro [2010-01-19 10:04:35 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\DAEMON Tools Lite [2009-12-22 16:30:14 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\DigitalPersona [2010-06-09 16:06:52 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Druk Świadectw [2011-01-02 09:37:16 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\FUJIFILM [2009-12-22 17:36:11 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Gadu-Gadu [2010-07-17 07:51:09 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\GanymedeNet [2010-06-26 14:48:04 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\gtk-2.0 [2010-04-28 17:57:51 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\HateML [2009-12-24 15:20:02 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\iWin [2010-06-29 12:41:26 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Leadertech [2010-10-03 18:35:24 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\MP3Rocket [2011-01-28 16:35:55 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\NCH Swift Sound [2010-04-12 18:35:02 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu [2010-02-11 21:06:58 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\OpenOffice.org [2010-09-26 08:37:00 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Opera [2010-04-11 15:34:08 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\PhotoFiltre [2009-12-24 14:16:10 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\PlayFirst [2010-09-05 16:51:25 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2009-12-22 18:11:10 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Template [2011-02-06 22:47:15 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Tlen.pl [2010-10-28 19:16:51 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Windows Live Writer [2010-03-07 14:32:16 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\wordwise [2010-12-10 10:09:00 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color="#E56717"]========== Purity Check ==========[/color] [color="#E56717"]========== Custom Scans ==========[/color] [color="#A23BEC"]< :OTL >[/color] [color="#A23BEC"]< PRC - [2009-04-02 12:47:04 | 000,234,888 | ---- | M] () -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe >[/color] [color="#A23BEC"]< PRC - [2009-04-02 12:47:02 | 000,464,264 | ---- | M] () -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe >[/color] [color="#A23BEC"]< SRV - [2009-04-02 12:47:04 | 000,234,888 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade) >[/color] [color="#A23BEC"]< SRV - [2009-04-02 12:47:02 | 000,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe -- (ASKService) >[/color] [color="#A23BEC"]< FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" >[/color] [color="#A23BEC"]< FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search" >[/color] [color="#A23BEC"]< FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}" >[/color] [color="#A23BEC"]< FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" >[/color] [color="#A23BEC"]< FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=GRfox000&fl=0&ptb=aFw2119Ngwscjb2pn3DCcw&url=http://search.mywebsearch.com/mywebsearch/GGmain.jhtml&st=kwd&n=77ce832e&searchfor=" >[/color] [color="#A23BEC"]< FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\1.bin >[/color] [color="#A23BEC"]< O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) >[/color] [color="#A23BEC"]< O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll (Conduit Ltd.) >[/color] [color="#A23BEC"]< O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) >[/color] [color="#A23BEC"]< O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) >[/color] [color="#A23BEC"]< O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. >[/color] [color="#A23BEC"]< O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) >[/color] [color="#A23BEC"]< O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll (Conduit Ltd.) >[/color] [color="#A23BEC"]< O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) >[/color] [color="#A23BEC"]< O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) >[/color] [color="#A23BEC"]< O3 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) >[/color] [color="#A23BEC"]< O3 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC)O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell - "" = AutoRun >[/color] [color="#A23BEC"]< O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell\AutoRun\command - "" = F:\SETUP.EXE >[/color] [color="#A23BEC"]< O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell\configure\command - "" = F:\SETUP.EXE >[/color] [color="#A23BEC"]< O33 - MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell\install\command - "" = F:\SETUP.EXE >[/color] [color="#A23BEC"]< >[/color] [color="#A23BEC"]< :Files >[/color] [color="#A23BEC"]< C:\Users\Monika\AppData\Roaming\wklnhst.dat >[/color] [2009-12-22 18:45:34 | 000,000,190 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\wklnhst.dat [color="#A23BEC"]< C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log >[/color] [2009-10-20 01:05:22 | 000,000,105 | ---- | M] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log [color="#A23BEC"]< C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log >[/color] [2009-10-20 01:05:11 | 000,000,032 | ---- | M] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log [color="#A23BEC"]< C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log >[/color] [2009-10-20 01:04:52 | 000,000,032 | ---- | M] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log [color="#A23BEC"]< C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log >[/color] [2009-10-20 01:04:26 | 000,000,032 | ---- | M] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log [color="#A23BEC"]< C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log >[/color] [2009-10-20 01:03:41 | 000,000,032 | ---- | M] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log [color="#A23BEC"]< C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log >[/color] [2009-09-05 10:18:00 | 000,000,109 | ---- | M] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [color="#A23BEC"]< C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log >[/color] [2009-09-05 10:17:33 | 000,000,110 | ---- | M] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log [color="#A23BEC"]< C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log >[/color] [2009-09-05 10:13:57 | 000,000,105 | ---- | M] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [color="#A23BEC"]< C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log >[/color] [2009-09-05 10:12:27 | 000,000,107 | ---- | M] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [color="#A23BEC"]< C:\Windows\tasks\GoogleUpdateTaskMachineCore.job >[/color] [2011-02-07 08:35:16 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [color="#A23BEC"]< C:\Windows\tasks\GoogleUpdateTaskMachineUA.job >[/color] [2011-02-06 21:30:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [color="#A23BEC"]< C:\Windows\tasks\HPCeeScheduleForMonika.job >[/color] [2011-02-03 15:10:41 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMonika.job [color="#A23BEC"]< C:\Program Files (x86)\DAEMON Tools Toolbar >[/color] [color="#A23BEC"]< >[/color] [color="#A23BEC"]< :Commands >[/color] [color="#A23BEC"]< [emptytemp] >[/color] < End of report > [/log] Extras3.txt [log]OTL Extras logfile created on: 2011-02-07 08:44:12 - Run 3 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Monika\Desktop\Śmieci 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,67 Gb Total Space | 303,79 Gb Free Space | 67,11% Space Free | Partition Type: NTFS Drive D: | 12,79 Gb Total Space | 2,13 Gb Free Space | 16,69% Space Free | Partition Type: NTFS Computer Name: MONIKA-KOMPUTER | User Name: Monika | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color="#E56717"]========== Extra Registry (SafeList) ==========[/color] [color="#E56717"]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color="#E56717"]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" [2010-01-20 09:40:11 | 000,000,000 | ---D | M] Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" [2010-01-20 09:40:11 | 000,000,000 | ---D | M] Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color="#E56717"]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color="#E56717"]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color="#E56717"]========== Authorized Applications List ==========[/color] [color="#E56717"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources "{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java™ 6 Update 14 (64-bit) "{33B18075-C7DF-4839-8517-C6E9338D84F2}" = HP 3D DriveGuard "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety "{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{62A20ECA-920E-4052-BF77-88C78DD20FAA}" = Validity Sensors DDK "{6C47240C-016E-03B5-D13E-AECAED09F2E3}" = ATI Catalyst Install Manager "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{ADEB3402-CFBD-00E2-0EE6-F6A3F1AFACF0}" = ccc-utility64 "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{C02C2C22-2EB1-47C8-B74F-8AB1A62FAE31}" = Windows Live Family Safety "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DD3BF908-F6B0-45A5-BED3-79E8888DDA93}" = DigitalPersona Personal 4.10 "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "CCleaner" = CCleaner "FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = WinRAR archiver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51 "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{08DB3902-2CE0-474D-BCE3-0177766CE9F1}" = HP Support Assistant "{09CC0D0E-061D-3C7B-3881-D2EB53A8AAFC}" = CCC Help Polish "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0 "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver "{26606D8F-3133-DBE2-8AF5-AB28F300860A}" = CCC Help Chinese Standard "{266D0EEA-E5A6-4A08-A0EE-5391D4EA44A7}" = Catalyst Control Center - Branding "{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java™ 6 Update 16 "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 23 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{2b6ce61a-cb33-4514-b3ec-cd5d768c73df}" = Nero 9 Trial "{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "{306B39C9-3AB1-4161-8567-9C7E50B41AE3}" = Microsoft Works "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33C17B75-EA9C-0687-9CED-03D92637B042}" = CCC Help Hungarian "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode "{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent "{3F50AF3B-8997-4916-0095-99D63DDB785A}" = Harry Potter TM "{3FBDB7B8-7472-E895-2E5D-99D190B2D1B6}" = Catalyst Control Center InstallProxy "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4D78445A-8AA1-4E4E-9848-C5561D7ED4AB}" = CTK-900, WK-3200/3700 Music Data Management Software "{4E432692-A736-4F77-AF77-F9078CF88D31}" = HP Wireless Assistant "{5271C0D4-24E4-4C3D-A782-C012033FD3CF}" = AMD USB Filter Driver "{543E6ACA-51B7-4283-82F2-57C0582A53C5}" = Windows Live UX Platform Language Pack "{546937C5-0529-333E-0D5E-FE3C53108806}" = CCC Help Japanese "{55C70B62-5EF1-D527-7CAB-E50D8B3B4990}" = Catalyst Control Center Graphics Full New "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{577ED77E-25D9-1A76-4EF0-773B9C173758}" = CCC Help Portuguese "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress "{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime "{5DB4EA68-A509-D408-585C-C9D045FADF72}" = Catalyst Control Center Graphics Previews Vista "{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6D335F78-1F4F-7826-56DD-4F350EA6EADD}" = CCC Help Greek "{6E7B12B6-DA76-4167-BB65-491C18F8236B}" = Hotel Giant "{6EF04EAE-0354-9919-E757-F1203E6F422B}" = CCC Help Italian "{7028B245-30A2-BD8C-31B9-6008216FBDC2}" = CCC Help French "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games) "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{779D3256-84D0-936F-18F9-A154DC85B4B4}" = Catalyst Control Center Localization All "{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights "{78a0a27f-1a47-4aa6-a53a-bf6e2308985e}" = Nero 9 Essentials "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7BF68B83-5057-4D4B-0093-28285EEB9EE3}" = Harry Potter II "{7F4DA5B8-6884-47F2-AEBA-D9111E420C63}" = CCC Help Danish "{7F9A8D27-A1B9-164F-FCB1-0B64C88629CF}" = CCC Help Norwegian "{803263F7-8CAC-DC6D-3288-8128865A7472}" = CCC Help German "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8CC47AA0-5774-61FC-6A59-7E1C936DB753}" = ccc-core-static "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8DD86BF7-28B3-4CE9-88AE-E6EC790CAECA}" = Kerio Personal Firewall "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_HOMESTUDENTR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0415-1000-0000000FF1CE}_HOMESTUDENTR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_HOMESTUDENTR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00AF-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Polish) "{95140000-007A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A28867B-109A-5BBF-85C0-FC1BAA98CA1C}" = CCC Help Russian "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap "{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A8BCC9E4-9036-3029-F2BC-AA73A62DA73D}" = CCC Help Turkish "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1045-7B44-A91000000001}" = Adobe Reader 9.1 - Polish "{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych "{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154 "{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor "{B5C746E6-D961-445C-3768-5B6FAF6A1A31}" = CCC Help Spanish "{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update "{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{BD8DA595-F501-4ABE-85A0-5C23E82472A0}" = Pomocnik Messenger "{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3 "{C0769946-2CF1-9E8D-009B-5C413B3F01D1}" = CCC Help Czech "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C4F7EEE5-3D99-8552-7483-B2F412838B2A}" = Catalyst Control Center Graphics Previews Common "{C4FFCD8D-3A06-E243-2747-2CE771A8B7D4}" = EA Download Manager UI "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update "{D4C41D27-A2D5-94C6-1D08-3D470A12EAF0}" = CCC Help Swedish "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{D9D6A848-1BFD-592B-5F9D-0BA8692FDF0B}" = CCC Help Finnish "{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DCD91C2F-3A86-B328-59A0-5EED6190D983}" = Catalyst Control Center Graphics Full Existing "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer "{E5F5CAA5-84ED-DE41-40D0-8926FE7E5F4D}" = Catalyst Control Center Graphics Light "{E6CE345D-BF83-1242-9E4D-3D60A5036D87}" = CCC Help English "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EC155897-712F-5637-A5DA-6C7CE7CB5521}" = CCC Help Korean "{F0580F64-44A1-C607-9364-887912B74F4D}" = CCC Help Thai "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup "{F3F9A4E5-CD9F-4657-CF99-5CE3F7729909}" = Catalyst Control Center Core Implementation "{F5B1D41A-05B9-98E2-C350-E69D4A444CB4}" = CCC Help Chinese Traditional "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool "{FCF0F615-6E70-B949-028F-88D32C55C2BC}" = CCC Help Dutch "AC3Filter_is1" = AC3Filter 1.63b "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AOL Toolbar" = Pasek narzędzi AOL 5.0 "ASIO4ALL" = ASIO4ALL "Ask Toolbar_is1" = Vuze Toolbar "Audacity_is1" = Audacity 1.2.6 "avast5" = avast! Free Antivirus "Bass Audio Decoder" = Bass Audio Decoder (remove only) "CD Audio Reader Filter" = CD Audio Reader Filter (remove only) "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "Chicken Invaders 2_is1" = Chicken Invaders 2 v2.61 "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI "DCoder Image Source" = DCoder Image Source (remove only) "Drumaxx" = Drumaxx "DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders "EA Download Manager" = EA Download Manager "ENTERPRISE" = Microsoft Office Enterprise 2007 "Gadu-Gadu" = Gadu-Gadu 7.7 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "GIF Movie Gear_is1" = GIF Movie Gear 4.2.3 "GOM Player" = GOM Player "Google Chrome" = Google Chrome "Hardcore" = Hardcore "HateML_is1" = HateML 1.1 build 05 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "IL Download Manager" = IL Download Manager "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "KLiteCodecPack_is1" = K-Lite Codec Pack 6.8.0 (Full) "Kurs Photoshop CS4 - Fotografia cyfrowa" = Kurs Photoshop CS4 - Fotografia cyfrowa "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MIKSOFT Mobile AMR converter_is1" = MIKSOFT Mobile AMR converter "MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only) "MoorHunt_is1" = MoorHunt 0.6.7.2 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NoteWorthy Composer" = NoteWorthy Composer "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "NSIS_wordwise" = WordWise Dictionary "OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only) "PhotoScape" = PhotoScape "PoiZone" = PoiZone "QUICKfind" = QUICKfind server v1.1 "RealMedia" = RealMedia (remove only) "Sakura" = Sakura "Sawer" = Sawer "Tlen.pl" = Tlen.pl "Toxic Biohazard" = Toxic Biohazard "WavePad" = WavePad Sound Editor "WildTangent hp Master Uninstall" = HP Games "Winamp" = Winamp "WinGimp-2.0_is1" = GIMP 2.6.5 "WinLiveSuite" = Podstawowe programy Windows Live "ZoomPlayer" = Zoom Player (remove only) [color="#E56717"]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Tlen.pl" = Tlen.pl "Winamp Detect" = Detektor Winampa [color="#E56717"]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > [/log] log3.txt [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Monika at 2011-02-07 09:11:14 Microsoft Windows 7 Home Premium System drive C: has 315 GB (68%) free of 464 GB Total RAM: 4092 MB (68% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 09:11:22, on 2011-02-07 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Users\Monika\Desktop\Śmieci\RSIT.exe C:\Program Files (x86)\trend micro\Monika.exe C:\ProgramData\Macrovision\FLEXnet Connect\6\agent.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb"]http://ie.redirect.h...avilion&pf=cnnb[/url] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://search.conduit.com?SearchSource=10&ctid=CT2475029"]http://go.microsoft....&ctid=CT2475029[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb"]http://ie.redirect.h...avilion&pf=cnnb[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb"]http://go.microsoft....avilion&pf=cnnb[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:25560 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: 69.10.57.34 google.com O1 - Hosts: 69.10.57.34 google.com.au O1 - Hosts: 69.10.57.34 www.google.com.au O1 - Hosts: 69.10.57.34 google.be O1 - Hosts: 69.10.57.34 www.google.be O1 - Hosts: 69.10.57.34 google.com.br O1 - Hosts: 69.10.57.34 www.google.com.br O1 - Hosts: 69.10.57.34 google.ca O1 - Hosts: 69.10.57.34 www.google.ca O1 - Hosts: 69.10.57.34 google.ch O1 - Hosts: 69.10.57.34 www.google.ch O1 - Hosts: 69.10.57.34 google.de O1 - Hosts: 69.10.57.34 www.google.de O1 - Hosts: 69.10.57.34 google.dk O1 - Hosts: 69.10.57.34 www.google.dk O1 - Hosts: 69.10.57.34 google.fr O1 - Hosts: 69.10.57.34 www.google.fr O1 - Hosts: 69.10.57.34 google.ie O1 - Hosts: 69.10.57.34 www.google.ie O1 - Hosts: 69.10.57.34 google.it O1 - Hosts: 69.10.57.34 www.google.it O1 - Hosts: 69.10.57.34 google.co.jp O1 - Hosts: 69.10.57.34 www.google.co.jp O1 - Hosts: 69.10.57.34 google.nl O1 - Hosts: 69.10.57.34 www.google.nl O1 - Hosts: 69.10.57.34 google.no O1 - Hosts: 69.10.57.34 www.google.no O1 - Hosts: 69.10.57.34 google.co.nz O1 - Hosts: 69.10.57.34 www.google.co.nz O1 - Hosts: 69.10.57.34 google.pl O1 - Hosts: 69.10.57.34 www.google.pl O1 - Hosts: 69.10.57.34 google.se O1 - Hosts: 69.10.57.34 www.google.se O1 - Hosts: 69.10.57.34 google.co.uk O1 - Hosts: 69.10.57.34 google.co.za O1 - Hosts: 69.10.57.34 www.google.co.za O1 - Hosts: 69.10.57.34 www.bing.com O1 - Hosts: 69.10.57.34 search.yahoo.com O1 - Hosts: 69.10.57.34 www.search.yahoo.com O1 - Hosts: 69.10.57.34 uk.search.yahoo.com O1 - Hosts: 69.10.57.34 ca.search.yahoo.com O1 - Hosts: 69.10.57.34 de.search.yahoo.com O1 - Hosts: 69.10.57.34 fr.search.yahoo.com O1 - Hosts: 69.10.57.34 au.search.yahoo.com O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Pomocnik logowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O15 - Trusted Zone: [url="http://apps.facebook.com"]http://apps.facebook.com[/url] O15 - Trusted Zone: [url="http://www.gorskanatura.pl"]http://www.gorskanatura.pl[/url] O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15652 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}] DigitalPersona Personal Extension - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-07-01 1256512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik logowania za pomocą identyfikatora Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-22 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}] QUICKfind BHO Object - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll [2007-02-16 457216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-10-28 42088] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304] "HPCam_Menu"=c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2009-02-25 218408] "DpAgent"=C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [2009-07-01 842816] "QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-08-20 322104] "UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] ""= [] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] "avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624] "WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-03-23 500792] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2007-10-19 286720] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392] "AdobeBridge"= [] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli DPPWDFLT [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "WallpaperStyle"=2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=2 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "DisallowRun"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger="svchost.exe ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2011-02-07 09:07:50 ----D---- C:\_OTL 2011-02-04 20:42:36 ----D---- C:\rsit 2011-02-04 11:11:23 ----D---- C:\Program Files (x86)\CASIO 2011-01-28 16:36:13 ----D---- C:\Users\Monika\AppData\Roaming\NCH Software 2011-01-28 16:35:55 ----D---- C:\Users\Monika\AppData\Roaming\NCH Swift Sound 2011-01-28 16:35:54 ----D---- C:\ProgramData\NCH Swift Sound 2011-01-28 16:35:48 ----D---- C:\Program Files (x86)\NCH Swift Sound 2011-01-25 21:23:42 ----D---- C:\Program Files (x86)\Pure Sudoku 2011-01-21 21:26:02 ----D---- C:\Users\Monika\AppData\Roaming\Media Player Classic 2011-01-21 21:25:08 ----A---- C:\Windows\SysWOW64\unrar.dll 2011-01-21 21:25:07 ----A---- C:\Windows\avisplitter.ini 2011-01-21 21:24:49 ----D---- C:\Program Files (x86)\K-Lite Codec Pack 2011-01-16 18:20:51 ----D---- C:\Users\Monika\AppData\Roaming\Malwarebytes 2011-01-16 18:20:44 ----A---- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys 2011-01-16 18:20:43 ----D---- C:\ProgramData\Malwarebytes 2011-01-16 18:20:40 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-01-16 17:55:51 ----D---- C:\Program Files (x86)\Trend Micro 2011-01-16 15:17:54 ----SHD---- C:\ProgramData\PIJGS 2011-01-16 15:15:48 ----SHD---- C:\ProgramData\eeab61 2011-01-12 16:11:06 ----A---- C:\Windows\SysWOW64\d3d10warp.dll 2011-01-12 16:11:04 ----A---- C:\Windows\SysWOW64\d2d1.dll 2011-01-12 16:11:03 ----A---- C:\Windows\SysWOW64\DWrite.dll 2011-01-12 16:11:02 ----A---- C:\Windows\SysWOW64\XpsPrint.dll 2011-01-12 16:11:00 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll 2011-01-12 16:11:00 ----A---- C:\Windows\SysWOW64\ExplorerFrame.dll 2011-01-12 16:11:00 ----A---- C:\Windows\SysWOW64\d3d10_1core.dll 2011-01-12 16:10:59 ----A---- C:\Windows\SysWOW64\XpsRasterService.dll 2011-01-12 16:10:59 ----A---- C:\Windows\SysWOW64\d3d10_1.dll 2011-01-12 16:10:36 ----A---- C:\Windows\SysWOW64\odbc32.dll ======List of files/folders modified in the last 1 months====== 2011-02-07 09:11:21 ----D---- C:\Windows\Temp 2011-02-07 09:08:32 ----D---- C:\Windows\SysWOW64 2011-02-07 09:08:13 ----HD---- C:\ProgramData 2011-02-07 09:08:13 ----D---- C:\Windows\Tasks 2011-02-07 09:08:13 ----D---- C:\Program Files (x86) 2011-02-07 09:07:59 ----D---- C:\Program Files (x86)\ConduitEngine 2011-02-07 08:59:44 ----D---- C:\Windows\Microsoft.NET 2011-02-06 22:47:15 ----D---- C:\Users\Monika\AppData\Roaming\Tlen.pl 2011-02-05 09:49:39 ----D---- C:\Windows\SysWOW64\drivers 2011-02-04 22:20:27 ----D---- C:\Windows 2011-02-04 20:19:44 ----D---- C:\Users\Monika\AppData\Roaming\Winamp 2011-02-04 20:19:40 ----D---- C:\Users\Monika\AppData\Roaming\Azureus 2011-02-04 20:10:10 ----D---- C:\Windows\debug 2011-02-04 20:04:33 ----RD---- C:\Program Files 2011-02-04 18:42:34 ----SHD---- C:\System Volume Information 2011-02-04 11:11:29 ----SHD---- C:\Windows\Installer 2011-02-04 11:10:31 ----D---- C:\Windows\Downloaded Installations 2011-02-03 20:18:45 ----D---- C:\Program Files (x86)\Tlen.pl 2011-02-01 14:52:04 ----D---- C:\Windows\winsxs 2011-01-29 14:12:00 ----D---- C:\Windows\System32 2011-01-29 14:12:00 ----D---- C:\Windows\inf 2011-01-29 10:04:34 ----D---- C:\Program Files (x86)\Google 2011-01-27 21:19:46 ----D---- C:\Windows\rescache 2011-01-21 21:24:55 ----D---- C:\Program Files (x86)\DScaler5 2011-01-21 21:24:04 ----D---- C:\Program Files (x86)\DirectVobSub 2011-01-21 21:23:59 ----D---- C:\Program Files (x86)\OpenSource Flash Video Splitter 2011-01-21 21:23:44 ----D---- C:\Program Files (x86)\SHOUTcast Source 2011-01-21 20:38:55 ----D---- C:\Program Files (x86)\Gabest MPEG Splitter 2011-01-18 18:05:34 ----D---- C:\Program Files (x86)\MoorHunt 2011-01-16 10:53:38 ----D---- C:\Program Files (x86)\Zoom Player 2011-01-16 09:13:04 ----A---- C:\ProgramData\HPWALog.txt 2011-01-13 16:36:01 ----D---- C:\ProgramData\Microsoft Help 2011-01-13 09:47:32 ----A---- C:\Windows\SysWOW64\aswBoot.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [] R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [] R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [] R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [] R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [] R3 BthEnum;Sterownik Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [] R3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [] R3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [] R3 btwaudio;Urz1dzenie dYwiekowe Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [] R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [] R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [] R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [] R3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [] R3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [] R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [] S1 fwdrv;Firewall Driver; C:\Windows\system32\drivers\fwdrv.sys [2005-03-21 270336] S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [] S3 ano28u0a;ano28u0a; C:\Windows\SysWOW64\drivers\ano28u0a.sys [] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [] S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 864032] R2 DpHost;@C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe [2009-07-01 322624] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [] R2 KPF4;Kerio Personal Firewall 4; C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe [2005-03-23 1941504] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728] R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [2009-07-22 240128] R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2009-07-12 1656112] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-10-14 751672] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-15 136176] S2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-11-15 126520] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF----------------- [/log] 02072011_090750.log [log]All processes killed ========== OTL ========== Process ASKUpgrade.exe killed successfully! Process AskService.exe killed successfully! Service ASKUpgrade stopped successfully! Service ASKUpgrade deleted successfully! C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe moved successfully. Service ASKService stopped successfully! Service ASKService deleted successfully! C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe moved successfully. Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename Prefs.js: "MyAshampoo Customized Web Search" removed from browser.search.defaultthis.engineName Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1 Prefs.js: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=GRfox000&fl=0&ptb=aFw2119Ngwscjb2pn3DCcw&url=http://search.mywebsearch.com/mywebsearch/GGmain.jhtml&st=kwd&n=77ce832e&searchfor=" removed from keyword.URL Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com deleted successfully. File C:\Program Files (x86)\MyWebSearch\bar\1.bin not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully. C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}\ deleted successfully. C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully. C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll moved successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully. File C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. File C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ deleted successfully. File C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}\ deleted successfully. File C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll not found. Registry value HKEY_USERS\S-1-5-21-2370041813-287283787-2202013241-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found. File C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll not found. Registry value HKEY_USERS\S-1-5-21-2370041813-287283787-2202013241-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}\ not found. File MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\Shell - "" = AutoRun not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4cb900f2-045b-11df-babd-0027133948cb}\ not found. File F:\SETUP.EXE not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4cb900f2-045b-11df-babd-0027133948cb}\ not found. File F:\SETUP.EXE not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4cb900f2-045b-11df-babd-0027133948cb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4cb900f2-045b-11df-babd-0027133948cb}\ not found. File F:\SETUP.EXE not found. ========== FILES ========== C:\Users\Monika\AppData\Roaming\wklnhst.dat moved successfully. C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log moved successfully. C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log moved successfully. C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log moved successfully. C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log moved successfully. C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log moved successfully. C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log moved successfully. C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log moved successfully. C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log moved successfully. C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log moved successfully. C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully. C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully. C:\Windows\tasks\HPCeeScheduleForMonika.job moved successfully. C:\Program Files (x86)\DAEMON Tools Toolbar folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator User: All Users User: AppData User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 41620 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Monika ->Temp folder emptied: 344709 bytes ->Temporary Internet Files folder emptied: 8533192 bytes ->Java cache emptied: 48648546 bytes ->FireFox cache emptied: 67010190 bytes ->Google Chrome cache emptied: 0 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 49111 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 23425 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33237 bytes RecycleBin emptied: 3747183620 bytes Total Files Cleaned = 3 693,00 mb OTL by OldTimer - Version 3.2.20.6 log created on 02072011_090750 Files\Folders moved on Reboot... C:\Users\Monika\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot... [/log]
Tomek01 komentarz 7 lutego 2011 komentarz 7 lutego 2011 Nowe logi OTL i RSIT miałeś wykonać po wykonaniu skryptu. Czy tak było ?
krzysiek15 komentarz 7 lutego 2011 Autor komentarz 7 lutego 2011 OK, chyba pomieszałem pliki. Zrobiłem nowy skan OTL.txt [log]OTL logfile created on: 2011-02-07 15:27:36 - Run 4 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Monika\Desktop\Śmieci 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,67 Gb Total Space | 305,39 Gb Free Space | 67,46% Space Free | Partition Type: NTFS Drive D: | 12,79 Gb Total Space | 2,13 Gb Free Space | 16,69% Space Free | Partition Type: NTFS Computer Name: MONIKA-KOMPUTER | User Name: Monika | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-02-04 20:02:16 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\Śmieci\OTL.exe PRC - [2011-01-13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011-01-13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010-12-12 08:00:28 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2010-12-12 08:00:27 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010-10-14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe PRC - [2010-10-14 17:22:50 | 000,751,672 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe PRC - [2010-09-22 11:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2010-08-13 12:06:46 | 018,354,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE PRC - [2010-08-13 12:04:34 | 000,408,936 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE PRC - [2010-05-15 13:27:36 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe PRC - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2009-08-20 13:34:04 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe PRC - [2009-08-20 13:25:58 | 002,363,392 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe PRC - [2009-08-20 10:46:04 | 000,322,104 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe PRC - [2009-07-23 19:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe PRC - [2009-07-23 10:37:16 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe PRC - [2009-07-01 17:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe PRC - [2009-07-01 17:43:54 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe PRC - [2009-07-01 17:43:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe PRC - [2009-07-01 14:44:34 | 000,632,888 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe PRC - [2009-06-20 01:18:41 | 005,853,672 | ---- | M] (o2.pl Sp. z o.o.) -- C:\Program Files (x86)\Tlen.pl\tlen.exe PRC - [2009-05-05 10:11:50 | 000,228,408 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe PRC - [2009-01-21 19:47:38 | 000,247,152 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe PRC - [2008-12-08 13:50:04 | 000,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe PRC - [2008-01-02 11:51:10 | 001,090,048 | ---- | M] () -- C:\Program Files (x86)\Zoom Player\zplayer.exe PRC - [2005-03-23 16:27:18 | 001,941,504 | ---- | M] (Kerio Technologies) -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe PRC - [2005-03-23 16:24:34 | 002,899,968 | ---- | M] (Kerio Technologies) -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4gui.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-04 20:02:16 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\Śmieci\OTL.exe MOD - [2011-01-20 13:32:00 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2010-08-21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2010-07-27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2010-06-29 06:02:02 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010-04-07 08:10:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2010-03-24 07:37:04 | 001,289,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2009-12-11 08:39:06 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2009-12-11 08:36:33 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2009-07-14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2009-07-14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2009-07-14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2009-07-14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2009-07-14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2009-07-14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2009-07-14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2009-07-14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2009-07-14 02:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2009-07-14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 02:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2009-07-14 02:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2009-07-14 02:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 02:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2009-07-14 02:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011-01-13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2010-09-22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b]64bit:[/b] - [2009-07-22 02:33:32 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe -- (STacSV) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-12 21:18:24 | 001,924,400 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService) SRV:[b]64bit:[/b] - [2009-07-08 12:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv) SRV:[b]64bit:[/b] - [2009-07-02 19:16:06 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009-07-01 17:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b]64bit:[/b] - [2009-03-02 22:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe -- (AESTFilters) SRV - [2010-10-14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe) SRV - [2010-10-12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009-07-12 21:04:26 | 001,656,112 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService) SRV - [2009-07-01 17:43:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2005-03-23 16:27:18 | 001,941,504 | ---- | M] (Kerio Technologies) [Auto | Running] -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe -- (KPF4) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011-01-13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2010-09-22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2010-01-18 18:50:39 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2009-09-22 02:47:14 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2009-08-28 09:33:48 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2009-07-22 02:33:32 | 000,487,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:[b]64bit:[/b] - [2009-07-21 04:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:[b]64bit:[/b] - [2009-07-17 21:58:30 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2009-07-17 21:58:24 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b]64bit:[/b] - [2009-07-17 21:58:22 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2009-07-17 21:58:18 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 00:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2009-07-08 12:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt) DRV:[b]64bit:[/b] - [2009-07-08 12:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer) DRV:[b]64bit:[/b] - [2009-07-02 19:51:30 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2009-06-29 19:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir) DRV:[b]64bit:[/b] - [2009-06-10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:[b]64bit:[/b] - [2009-06-10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:[b]64bit:[/b] - [2009-06-10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:[b]64bit:[/b] - [2009-06-10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:[b]64bit:[/b] - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2009-06-10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:[b]64bit:[/b] - [2009-06-10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-06-05 11:20:26 | 000,114,192 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2009-05-23 07:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2009-05-05 06:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:[b]64bit:[/b] - [2009-04-29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV:[b]64bit:[/b] - [2009-04-29 07:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV:[b]64bit:[/b] - [2009-03-09 05:49:08 | 000,036,408 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV - [2005-03-21 15:39:16 | 000,270,336 | ---- | M] (Kerio Technologies) [Kernel | System | Stopped] -- C:\Windows\system32\drivers\fwdrv.sys -- (fwdrv) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb IE - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25560 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl&bsv=1eic6yu9oa4y3&scc=1<mpl=default<mplcache=2" FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.3787 FF - prefs.js..extensions.enabledItems: exif_viewer@mozilla.doslash.org:1.55 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2009-10-20 01:06:07 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-12-12 08:00:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-01-04 15:04:40 | 000,000,000 | ---D | M] [2009-12-29 15:21:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Extensions [2009-12-29 15:21:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com [2011-02-06 20:04:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3qgdrr8t.default\extensions [2010-08-11 08:04:53 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3qgdrr8t.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2010-06-26 15:29:07 | 000,000,000 | ---D | M] ("Exif Viewer") -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3qgdrr8t.default\extensions\exif_viewer@mozilla.doslash.org [2009-12-23 10:00:41 | 000,000,687 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\3qgdrr8t.default\searchplugins\ask.xml [2010-01-20 11:19:10 | 000,000,923 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\3qgdrr8t.default\searchplugins\conduit.xml [2010-02-27 15:56:31 | 000,009,977 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\3qgdrr8t.default\searchplugins\mywebsearch.xml [2011-01-16 18:32:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011-01-04 15:04:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2009-10-20 01:06:07 | 000,000,000 | ---D | M] (DigitalPersona Extension) -- C:\PROGRAM FILES (X86)\DIGITALPERSONA\BIN\FIREFOXEXT [2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010-03-16 12:57:46 | 000,120,296 | ---- | M] ( ) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npganymedenet.dll [2010-12-09 11:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll [2010-10-24 12:56:44 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-08-18 12:05:39 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml [2010-10-24 12:56:44 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-10-24 12:56:44 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\merlin-pl.xml [2011-01-02 08:20:38 | 000,045,258 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\Mp3Rocket.xml [2011-01-02 08:20:38 | 000,045,238 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\Mp3Rocket.xml.bak [2010-10-24 12:56:44 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-10-24 12:56:44 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-10-24 12:56:44 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-01-16 15:50:37 | 000,002,069 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 69.10.57.34 google.com O1 - Hosts: 69.10.57.34 google.com.au O1 - Hosts: 69.10.57.34 www.google.com.au O1 - Hosts: 69.10.57.34 google.be O1 - Hosts: 69.10.57.34 www.google.be O1 - Hosts: 69.10.57.34 google.com.br O1 - Hosts: 69.10.57.34 www.google.com.br O1 - Hosts: 69.10.57.34 google.ca O1 - Hosts: 69.10.57.34 www.google.ca O1 - Hosts: 69.10.57.34 google.ch O1 - Hosts: 69.10.57.34 www.google.ch O1 - Hosts: 69.10.57.34 google.de O1 - Hosts: 69.10.57.34 www.google.de O1 - Hosts: 69.10.57.34 google.dk O1 - Hosts: 69.10.57.34 www.google.dk O1 - Hosts: 69.10.57.34 google.fr O1 - Hosts: 69.10.57.34 www.google.fr O1 - Hosts: 69.10.57.34 google.ie O1 - Hosts: 69.10.57.34 www.google.ie O1 - Hosts: 69.10.57.34 google.it O1 - Hosts: 69.10.57.34 www.google.it O1 - Hosts: 69.10.57.34 google.co.jp O1 - Hosts: 69.10.57.34 www.google.co.jp O1 - Hosts: 69.10.57.34 google.nl O1 - Hosts: 69.10.57.34 www.google.nl O1 - Hosts: 21 more lines... O2:[b]64bit:[/b] - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..\Toolbar\WebBrowser: (no name) - {4C350B19-6CA1-4569-B14C-296D8D65300B} - No CLSID value found. O3 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..\Toolbar\WebBrowser: (no name) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No CLSID value found. O3 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..\Toolbar\WebBrowser: (no name) - {CE18769B-C7FA-42D2-860D-17C4662C70AD} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe () O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.) O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O7 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1 O7 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..Trusted Domains: facebook.com ([apps] http in Zaufane witryny) O15 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..Trusted Domains: gorskanatura.pl ([www] http in Zaufane witryny) O15 - HKU\S-1-5-21-2370041813-287283787-2202013241-1001\..Trusted Domains: gorskanatura.pl ([www] https in Zaufane witryny) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O27:[b]64bit:[/b] - HKLM IFEO\OLT.exe: Debugger - C:\Windows\SysNative\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\OLT.exe: Debugger - svchost.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* SafeBootMin:[b]64bit:[/b] AppMgmt - Service SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] mcmscsvc - Service SafeBootMin:[b]64bit:[/b] MCODS - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: mcmscsvc - Service SafeBootMin: MCODS - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - Service SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] mcmscsvc - Service SafeBootNet:[b]64bit:[/b] MCODS - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] MpfService - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: mcmscsvc - Service SafeBootNet: MCODS - Service SafeBootNet: Messenger - Service SafeBootNet: MpfService - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-07 09:07:50 | 000,000,000 | ---D | C] -- C:\_OTL [2011-02-06 19:13:44 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Śmieci [2011-02-04 20:42:36 | 000,000,000 | ---D | C] -- C:\rsit [2011-02-04 20:04:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011-02-04 11:16:08 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\cms_rhythm [2011-02-04 11:11:26 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CASIO [2011-02-04 11:11:23 | 000,000,000 | ---D | C] -- C:\Users\Monika\Documents\WK-3700 [2011-02-04 11:11:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CASIO [2011-02-01 17:07:15 | 000,000,000 | ---D | C] -- C:\Users\Monika\Pulpit [2011-01-31 21:28:54 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C} [2011-01-28 16:36:13 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\NCH Software [2011-01-28 16:35:55 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\NCH Swift Sound [2011-01-28 16:35:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound [2011-01-28 16:35:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite [2011-01-28 16:35:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs [2011-01-28 16:35:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Swift Sound [2011-01-26 17:47:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011-01-25 21:23:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pure Sudoku [2011-01-21 21:26:02 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Media Player Classic [2011-01-21 21:25:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2011-01-21 21:24:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack [2011-01-16 18:20:51 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Malwarebytes [2011-01-16 18:20:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011-01-16 18:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011-01-16 18:20:40 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011-01-16 18:20:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011-01-16 17:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2011-01-16 17:55:51 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2011-01-16 15:17:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\PIJGS [2011-01-16 15:15:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\eeab61 [2011-01-16 08:40:21 | 000,237,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011-01-12 18:42:59 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Piosenki posegregować [2011-01-12 16:11:07 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2011-01-12 16:11:06 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll [2011-01-12 16:11:05 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011-01-12 16:11:04 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011-01-12 16:11:04 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2011-01-12 16:11:04 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011-01-12 16:11:03 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011-01-12 16:11:02 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011-01-12 16:11:02 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011-01-12 16:11:01 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2011-01-12 16:11:00 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2011-01-12 16:11:00 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2011-01-12 16:11:00 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011-01-12 16:11:00 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll [2011-01-12 16:10:59 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2011-01-12 16:10:59 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2011-01-12 16:10:59 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011-01-12 16:10:59 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011-01-12 16:10:59 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2011-01-12 16:10:59 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2011-01-12 16:10:36 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011-01-12 16:10:36 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2011-01-09 14:43:37 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Filmy Ani [2011-01-04 15:04:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011-01-04 15:04:40 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011-01-04 15:04:40 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011-01-04 15:04:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011-01-04 15:04:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011-01-02 16:28:24 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2011-01-02 16:27:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect [2011-01-02 16:27:47 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa [2011-01-02 16:27:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2011-01-02 16:27:20 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Winamp [2011-01-02 16:27:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp [2011-01-02 09:38:52 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\InstallShield [2010-12-31 22:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WildTangent Games [2010-12-30 13:22:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TimeAdjuster [2010-12-26 19:50:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MoorHunt [2010-12-21 10:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC} [2010-12-15 12:01:01 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2010-12-15 12:01:01 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2010-12-15 12:00:58 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2010-12-15 12:00:58 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2010-12-15 12:00:57 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2010-12-15 12:00:57 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2010-12-15 12:00:57 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2010-12-15 12:00:57 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2010-12-15 12:00:57 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2010-12-15 12:00:57 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2010-12-15 12:00:53 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010-12-15 12:00:53 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010-12-15 12:00:53 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010-12-15 12:00:53 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2010-12-15 12:00:50 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2010-12-15 12:00:39 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2010-12-15 12:00:38 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2010-12-15 12:00:37 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010-12-15 12:00:37 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010-12-15 12:00:37 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010-12-15 12:00:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010-12-15 12:00:37 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2010-12-15 12:00:37 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2010-12-15 12:00:36 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2010-12-15 12:00:36 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2010-12-15 12:00:36 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2010-12-15 12:00:36 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2010-12-15 12:00:35 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2010-12-15 12:00:35 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2010-12-11 14:14:25 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Local\Last.fm [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-07 14:50:50 | 000,023,097 | ---- | M] () -- C:\Users\Monika\Desktop\Filmy.xlsx [2011-02-07 14:12:49 | 222,806,558 | ---- | M] () -- C:\Users\Monika\Desktop\Camp.Rock.2.2010.DVDrip.Dubbing.PL.part2.rar.part [2011-02-07 14:12:49 | 000,000,000 | ---- | M] () -- C:\Users\Monika\Desktop\Camp.Rock.2.2010.DVDrip.Dubbing.PL.part2.rar [2011-02-07 14:11:17 | 104,857,600 | ---- | M] () -- C:\Users\Monika\Desktop\Hotel_Rad_jlp.part3.rar [2011-02-07 13:53:07 | 419,430,400 | ---- | M] () -- C:\Users\Monika\Desktop\Camp.Rock.2.2010.DVDrip.Dubbing.PL.part1.rar [2011-02-07 13:27:11 | 000,000,165 | -H-- | M] () -- C:\Users\Monika\Desktop\~$Filmy.xlsx [2011-02-07 13:09:21 | 104,857,600 | ---- | M] () -- C:\Users\Monika\Desktop\Hotel_Rad_jlp.part2.rar [2011-02-07 12:24:57 | 104,857,600 | ---- | M] () -- C:\Users\Monika\Desktop\Hotel_Rad_jlp.part1.rar [2011-02-07 10:31:22 | 000,015,065 | ---- | M] () -- C:\Users\Monika\Desktop\Książki.xlsx [2011-02-07 10:19:17 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-02-07 10:19:17 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-02-07 10:04:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-02-07 09:09:25 | 3218,235,392 | -HS- | M] () -- C:\hiberfil.sys [2011-02-05 15:53:42 | 000,010,463 | ---- | M] () -- C:\Users\Monika\Desktop\PP.docx [2011-02-04 22:52:10 | 005,013,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011-02-04 11:59:03 | 000,002,250 | ---- | M] () -- C:\Users\Monika\Desktop\Music Data Management Software.lnk [2011-01-29 14:12:00 | 001,536,718 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011-01-29 14:12:00 | 000,692,322 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2011-01-29 14:12:00 | 000,611,332 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011-01-29 14:12:00 | 000,133,892 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2011-01-29 14:12:00 | 000,105,512 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011-01-27 18:05:07 | 000,534,229 | ---- | M] () -- C:\Users\Monika\Desktop\Plan.jpg [2011-01-16 15:50:37 | 000,002,069 | RHS- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011-01-16 08:40:21 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011-01-13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011-01-13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011-01-13 09:47:23 | 000,237,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011-01-13 09:41:44 | 000,273,488 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011-01-13 09:40:20 | 000,051,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011-01-13 09:37:34 | 000,029,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011-01-13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011-01-13 09:37:12 | 000,020,560 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011-01-13 09:00:00 | 000,000,038 | ---- | M] () -- C:\Windows\avisplitter.ini [2010-12-31 22:19:02 | 000,000,376 | ---- | M] () -- C:\Users\Monika\Desktop\Minesweeper.lnk [2010-12-20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010-12-20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010-12-13 19:38:34 | 000,001,496 | ---- | M] () -- C:\Users\Monika\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs [2010-12-11 17:32:32 | 000,004,608 | ---- | M] () -- C:\Users\Monika\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-10 18:08:24 | 000,013,795 | ---- | M] () -- C:\Users\Monika\Documents\umowa najmu.docx [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-07 14:12:49 | 214,090,270 | ---- | C] () -- C:\Users\Monika\Desktop\Camp.Rock.2.2010.DVDrip.Dubbing.PL.part2.rar.part [2011-02-07 14:12:49 | 000,000,000 | ---- | C] () -- C:\Users\Monika\Desktop\Camp.Rock.2.2010.DVDrip.Dubbing.PL.part2.rar [2011-02-07 13:57:15 | 104,857,600 | ---- | C] () -- C:\Users\Monika\Desktop\Hotel_Rad_jlp.part3.rar [2011-02-07 13:27:11 | 000,000,165 | -H-- | C] () -- C:\Users\Monika\Desktop\~$Filmy.xlsx [2011-02-07 12:55:51 | 104,857,600 | ---- | C] () -- C:\Users\Monika\Desktop\Hotel_Rad_jlp.part2.rar [2011-02-07 12:11:16 | 104,857,600 | ---- | C] () -- C:\Users\Monika\Desktop\Hotel_Rad_jlp.part1.rar [2011-02-07 11:03:08 | 419,430,400 | ---- | C] () -- C:\Users\Monika\Desktop\Camp.Rock.2.2010.DVDrip.Dubbing.PL.part1.rar [2011-02-07 10:30:45 | 000,023,097 | ---- | C] () -- C:\Users\Monika\Desktop\Filmy.xlsx [2011-02-04 16:15:36 | 000,010,463 | ---- | C] () -- C:\Users\Monika\Desktop\PP.docx [2011-02-04 11:59:03 | 000,002,250 | ---- | C] () -- C:\Users\Monika\Desktop\Music Data Management Software.lnk [2011-02-03 18:13:12 | 000,000,978 | ---- | C] () -- C:\Users\Monika\Desktop\Gadu-Gadu.lnk [2011-01-28 16:35:49 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk [2011-01-27 18:03:58 | 000,534,229 | ---- | C] () -- C:\Users\Monika\Desktop\Plan.jpg [2011-01-21 21:25:08 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011-01-21 21:25:07 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011-01-02 14:12:01 | 000,015,065 | ---- | C] () -- C:\Users\Monika\Desktop\Książki.xlsx [2010-12-31 22:19:02 | 000,000,376 | ---- | C] () -- C:\Users\Monika\Desktop\Minesweeper.lnk [2010-12-13 19:38:34 | 000,001,496 | ---- | C] () -- C:\Users\Monika\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs [2010-12-10 10:29:16 | 000,013,795 | ---- | C] () -- C:\Users\Monika\Documents\umowa najmu.docx [2010-06-13 11:06:16 | 000,004,608 | ---- | C] () -- C:\Users\Monika\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-12-22 16:30:19 | 000,000,000 | ---- | C] () -- C:\Users\Monika\AppData\Local\QSwitch.txt [2009-12-22 16:30:19 | 000,000,000 | ---- | C] () -- C:\Users\Monika\AppData\Local\DSwitch.txt [2009-12-22 16:30:19 | 000,000,000 | ---- | C] () -- C:\Users\Monika\AppData\Local\AtStart.txt [2009-12-22 16:30:16 | 000,000,455 | ---- | C] () -- C:\ProgramData\HPWALog.txt [2009-07-15 16:50:42 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2007-01-23 13:11:20 | 000,141,312 | ---- | C] () -- C:\Windows\SysWow64\QFClient2.dll [2003-01-28 00:09:20 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\libexpat.dll [color=#E56717]========== LOP Check ==========[/color] [2011-02-04 20:19:40 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Azureus [2010-04-17 09:46:34 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Cool Record Edit Pro [2010-01-19 10:04:35 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\DAEMON Tools Lite [2009-12-22 16:30:14 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\DigitalPersona [2010-06-09 16:06:52 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Druk Świadectw [2011-01-02 09:37:16 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\FUJIFILM [2009-12-22 17:36:11 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Gadu-Gadu [2010-07-17 07:51:09 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\GanymedeNet [2010-06-26 14:48:04 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\gtk-2.0 [2010-04-28 17:57:51 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\HateML [2009-12-24 15:20:02 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\iWin [2010-06-29 12:41:26 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Leadertech [2010-10-03 18:35:24 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\MP3Rocket [2011-01-28 16:35:55 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\NCH Swift Sound [2010-04-12 18:35:02 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu [2010-02-11 21:06:58 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\OpenOffice.org [2010-09-26 08:37:00 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Opera [2010-04-11 15:34:08 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\PhotoFiltre [2009-12-24 14:16:10 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\PlayFirst [2010-09-05 16:51:25 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2009-12-22 18:11:10 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Template [2011-02-07 14:20:31 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Tlen.pl [2010-10-28 19:16:51 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Windows Live Writer [2010-03-07 14:32:16 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\wordwise [2010-12-10 10:09:00 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-07-14 02:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2011-02-07 09:09:25 | 3218,235,392 | -HS- | M] () -- C:\hiberfil.sys [2010-01-07 16:47:40 | 000,000,185 | ---- | M] () -- C:\hpqlb.log [2011-02-07 09:09:28 | 4290,981,888 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2007-05-17 20:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys [2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009-10-28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe [2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < End of report > [/log] Extras.txt [log]OTL Extras logfile created on: 2011-02-07 15:27:36 - Run 4 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Monika\Desktop\Śmieci 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,67 Gb Total Space | 305,39 Gb Free Space | 67,46% Space Free | Partition Type: NTFS Drive D: | 12,79 Gb Total Space | 2,13 Gb Free Space | 16,69% Space Free | Partition Type: NTFS Computer Name: MONIKA-KOMPUTER | User Name: Monika | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources "{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit) "{33B18075-C7DF-4839-8517-C6E9338D84F2}" = HP 3D DriveGuard "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety "{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{62A20ECA-920E-4052-BF77-88C78DD20FAA}" = Validity Sensors DDK "{6C47240C-016E-03B5-D13E-AECAED09F2E3}" = ATI Catalyst Install Manager "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{ADEB3402-CFBD-00E2-0EE6-F6A3F1AFACF0}" = ccc-utility64 "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{C02C2C22-2EB1-47C8-B74F-8AB1A62FAE31}" = Windows Live Family Safety "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DD3BF908-F6B0-45A5-BED3-79E8888DDA93}" = DigitalPersona Personal 4.10 "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "CCleaner" = CCleaner "FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = WinRAR archiver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51 "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{08DB3902-2CE0-474D-BCE3-0177766CE9F1}" = HP Support Assistant "{09CC0D0E-061D-3C7B-3881-D2EB53A8AAFC}" = CCC Help Polish "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0 "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver "{26606D8F-3133-DBE2-8AF5-AB28F300860A}" = CCC Help Chinese Standard "{266D0EEA-E5A6-4A08-A0EE-5391D4EA44A7}" = Catalyst Control Center - Branding "{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16 "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 23 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{2b6ce61a-cb33-4514-b3ec-cd5d768c73df}" = Nero 9 Trial "{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "{306B39C9-3AB1-4161-8567-9C7E50B41AE3}" = Microsoft Works "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33C17B75-EA9C-0687-9CED-03D92637B042}" = CCC Help Hungarian "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode "{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent "{3F50AF3B-8997-4916-0095-99D63DDB785A}" = Harry Potter TM "{3FBDB7B8-7472-E895-2E5D-99D190B2D1B6}" = Catalyst Control Center InstallProxy "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4D78445A-8AA1-4E4E-9848-C5561D7ED4AB}" = CTK-900, WK-3200/3700 Music Data Management Software "{4E432692-A736-4F77-AF77-F9078CF88D31}" = HP Wireless Assistant "{5271C0D4-24E4-4C3D-A782-C012033FD3CF}" = AMD USB Filter Driver "{543E6ACA-51B7-4283-82F2-57C0582A53C5}" = Windows Live UX Platform Language Pack "{546937C5-0529-333E-0D5E-FE3C53108806}" = CCC Help Japanese "{55C70B62-5EF1-D527-7CAB-E50D8B3B4990}" = Catalyst Control Center Graphics Full New "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{577ED77E-25D9-1A76-4EF0-773B9C173758}" = CCC Help Portuguese "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress "{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime "{5DB4EA68-A509-D408-585C-C9D045FADF72}" = Catalyst Control Center Graphics Previews Vista "{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6D335F78-1F4F-7826-56DD-4F350EA6EADD}" = CCC Help Greek "{6E7B12B6-DA76-4167-BB65-491C18F8236B}" = Hotel Giant "{6EF04EAE-0354-9919-E757-F1203E6F422B}" = CCC Help Italian "{7028B245-30A2-BD8C-31B9-6008216FBDC2}" = CCC Help French "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games) "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{779D3256-84D0-936F-18F9-A154DC85B4B4}" = Catalyst Control Center Localization All "{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights "{78a0a27f-1a47-4aa6-a53a-bf6e2308985e}" = Nero 9 Essentials "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7BF68B83-5057-4D4B-0093-28285EEB9EE3}" = Harry Potter II "{7F4DA5B8-6884-47F2-AEBA-D9111E420C63}" = CCC Help Danish "{7F9A8D27-A1B9-164F-FCB1-0B64C88629CF}" = CCC Help Norwegian "{803263F7-8CAC-DC6D-3288-8128865A7472}" = CCC Help German "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8CC47AA0-5774-61FC-6A59-7E1C936DB753}" = ccc-core-static "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8DD86BF7-28B3-4CE9-88AE-E6EC790CAECA}" = Kerio Personal Firewall "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_HOMESTUDENTR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0415-1000-0000000FF1CE}_HOMESTUDENTR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_HOMESTUDENTR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00AF-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Polish) "{95140000-007A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A28867B-109A-5BBF-85C0-FC1BAA98CA1C}" = CCC Help Russian "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap "{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A8BCC9E4-9036-3029-F2BC-AA73A62DA73D}" = CCC Help Turkish "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1045-7B44-A91000000001}" = Adobe Reader 9.1 - Polish "{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych "{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154 "{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor "{B5C746E6-D961-445C-3768-5B6FAF6A1A31}" = CCC Help Spanish "{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update "{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{BD8DA595-F501-4ABE-85A0-5C23E82472A0}" = Pomocnik Messenger "{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3 "{C0769946-2CF1-9E8D-009B-5C413B3F01D1}" = CCC Help Czech "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C4F7EEE5-3D99-8552-7483-B2F412838B2A}" = Catalyst Control Center Graphics Previews Common "{C4FFCD8D-3A06-E243-2747-2CE771A8B7D4}" = EA Download Manager UI "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update "{D4C41D27-A2D5-94C6-1D08-3D470A12EAF0}" = CCC Help Swedish "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{D9D6A848-1BFD-592B-5F9D-0BA8692FDF0B}" = CCC Help Finnish "{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DCD91C2F-3A86-B328-59A0-5EED6190D983}" = Catalyst Control Center Graphics Full Existing "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer "{E5F5CAA5-84ED-DE41-40D0-8926FE7E5F4D}" = Catalyst Control Center Graphics Light "{E6CE345D-BF83-1242-9E4D-3D60A5036D87}" = CCC Help English "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EC155897-712F-5637-A5DA-6C7CE7CB5521}" = CCC Help Korean "{F0580F64-44A1-C607-9364-887912B74F4D}" = CCC Help Thai "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup "{F3F9A4E5-CD9F-4657-CF99-5CE3F7729909}" = Catalyst Control Center Core Implementation "{F5B1D41A-05B9-98E2-C350-E69D4A444CB4}" = CCC Help Chinese Traditional "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool "{FCF0F615-6E70-B949-028F-88D32C55C2BC}" = CCC Help Dutch "AC3Filter_is1" = AC3Filter 1.63b "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AOL Toolbar" = Pasek narzędzi AOL 5.0 "ASIO4ALL" = ASIO4ALL "Ask Toolbar_is1" = Vuze Toolbar "Audacity_is1" = Audacity 1.2.6 "avast5" = avast! Free Antivirus "Bass Audio Decoder" = Bass Audio Decoder (remove only) "CD Audio Reader Filter" = CD Audio Reader Filter (remove only) "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "Chicken Invaders 2_is1" = Chicken Invaders 2 v2.61 "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI "DCoder Image Source" = DCoder Image Source (remove only) "Drumaxx" = Drumaxx "DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders "EA Download Manager" = EA Download Manager "ENTERPRISE" = Microsoft Office Enterprise 2007 "Gadu-Gadu" = Gadu-Gadu 7.7 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "GIF Movie Gear_is1" = GIF Movie Gear 4.2.3 "GOM Player" = GOM Player "Google Chrome" = Google Chrome "Hardcore" = Hardcore "HateML_is1" = HateML 1.1 build 05 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "IL Download Manager" = IL Download Manager "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "KLiteCodecPack_is1" = K-Lite Codec Pack 6.8.0 (Full) "Kurs Photoshop CS4 - Fotografia cyfrowa" = Kurs Photoshop CS4 - Fotografia cyfrowa "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MIKSOFT Mobile AMR converter_is1" = MIKSOFT Mobile AMR converter "MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only) "MoorHunt_is1" = MoorHunt 0.6.7.2 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NoteWorthy Composer" = NoteWorthy Composer "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "NSIS_wordwise" = WordWise Dictionary "OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only) "PhotoScape" = PhotoScape "PoiZone" = PoiZone "QUICKfind" = QUICKfind server v1.1 "RealMedia" = RealMedia (remove only) "Sakura" = Sakura "Sawer" = Sawer "Tlen.pl" = Tlen.pl "Toxic Biohazard" = Toxic Biohazard "WavePad" = WavePad Sound Editor "WildTangent hp Master Uninstall" = HP Games "Winamp" = Winamp "WinGimp-2.0_is1" = GIMP 2.6.5 "WinLiveSuite" = Podstawowe programy Windows Live "ZoomPlayer" = Zoom Player (remove only) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2370041813-287283787-2202013241-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Tlen.pl" = Tlen.pl "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > [/log] info.txt [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Monika at 2011-02-07 15:45:54 Microsoft Windows 7 Home Premium System drive C: has 313 GB (67%) free of 464 GB Total RAM: 4092 MB (56% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:46:11, on 2011-02-07 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Zoom Player\zplayer.exe C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE C:\Users\Monika\Desktop\Śmieci\RSIT.exe C:\Program Files (x86)\trend micro\Monika.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://search.conduit.com?SearchSource=10&ctid=CT2475029 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=94&bd=Pavilion&pf=cnnb R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:25560 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: 69.10.57.34 google.com O1 - Hosts: 69.10.57.34 google.com.au O1 - Hosts: 69.10.57.34 www.google.com.au O1 - Hosts: 69.10.57.34 google.be O1 - Hosts: 69.10.57.34 www.google.be O1 - Hosts: 69.10.57.34 google.com.br O1 - Hosts: 69.10.57.34 www.google.com.br O1 - Hosts: 69.10.57.34 google.ca O1 - Hosts: 69.10.57.34 www.google.ca O1 - Hosts: 69.10.57.34 google.ch O1 - Hosts: 69.10.57.34 www.google.ch O1 - Hosts: 69.10.57.34 google.de O1 - Hosts: 69.10.57.34 www.google.de O1 - Hosts: 69.10.57.34 google.dk O1 - Hosts: 69.10.57.34 www.google.dk O1 - Hosts: 69.10.57.34 google.fr O1 - Hosts: 69.10.57.34 www.google.fr O1 - Hosts: 69.10.57.34 google.ie O1 - Hosts: 69.10.57.34 www.google.ie O1 - Hosts: 69.10.57.34 google.it O1 - Hosts: 69.10.57.34 www.google.it O1 - Hosts: 69.10.57.34 google.co.jp O1 - Hosts: 69.10.57.34 www.google.co.jp O1 - Hosts: 69.10.57.34 google.nl O1 - Hosts: 69.10.57.34 www.google.nl O1 - Hosts: 69.10.57.34 google.no O1 - Hosts: 69.10.57.34 www.google.no O1 - Hosts: 69.10.57.34 google.co.nz O1 - Hosts: 69.10.57.34 www.google.co.nz O1 - Hosts: 69.10.57.34 google.pl O1 - Hosts: 69.10.57.34 www.google.pl O1 - Hosts: 69.10.57.34 google.se O1 - Hosts: 69.10.57.34 www.google.se O1 - Hosts: 69.10.57.34 google.co.uk O1 - Hosts: 69.10.57.34 google.co.za O1 - Hosts: 69.10.57.34 www.google.co.za O1 - Hosts: 69.10.57.34 www.bing.com O1 - Hosts: 69.10.57.34 search.yahoo.com O1 - Hosts: 69.10.57.34 www.search.yahoo.com O1 - Hosts: 69.10.57.34 uk.search.yahoo.com O1 - Hosts: 69.10.57.34 ca.search.yahoo.com O1 - Hosts: 69.10.57.34 de.search.yahoo.com O1 - Hosts: 69.10.57.34 fr.search.yahoo.com O1 - Hosts: 69.10.57.34 au.search.yahoo.com O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Pomocnik logowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O15 - Trusted Zone: http://apps.facebook.com O15 - Trusted Zone: http://www.gorskanatura.pl O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15757 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}] DigitalPersona Personal Extension - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-07-01 1256512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik logowania za pomocą identyfikatora Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-22 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}] QUICKfind BHO Object - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll [2007-02-16 457216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-10-28 42088] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304] "HPCam_Menu"=c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2009-02-25 218408] "DpAgent"=C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [2009-07-01 842816] "QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-08-20 322104] "UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] ""= [] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] "avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624] "WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-03-23 500792] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2007-10-19 286720] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392] "AdobeBridge"= [] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli DPPWDFLT [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "WallpaperStyle"=2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=2 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "DisallowRun"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger="svchost.exe ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2011-02-07 09:07:50 ----D---- C:\_OTL 2011-02-04 20:42:36 ----D---- C:\rsit 2011-02-04 11:11:23 ----D---- C:\Program Files (x86)\CASIO 2011-01-28 16:36:13 ----D---- C:\Users\Monika\AppData\Roaming\NCH Software 2011-01-28 16:35:55 ----D---- C:\Users\Monika\AppData\Roaming\NCH Swift Sound 2011-01-28 16:35:54 ----D---- C:\ProgramData\NCH Swift Sound 2011-01-28 16:35:48 ----D---- C:\Program Files (x86)\NCH Swift Sound 2011-01-25 21:23:42 ----D---- C:\Program Files (x86)\Pure Sudoku 2011-01-21 21:26:02 ----D---- C:\Users\Monika\AppData\Roaming\Media Player Classic 2011-01-21 21:25:08 ----A---- C:\Windows\SysWOW64\unrar.dll 2011-01-21 21:25:07 ----A---- C:\Windows\avisplitter.ini 2011-01-21 21:24:49 ----D---- C:\Program Files (x86)\K-Lite Codec Pack 2011-01-16 18:20:51 ----D---- C:\Users\Monika\AppData\Roaming\Malwarebytes 2011-01-16 18:20:44 ----A---- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys 2011-01-16 18:20:43 ----D---- C:\ProgramData\Malwarebytes 2011-01-16 18:20:40 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-01-16 17:55:51 ----D---- C:\Program Files (x86)\Trend Micro 2011-01-16 15:17:54 ----SHD---- C:\ProgramData\PIJGS 2011-01-16 15:15:48 ----SHD---- C:\ProgramData\eeab61 2011-01-12 16:11:06 ----A---- C:\Windows\SysWOW64\d3d10warp.dll 2011-01-12 16:11:04 ----A---- C:\Windows\SysWOW64\d2d1.dll 2011-01-12 16:11:03 ----A---- C:\Windows\SysWOW64\DWrite.dll 2011-01-12 16:11:02 ----A---- C:\Windows\SysWOW64\XpsPrint.dll 2011-01-12 16:11:00 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll 2011-01-12 16:11:00 ----A---- C:\Windows\SysWOW64\ExplorerFrame.dll 2011-01-12 16:11:00 ----A---- C:\Windows\SysWOW64\d3d10_1core.dll 2011-01-12 16:10:59 ----A---- C:\Windows\SysWOW64\XpsRasterService.dll 2011-01-12 16:10:59 ----A---- C:\Windows\SysWOW64\d3d10_1.dll 2011-01-12 16:10:36 ----A---- C:\Windows\SysWOW64\odbc32.dll ======List of files/folders modified in the last 1 months====== 2011-02-07 15:46:11 ----D---- C:\Windows\Temp 2011-02-07 14:20:31 ----D---- C:\Users\Monika\AppData\Roaming\Tlen.pl 2011-02-07 10:04:28 ----D---- C:\Windows\Microsoft.NET 2011-02-07 09:08:32 ----D---- C:\Windows\SysWOW64 2011-02-07 09:08:13 ----HD---- C:\ProgramData 2011-02-07 09:08:13 ----D---- C:\Windows\Tasks 2011-02-07 09:08:13 ----D---- C:\Program Files (x86) 2011-02-07 09:07:59 ----D---- C:\Program Files (x86)\ConduitEngine 2011-02-05 09:49:39 ----D---- C:\Windows\SysWOW64\drivers 2011-02-04 22:20:27 ----D---- C:\Windows 2011-02-04 20:19:44 ----D---- C:\Users\Monika\AppData\Roaming\Winamp 2011-02-04 20:19:40 ----D---- C:\Users\Monika\AppData\Roaming\Azureus 2011-02-04 20:10:10 ----D---- C:\Windows\debug 2011-02-04 20:04:33 ----RD---- C:\Program Files 2011-02-04 18:42:34 ----SHD---- C:\System Volume Information 2011-02-04 11:11:29 ----SHD---- C:\Windows\Installer 2011-02-04 11:10:31 ----D---- C:\Windows\Downloaded Installations 2011-02-03 20:18:45 ----D---- C:\Program Files (x86)\Tlen.pl 2011-02-01 14:52:04 ----D---- C:\Windows\winsxs 2011-01-29 14:12:00 ----D---- C:\Windows\System32 2011-01-29 14:12:00 ----D---- C:\Windows\inf 2011-01-29 10:04:34 ----D---- C:\Program Files (x86)\Google 2011-01-27 21:19:46 ----D---- C:\Windows\rescache 2011-01-21 21:24:55 ----D---- C:\Program Files (x86)\DScaler5 2011-01-21 21:24:04 ----D---- C:\Program Files (x86)\DirectVobSub 2011-01-21 21:23:59 ----D---- C:\Program Files (x86)\OpenSource Flash Video Splitter 2011-01-21 21:23:44 ----D---- C:\Program Files (x86)\SHOUTcast Source 2011-01-21 20:38:55 ----D---- C:\Program Files (x86)\Gabest MPEG Splitter 2011-01-18 18:05:34 ----D---- C:\Program Files (x86)\MoorHunt 2011-01-16 10:53:38 ----D---- C:\Program Files (x86)\Zoom Player 2011-01-16 09:13:04 ----A---- C:\ProgramData\HPWALog.txt 2011-01-13 16:36:01 ----D---- C:\ProgramData\Microsoft Help 2011-01-13 09:47:32 ----A---- C:\Windows\SysWOW64\aswBoot.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [] R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [] R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [] R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [] R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [] R3 BthEnum;Sterownik Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [] R3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [] R3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [] R3 btwaudio;Urz1dzenie dYwiekowe Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [] R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [] R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [] R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [] R3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [] R3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [] R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [] S1 fwdrv;Firewall Driver; C:\Windows\system32\drivers\fwdrv.sys [2005-03-21 270336] S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [] S3 ano28u0a;ano28u0a; C:\Windows\SysWOW64\drivers\ano28u0a.sys [] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [] S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [] S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 864032] R2 DpHost;@C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe [2009-07-01 322624] R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-11-15 126520] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [] R2 KPF4;Kerio Personal Firewall 4; C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe [2005-03-23 1941504] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728] R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [2009-07-22 240128] R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2009-07-12 1656112] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-10-14 751672] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-15 136176] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF----------------- [/log]
Tomek01 komentarz 7 lutego 2011 komentarz 7 lutego 2011 Te foldery możesz usunąć. W OTL wciśnij CleanUp, Nic więcej nie widać. A gdzie raport z Mbam ?
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.